fix(services-auth-admin-api): Fix delegation settings (#15968)

* Fix admin api scope added delegation type update to only update requested type. * chore: nx format:write update dirty files --------- Co-authored-by: andes-it <[email protected]>
island-is · Sep 12, 2024 · 1f2c759 · 1f2c759
1 parent 22c7fd7
commit 1f2c759
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 4 deletions.
diff --git a/apps/services/auth/admin-api/src/app/v2/scopes/test/me-scopes.spec.ts b/apps/services/auth/admin-api/src/app/v2/scopes/test/me-scopes.spec.ts
@@ -11,6 +11,7 @@ import {
   TranslatedValueDto,
   ApiScopeDelegationType,
   AdminPatchScopeDto,
+  ApiScope,
 } from '@island.is/auth-api-lib'
 import { FixtureFactory } from '@island.is/services/auth/testing'
 import {
@@ -763,6 +764,7 @@ describe('MeScopesController', () => {
     let app: TestApp
     let server: request.SuperTest<request.Test>
     let apiScopeDelegationTypeModel: typeof ApiScopeDelegationType
+    let fixtureFactory: FixtureFactory
 
     beforeAll(async () => {
       app = await setupApp({
@@ -772,6 +774,7 @@ describe('MeScopesController', () => {
         dbType: 'postgres',
       })
       server = request(app.getHttpServer())
+      fixtureFactory = new FixtureFactory(app)
 
       apiScopeDelegationTypeModel = await app.get(
         getModelToken(ApiScopeDelegationType),
@@ -886,6 +889,59 @@ describe('MeScopesController', () => {
         },
       })
     })
+
+    it('should only update requested delegation setting fields', async () => {
+      // Arrange
+      // Create new subject under testing test data to control initial state of delegation settings.
+      const sutScope = await fixtureFactory.createApiScope({
+        domainName: TENANT_ID,
+        allowExplicitDelegationGrant: true,
+        supportedDelegationTypes: [AuthDelegationType.Custom],
+      })
+
+      // Act - Update partially delegation setting
+      const response = await server
+        .patch(
+          `/v2/me/tenants/${TENANT_ID}/scopes/${encodeURIComponent(
+            sutScope.name,
+          )}`,
+        )
+        .send({
+          addedDelegationTypes: [AuthDelegationType.ProcurationHolder],
+        })
+
+      // Assert that we only updated requested delegation setting fields
+      expect(response.status).toEqual(200)
+      expect(response.body).toMatchObject({
+        ...sutScope.toDTO(),
+        displayName: [
+          {
+            locale: 'is',
+            value: sutScope.displayName,
+          },
+        ],
+        description: [
+          {
+            locale: 'is',
+            value: sutScope.description,
+          },
+        ],
+        grantToProcuringHolders: true,
+        supportedDelegationTypes: expect.arrayContaining([
+          AuthDelegationType.Custom,
+          AuthDelegationType.ProcurationHolder,
+        ]),
+      } as AdminScopeDTO)
+      const apiScopeDelegationTypes = await apiScopeDelegationTypeModel.findAll(
+        {
+          where: {
+            apiScopeName: sutScope.name,
+          },
+        },
+      )
+
+      expect(apiScopeDelegationTypes).toHaveLength(2)
+    })
   })
 
   describe('POST: /v2/me/tenants/:tenantId/scopes', () => {

diff --git a/libs/auth-api-lib/src/lib/resources/admin/admin-scope.service.ts b/libs/auth-api-lib/src/lib/resources/admin/admin-scope.service.ts
@@ -480,10 +480,14 @@ export class AdminScopeService {
     ) {
       await this.apiScope.update(
         {
-          grantToLegalGuardians,
-          grantToPersonalRepresentatives,
-          grantToProcuringHolders,
-          allowExplicitDelegationGrant,
+          ...(grantToLegalGuardians ? { grantToLegalGuardians } : {}),
+          ...(grantToPersonalRepresentatives
+            ? { grantToPersonalRepresentatives }
+            : {}),
+          ...(grantToProcuringHolders ? { grantToProcuringHolders } : {}),
+          ...(allowExplicitDelegationGrant
+            ? { allowExplicitDelegationGrant }
+            : {}),
         },
         {
           transaction,