Backend changes for Tay's ticket 17574 - Remove AddNameRequestForm fr… (

#2528) * Backend changes for Tay's ticket 17574 - Remove AddNameRequestForm from flow when logged in as staff/SBCstaff * Remove code complexity. * Fix lint * Remove user context. * Remove unused user_context. * reorder conditions.
bcgov · Sep 8, 2023 · d48cf77 · d48cf77
1 parent 52e2236
commit d48cf77
Showing 1 changed file with 18 additions and 10 deletions.
diff --git a/auth-api/src/auth_api/services/affiliation.py b/auth-api/src/auth_api/services/affiliation.py
@@ -1,4 +1,4 @@
-# Copyright © 2019 Province of British Columbia
+# Copyright © 2023 Province of British Columbia
 #
 # Licensed under the Apache License, Version 2.0 (the 'License');
 # you may not use this file except in compliance with the License.
@@ -186,13 +186,9 @@ def create_affiliation(org_id, business_identifier, pass_code=None, certified_by
         return Affiliation(affiliation)
 
     @staticmethod
-    @user_context
-    def is_authorized(entity: Entity, pass_code: str, **kwargs) -> bool:
+    def is_authorized(entity: Entity, pass_code: str) -> bool:
         """Return True if user is authorized to create an affiliation."""
-        user_from_context: UserContext = kwargs['user_context']
-        current_user: UserService = UserService.find_by_jwt_token(silent_mode=True)
-        if user_from_context.is_staff() or \
-           (current_user and MembershipModel.check_if_sbc_staff(current_user.identifier)):
+        if Affiliation.is_staff_or_sbc_staff():
             return True
         if entity.corp_type in ['SP', 'GP']:
             if not pass_code:
@@ -212,8 +208,8 @@ def create_new_business_affiliation(org_id,  # pylint: disable=too-many-argument
                                         bearer_token: str = None):
         """Initiate a new incorporation."""
         current_app.logger.info(f'<create_affiliation org_id:{org_id} business_identifier:{business_identifier}')
-
-        if not email and not phone:
+        user_is_staff = Affiliation.is_staff_or_sbc_staff()
+        if not user_is_staff and (not email and not phone):
             raise BusinessException(Error.NR_INVALID_CONTACT, None)
 
         # Validate if org_id is valid by calling Org Service.
@@ -245,7 +241,8 @@ def create_new_business_affiliation(org_id,  # pylint: disable=too-many-argument
             if status == NRStatus.CONDITIONAL.value and nr_json.get('consentFlag', None) not in (None, 'R', 'N'):
                 raise BusinessException(Error.NR_NOT_APPROVED, None)
 
-            if (phone and phone != nr_phone) or (email and email.casefold() != nr_email.casefold()):
+            if not user_is_staff and ((phone and phone != nr_phone) or
+                                      (email and email.casefold() != nr_email.casefold())):
                 raise BusinessException(Error.NR_INVALID_CONTACT, None)
 
             # Create an entity with the Name from NR if entity doesn't exist
@@ -485,3 +482,14 @@ def _validate_firms_party(token, business_identifier, party_name_str: str):
             if party_name_str.upper() == party_name.upper():
                 return True
         return False
+
+    @staticmethod
+    @user_context
+    def is_staff_or_sbc_staff(**kwargs):
+        """Return True if user is staff or sbc staff."""
+        user_from_context: UserContext = kwargs['user_context']
+        current_user: UserService = UserService.find_by_jwt_token(silent_mode=True)
+        if user_from_context.is_staff() or \
+           (current_user and MembershipModel.check_if_sbc_staff(current_user.identifier)):
+            return True
+        return False