feat: #1425 add backend endpoint checks for bceid user accept terms and conditions

bcgov / nr-forests-access-management

Authorization solution for BC natural resource sector

Apache License 2.0

8 stars 2 forks source link

feat: #1425 add backend endpoint checks for bceid user accept terms and conditions #1463

Closed ianliuwk1019 closed 3 months ago

ianliuwk1019 commented 3 months ago

Coded CURRENT_TERMS_AND_CONDITIONS_VERSION at backend as version "1" and use it in apis and checks.
Added 'is_delegated_admin' and 'requires_accept_tc' as custom attributes in Requester schema.
RouterGuard adjustment for Requester for joined loading information from 'fam_access_control_privilege' and 'fam_user_terms_conditions'
Added 'enforce_bceid_terms_conditions_guard' for backend api endpoints.
Fixed affected tests due to new 'enforce_bceid_terms_conditions_guard' checks for endpoints.
Generated new api client.

MCatherine1994 commented 3 months ago

Hi Ian, it looks good, thanks so much! Just one thing, I wonder since we already have the requester.is_delegated_admin, maybe we don't need this check anymore, to check if is external delegated admin, we could just use requester.user_type_code and requester.is_delegated_admin? so we can delete that is_requester_external_delegated_admin method

ianliuwk1019 commented 3 months ago

Hi Ian, it looks good, thanks so much! Just one thing, I wonder since we already have the requester.is_delegated_admin, maybe we don't need this check anymore, to check if is external delegated admin, we could just use requester.user_type_code and requester.is_delegated_admin? so we can delete that is_requester_external_delegated_admin method

Thanks for the find! I missed that one. Will do the adjustment.

sonarcloud[bot] commented 3 months ago

Quality Gate passed for 'nr-forests-access-management_admin'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud