From ec1c63516c55b557d3a76018c0390f0ff9c3ab9a Mon Sep 17 00:00:00 2001 From: Andrew Boni Signori <61259237+andrewsignori-aot@users.noreply.github.com> Date: Wed, 13 Nov 2024 15:58:03 -0800 Subject: [PATCH] #3896 - Mask Institution User Income View (#3932) - Masked the `totalFamilyIncome` following the same approach used to mask the MSFAA. - Masked only for public institutions. - The method used to format the money in the NOA UI when it is a number has no issues with the "masked" string. ![image](https://github.com/user-attachments/assets/9ae48b52-d619-442a-82cf-65db7a9c20c1) ### Sample UI with the masked value ![image](https://github.com/user-attachments/assets/d6eaf9c7-c568-44a2-b7ce-0c1cbeb58781) --- ...tions.controller.getAssessmentNOA.e2e-spec.ts | 10 ++++++++-- .../assessment/assessment.aest.controller.ts | 1 + .../assessment/assessment.controller.service.ts | 13 ++++++++++++- .../assessment/assessment.students.controller.ts | 1 + .../assessment/models/assessment.dto.ts | 16 +++++++++++++++- .../student-assessment.constants.ts | 1 + 6 files changed, 38 insertions(+), 4 deletions(-) diff --git a/sources/packages/backend/apps/api/src/route-controllers/assessment/_tests_/e2e/assessment.institutions.controller.getAssessmentNOA.e2e-spec.ts b/sources/packages/backend/apps/api/src/route-controllers/assessment/_tests_/e2e/assessment.institutions.controller.getAssessmentNOA.e2e-spec.ts index 6d3fc85ff1..19faa892ec 100644 --- a/sources/packages/backend/apps/api/src/route-controllers/assessment/_tests_/e2e/assessment.institutions.controller.getAssessmentNOA.e2e-spec.ts +++ b/sources/packages/backend/apps/api/src/route-controllers/assessment/_tests_/e2e/assessment.institutions.controller.getAssessmentNOA.e2e-spec.ts @@ -106,7 +106,10 @@ describe("AssessmentInstitutionsController(e2e)-getAssessmentNOA", () => { applicationId: application.id, applicationNumber: application.applicationNumber, applicationStatus: application.applicationStatus, - assessment: assessment.assessmentData, + assessment: { + ...assessment.assessmentData, + totalFamilyIncome: "XXXXX", + }, disbursement: { disbursement1COEStatus: firstDisbursementSchedule.coeStatus, disbursement1Date: getDateOnlyFullMonthFormat( @@ -210,7 +213,10 @@ describe("AssessmentInstitutionsController(e2e)-getAssessmentNOA", () => { applicationId: application.id, applicationNumber: application.applicationNumber, applicationStatus: application.applicationStatus, - assessment: assessment.assessmentData, + assessment: { + ...assessment.assessmentData, + totalFamilyIncome: "XXXXX", + }, disbursement: { disbursement1COEStatus: firstDisbursementSchedule.coeStatus, disbursement1Date: getDateOnlyFullMonthFormat( diff --git a/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.aest.controller.ts b/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.aest.controller.ts index 1c94fe314c..a15f57cfdd 100644 --- a/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.aest.controller.ts +++ b/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.aest.controller.ts @@ -106,6 +106,7 @@ export class AssessmentAESTController extends BaseController { ): Promise { return this.assessmentControllerService.getAssessmentNOA(assessmentId, { maskMSFAA: false, + maskTotalFamilyIncome: false, }); } diff --git a/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.controller.service.ts b/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.controller.service.ts index bd99e413ec..3b1823c36e 100644 --- a/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.controller.service.ts +++ b/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.controller.service.ts @@ -26,6 +26,7 @@ import { ApplicationExceptionService, MASKED_MSFAA_NUMBER, ApplicationOfferingChangeRequestService, + MASKED_MONEY_AMOUNT, } from "../../services"; import { AssessmentNOAAPIOutDTO, @@ -34,6 +35,7 @@ import { RequestAssessmentTypeAPIOutDTO, AssessmentHistorySummaryAPIOutDTO, DynamicAwardValue, + AssessmentAPIOutDTO, } from "./models/assessment.dto"; import { getUserFullName } from "../../utilities"; import { getDateOnlyFormat, getDateOnlyFullMonthFormat } from "@sims/utilities"; @@ -63,6 +65,8 @@ export class AssessmentControllerService { * - `studentId` optional student for authorization when needed. * - `applicationId` application id, * - `maskMSFAA` mask MSFAA or not. + * - `maskTotalFamilyIncome` mask total family income resulted + * from the assessment calculations. Defaults to true if not provided. * @returns notice of assessment data. */ async getAssessmentNOA( @@ -71,8 +75,10 @@ export class AssessmentControllerService { studentId?: number; applicationId?: number; maskMSFAA?: boolean; + maskTotalFamilyIncome?: boolean; }, ): Promise { + const maskTotalFamilyIncome = options?.maskTotalFamilyIncome ?? true; const assessment = await this.assessmentService.getAssessmentForNOA( assessmentId, { studentId: options?.studentId, applicationId: options?.applicationId }, @@ -88,8 +94,13 @@ export class AssessmentControllerService { ); } + const assessmentDTO: AssessmentAPIOutDTO = assessment.assessmentData; + if (maskTotalFamilyIncome) { + assessmentDTO.totalFamilyIncome = MASKED_MONEY_AMOUNT; + } + return { - assessment: assessment.assessmentData, + assessment: assessmentDTO, applicationId: assessment.application.id, noaApprovalStatus: assessment.noaApprovalStatus, applicationStatus: assessment.application.applicationStatus, diff --git a/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.students.controller.ts b/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.students.controller.ts index e3247a4bb5..9594d46d13 100644 --- a/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.students.controller.ts +++ b/sources/packages/backend/apps/api/src/route-controllers/assessment/assessment.students.controller.ts @@ -66,6 +66,7 @@ export class AssessmentStudentsController extends BaseController { return this.assessmentControllerService.getAssessmentNOA(assessmentId, { studentId: userToken.studentId, maskMSFAA: false, + maskTotalFamilyIncome: false, }); } diff --git a/sources/packages/backend/apps/api/src/route-controllers/assessment/models/assessment.dto.ts b/sources/packages/backend/apps/api/src/route-controllers/assessment/models/assessment.dto.ts index 4faf848aca..363a07220e 100644 --- a/sources/packages/backend/apps/api/src/route-controllers/assessment/models/assessment.dto.ts +++ b/sources/packages/backend/apps/api/src/route-controllers/assessment/models/assessment.dto.ts @@ -71,6 +71,20 @@ export class AssessmentHistorySummaryAPIOutDTO { hasUnsuccessfulWeeks?: boolean; } +/** + * Assessment calculations output with possible + * adjustments for API output DTO. + */ +export type AssessmentAPIOutDTO = Omit & { + /** + * Total family income to be considered. + * Users without proper access should see only a masked value. + * This property overrides the original type to allow to keep + * the property as number and also as a string, when a mask is required. + */ + totalFamilyIncome: number | string; +}; + export class AssessmentNOAAPIOutDTO { @ApiProperty({ description: @@ -78,7 +92,7 @@ export class AssessmentNOAAPIOutDTO { "Contains data that could represent a part-time or a full-time assessment. " + "Part-time and full-time will have some common and some specific properties for each payload.", }) - assessment: Assessment; + assessment: AssessmentAPIOutDTO; applicationId: number; applicationNumber: string; applicationCurrentAssessmentId: number; diff --git a/sources/packages/backend/apps/api/src/services/student-assessment/student-assessment.constants.ts b/sources/packages/backend/apps/api/src/services/student-assessment/student-assessment.constants.ts index 6d85ad02b9..5c1f1c9a62 100644 --- a/sources/packages/backend/apps/api/src/services/student-assessment/student-assessment.constants.ts +++ b/sources/packages/backend/apps/api/src/services/student-assessment/student-assessment.constants.ts @@ -3,3 +3,4 @@ export const ASSESSMENT_NOT_FOUND = "ASSESSMENT_NOT_FOUND"; export const ASSESSMENT_INVALID_OPERATION_IN_THE_CURRENT_STATE = "ASSESSMENT_INVALID_OPERATION_IN_THE_CURRENT_STATE"; export const MASKED_MSFAA_NUMBER = "XXXXXXXXXX"; +export const MASKED_MONEY_AMOUNT = "XXXXX";