Skip to content

Commit

Permalink
Track 210 - Update restrictions for Status and Issues editing permiss…
Browse files Browse the repository at this point in the history
…ions (#2432)

Responsible EPD, Team Lead, and active Team Co-Lead can edit all
sections of Status and Issues tabs. Limit Team members editing
permissions to unapproved updates only.

Includes updates to docker-composes, logging.conf, and package-lock.json
  • Loading branch information
Marilynn-Stone authored Nov 13, 2024
1 parent 54b29c9 commit e8e8500
Show file tree
Hide file tree
Showing 10 changed files with 116 additions and 14 deletions.
4 changes: 2 additions & 2 deletions epictrack-api/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ services:
links:
- eao-reports-api-db
ports:
- '3002:8080'
- '3200:8080'
environment:
- JWT_OIDC_ISSUER:${JWT_OIDC_ISSUER}
- JWT_OIDC_WELL_KNOWN_CONFIG:${JWT_OIDC_WELL_KNOWN_CONFIG}
Expand All @@ -48,7 +48,7 @@ services:

networks:
- eao-network


networks:
eao-network:
Expand Down
File renamed without changes.
28 changes: 28 additions & 0 deletions epictrack-web/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import React from "react";
import { Button, Grid } from "@mui/material";
import { WorkIssue } from "../../../../models/Issue";
import { WorkStaffRole, WorkStaffRoleNames } from "../../../../models/role";
import { ETCaption1, ETHeading4, ETParagraph, GrayBox } from "../../../shared";
import moment from "moment";
import { ETChip } from "../../../shared/chip/ETChip";
Expand All @@ -14,18 +15,32 @@ import IssueHistory from "./IssueHistory";
import {
MONTH_DAY_YEAR,
ROLES,
SPECIAL_FIELDS,
} from "../../../../constants/application-constant";
import { Restricted } from "../../../shared/restricted";
import { useAppSelector } from "hooks";
import { WorkplanContext } from "components/workPlan/WorkPlanContext";
import { WorkplanContext } from "../../WorkPlanContext";

const IssueDetails = ({ issue }: { issue: WorkIssue }) => {
const latestUpdate = issue.updates[0];
const CheckCircleIcon: React.FC<IconProps> = icons["CheckCircleIcon"];
const PencilEditIcon: React.FC<IconProps> = icons["PencilEditIcon"];
const AddIcon: React.FC<IconProps> = icons["AddIcon"];

// These are used in conjunction with /restricted/index.tsx for permission control.
const { team } = React.useContext(WorkplanContext);
const activeTeam = team?.filter((member) => member.is_active);
const { email } = useAppSelector((state) => state.user.userDetail);
const isTeamMember = team?.some((member) => member.staff.email === email);
const rolesArray = [
ROLES.RESPONSIBLE_EPD,
ROLES.TEAM_LEAD,
ROLES.TEAM_CO_LEAD,
];
const userHasRole = activeTeam?.some(
(member) =>
member.staff.email === email && rolesArray.includes(member.role.name)
);

const {
setEditIssueUpdateFormIsOpen,
Expand All @@ -37,9 +52,6 @@ const IssueDetails = ({ issue }: { issue: WorkIssue }) => {
setNewIssueUpdateFormIsOpen,
} = React.useContext(IssuesContext);

const { email } = useAppSelector((state) => state.user.userDetail);
const isTeamMember = team?.some((member) => member.staff.email === email);

const handleApproveIssue = () => {
approveIssue(issue.id, latestUpdate.id);
setIssueToApproveId(null);
Expand Down Expand Up @@ -154,8 +166,10 @@ const IssueDetails = ({ issue }: { issue: WorkIssue }) => {
allowed={[
latestUpdate.is_approved ? ROLES.EXTENDED_EDIT : ROLES.EDIT,
]}
exception={!latestUpdate.is_approved && isTeamMember}
errorProps={{ disabled: true }}
exception={
(!latestUpdate.is_approved && isTeamMember) || userHasRole
}
>
<Button
data-cy="edit-issue-update-button"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,26 @@ import {
} from "../../../../../constants/application-constant";
import { Restricted } from "../../../../shared/restricted";
import { EmptyIssueHistory } from "./EmptyIssueHistory";
import { WorkplanContext } from "../../../WorkPlanContext";
import { useAppSelector } from "hooks";

const IssueHistory = ({ issue }: { issue: WorkIssue }) => {
const theme = useTheme();

// These are used in conjunction with /restricted/index.tsx for permission control.
const { team } = React.useContext(WorkplanContext);
const activeTeam = team?.filter((member) => member.is_active);
const { email } = useAppSelector((state) => state.user.userDetail);
const rolesArray = [
ROLES.RESPONSIBLE_EPD,
ROLES.TEAM_LEAD,
ROLES.TEAM_CO_LEAD,
];
const userHasRole = activeTeam?.some(
(member) =>
member.staff.email === email && rolesArray.includes(member.role.name)
);

const { setUpdateToEdit, setEditIssueUpdateFormIsOpen } =
useContext(IssuesContext);

Expand Down Expand Up @@ -95,6 +112,7 @@ const IssueHistory = ({ issue }: { issue: WorkIssue }) => {
<Restricted
allowed={[ROLES.EXTENDED_EDIT]}
errorProps={{ disabled: true }}
exception={userHasRole}
>
<Button
data-cy="edit-history-update-button"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,21 @@ import { useAppSelector } from "hooks";
const IssueSummary = ({ issue }: { issue: WorkIssue }) => {
const { setEditIssueFormIsOpen, setIssueToEdit } =
React.useContext(IssuesContext);

