fix(ids-api): Filter delegated national registry scopes by delegation…

… types. (#17354) * Filter delegated national registry scopes by delegation types. * Fix tests. --------- Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
island-is · Jan 2, 2025 · c114057 · c114057
1 parent c47d9c4
commit c114057
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 6 deletions.
diff --git a/apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts b/apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts
@@ -19,13 +19,15 @@ const domainName = faker.random.word()
 const identityResources = ['id1', 'id2']
 
 const legalGuardianScopes = ['lg1', 'lg2']
+const legalGuardianMinorScopes = ['lgm1', 'lgm2']
 const procurationHolderScopes = ['ph1', 'ph2']
 const customScopes1 = ['cu1', 'cu2']
 const customScopes2 = ['cu3', 'cu4']
 const legalRepresentativeScopes = ['lr1', 'lr2']
 
 const apiScopes = [
   ...legalGuardianScopes,
+  ...legalGuardianMinorScopes,
   ...procurationHolderScopes,
   ...customScopes1,
   ...customScopes2,
@@ -44,6 +46,9 @@ const supportedDelegationTypes = (scopeName: string): AuthDelegationType[] => {
   if (legalGuardianScopes.includes(scopeName)) {
     result.push(AuthDelegationType.LegalGuardian)
   }
+  if (legalGuardianMinorScopes.includes(scopeName)) {
+    result.push(AuthDelegationType.LegalGuardianMinor)
+  }
   if (procurationHolderScopes.includes(scopeName)) {
     result.push(AuthDelegationType.ProcurationHolder)
   }
@@ -108,6 +113,18 @@ const testCases: Record<string, TestCase> = {
     delegationType: [AuthDelegationType.LegalRepresentative],
     expected: [...legalRepresentativeScopes, ...identityResources],
   },
+  '8': {
+    fromNationalId: createNationalId('person'),
+    delegationType: [
+      AuthDelegationType.LegalGuardian,
+      AuthDelegationType.LegalGuardianMinor,
+    ],
+    expected: [
+      ...legalGuardianScopes,
+      ...legalGuardianMinorScopes,
+      ...identityResources,
+    ],
+  },
 }
 
 const user = createCurrentUser({

diff --git a/.../services/auth/public-api/src/app/modules/delegations/actorDelegations.controller.spec.ts b/.../services/auth/public-api/src/app/modules/delegations/actorDelegations.controller.spec.ts
@@ -793,7 +793,10 @@ describe('ActorDelegationsController', () => {
               await clientDelegationTypeModel.destroy({
                 where: {
                   clientId: client.clientId,
-                  delegationType: AuthDelegationType.LegalGuardian,
+                  delegationType: [
+                    AuthDelegationType.LegalGuardian,
+                    AuthDelegationType.LegalGuardianMinor,
+                  ],
                 },
               })
 

diff --git a/libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts b/libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts
@@ -3,9 +3,9 @@ import { ConfigType } from '@nestjs/config'
 import { InjectModel } from '@nestjs/sequelize'
 import addDays from 'date-fns/addDays'
 import startOfDay from 'date-fns/startOfDay'
+import * as kennitala from 'kennitala'
 import { Op, Transaction } from 'sequelize'
 import { uuid } from 'uuidv4'
-import * as kennitala from 'kennitala'
 
 import { SyslumennService } from '@island.is/clients/syslumenn'
 import { logger } from '@island.is/logging'
@@ -21,16 +21,16 @@ import { ApiScope } from '../resources/models/api-scope.model'
 import { IdentityResource } from '../resources/models/identity-resource.model'
 import { DelegationProviderService } from './delegation-provider.service'
 import { DelegationConfig } from './DelegationConfig'
+import { ApiScopeInfo } from './delegations-incoming.service'
 import { DelegationsIndexService } from './delegations-index.service'
 import { UpdateDelegationScopeDTO } from './dto/delegation-scope.dto'
 import { DelegationDelegationType } from './models/delegation-delegation-type.model'
 import { DelegationScope } from './models/delegation-scope.model'
 import { DelegationTypeModel } from './models/delegation-type.model'
 import { Delegation } from './models/delegation.model'
-import { ApiScopeInfo } from './delegations-incoming.service'
+import filterByCustomScopeRule from './utils/filterByScopeCustomScopeRule'
 
 import type { User } from '@island.is/auth-nest-tools'
-import filterByCustomScopeRule from './utils/filterByScopeCustomScopeRule'
 
 @Injectable()
 export class DelegationScopeService {
@@ -238,7 +238,9 @@ export class DelegationScopeService {
       )
   }
 
-  private async findAllNationalRegistryScopes(): Promise<string[]> {
+  private async findAllNationalRegistryScopes(
+    delegationTypes: string[],
+  ): Promise<string[]> {
     const apiScopes = await this.apiScopeModel.findAll({
       include: [
         {
@@ -249,6 +251,7 @@ export class DelegationScopeService {
               model: DelegationTypeModel,
               where: {
                 provider: AuthDelegationProvider.NationalRegistry,
+                id: delegationTypes,
               },
             },
           ],
@@ -416,7 +419,7 @@ export class DelegationScopeService {
       await this.delegationProviderService.findProviders(delegationTypes)
 
     if (providers.includes(AuthDelegationProvider.NationalRegistry)) {
-      scopePromises.push(this.findAllNationalRegistryScopes())
+      scopePromises.push(this.findAllNationalRegistryScopes(delegationTypes))
     }
 
     if (providers.includes(AuthDelegationProvider.CompanyRegistry)) {

diff --git a/libs/services/auth/testing/src/fixtures/fixture-factory.ts b/libs/services/auth/testing/src/fixtures/fixture-factory.ts
@@ -316,6 +316,7 @@ export class FixtureFactory {
       case AuthDelegationType.Custom:
         return AuthDelegationProvider.Custom
       case AuthDelegationType.LegalGuardian:
+      case AuthDelegationType.LegalGuardianMinor:
         return AuthDelegationProvider.NationalRegistry
       case AuthDelegationType.ProcurationHolder:
         return AuthDelegationProvider.CompanyRegistry