// These are used in conjunction with /restricted/index.tsx for permission control.
const { team } = React.useContext(WorkplanContext);
const activeTeam = team?.filter((member) => member.is_active);
const { email } = useAppSelector((state) => state.user.userDetail);
const isTeamMember = team?.some((member) => member.staff.email === email);
const rolesArray = [
ROLES.RESPONSIBLE_EPD,
ROLES.TEAM_LEAD,
ROLES.TEAM_CO_LEAD,
];
const userHasRole = activeTeam?.some(
(member) =>
member.staff.email === email && rolesArray.includes(member.role.name)
);

const EditIcon: React.FC<IconProps> = icons["PencilEditIcon"];
return (
Expand Down Expand Up @@ -66,9 +78,9 @@ const IssueSummary = ({ issue }: { issue: WorkIssue }) => {
<Grid item xs={"auto"} container justifyContent={"flex-end"}>
<AccordionSummaryItem title="Actions" enableTooltip={true}>
<Restricted
allowed={[ROLES.EDIT]}
allowed={[ROLES.EXTENDED_EDIT]}
errorProps={{ disabled: true }}
exception={isTeamMember}
exception={userHasRole}
>
<Button
variant="text"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,21 @@ const RecentStatus = () => {
setStatus,
setShowApproveStatusDialog,
} = React.useContext(StatusContext);

// These are used in conjunction with /restricted/index.tsx for permission control.
const { team } = React.useContext(WorkplanContext);
const activeTeam = team?.filter((member) => member.is_active);
const { email } = useAppSelector((state) => state.user.userDetail);
const isTeamMember = team?.some((member) => member.staff.email === email);
const rolesArray = [
ROLES.RESPONSIBLE_EPD,
ROLES.TEAM_LEAD,
ROLES.TEAM_CO_LEAD,
];
const userHasRole = activeTeam?.some(
(member) =>
member.staff.email === email && rolesArray.includes(member.role.name)
);

return (
<GrayBox
Expand Down Expand Up @@ -137,7 +149,7 @@ const RecentStatus = () => {
<Restricted
allowed={[statuses[0].is_approved ? ROLES.EXTENDED_EDIT : ROLES.EDIT]}
errorProps={{ disabled: true }}
exception={!statuses[0].is_approved && isTeamMember}
exception={(!statuses[0].is_approved && isTeamMember) || userHasRole}
>
<Button
startIcon={<PencilEditIcon />}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import { Box, Button, Collapse, Grid, useTheme } from "@mui/material";
import { StatusContext } from "../../StatusContext";
import { Restricted } from "../../../../shared/restricted";
import { EmptyStatusHistory } from "./EmptyStatusHistory";
import { useAppSelector } from "hooks";

const ExpandIcon: React.FC<IconProps> = Icons["ExpandIcon"];
const PencilEditIcon: React.FC<IconProps> = Icons["PencilEditIcon"];
Expand All @@ -34,14 +35,26 @@ const StatusHistory = () => {
const { setShowStatusForm, setStatus } = useContext(StatusContext);
const [expand, setExpand] = useState(false);
const theme = useTheme();

const approvedStatuses = statuses.filter(
(status) => status.is_approved && status.id != statuses?.[0]?.id
);
const highlightFirstInTimeLineApproved = !statuses?.[0]?.is_approved;

const SHOW_MORE_THRESHOLD = 3;

// These are used in conjunction with /restricted/index.tsx for permission control.
const { team } = React.useContext(WorkplanContext);
const activeTeam = team?.filter((member) => member.is_active);
const { email } = useAppSelector((state) => state.user.userDetail);
const rolesArray = [
ROLES.RESPONSIBLE_EPD,
ROLES.TEAM_LEAD,
ROLES.TEAM_CO_LEAD,
];
const userHasRole = activeTeam?.some(
(member) =>
member.staff.email === email && rolesArray.includes(member.role.name)
);

if (approvedStatuses.length === 0) {
return <EmptyStatusHistory />;
}
Expand Down Expand Up @@ -83,6 +96,7 @@ const StatusHistory = () => {
<Restricted
allowed={[ROLES.EXTENDED_EDIT]}
errorProps={{ disabled: true }}
exception={userHasRole}
>
<Button
variant="text"
Expand Down
6 changes: 5 additions & 1 deletion epictrack-web/src/constants/application-constant.ts
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,9 @@ export const ROLES = {
DEFAULT_ROLES_EAO_EPIC: "default-roles-eao-epic",
MANAGE_USERS: "manage_users",
EXTENDED_EDIT: "extended_edit",
RESPONSIBLE_EPD: "Responsible EPD",
TEAM_LEAD: "Team Lead",
TEAM_CO_LEAD: "Team Co-Lead",
};

export enum SpecialFieldEntityEnum {
Expand All @@ -123,7 +126,8 @@ export const SPECIAL_FIELDS = Object.freeze({
},
WORK: {
RESPONSIBLE_EPD: "responsible_epd_id",
WORK_LEAD: "work_lead_id",
TEAM_LEAD: "team_lead_id",
TEAM_CO_LEAD: "team_co_lead_id",
},
});

Expand Down
2 changes: 1 addition & 1 deletion epictrack-web/src/services/userService/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ const initKeycloak = async (dispatch: Dispatch<AnyAction>) => {
KeycloakData.tokenParsed?.resource_access?.[AppConfig.keycloak.clientId]
?.roles ?? [];
const roles = [...realmAccessRoles, ...clientLevelRoles];
console.log("My Roles:", roles);

const userDetail = new UserDetail(
userInfo["sub"],
userInfo["preferred_username"],
Expand Down

0 comments on commit e8e8500

Please sign in to comment.