Remove getUserRoles as an api call and add as decoded from the token

server/data/manageUsersApiClient.test.ts

@@ -34,16 +34,4 @@ describe('manageUsersApiClient', () => {
       expect(output).toEqual(response)
     })
   })
-
-  describe('getUserRoles', () => {
-    it('should return data from api', async () => {
-      fakeManageUsersApiClient
-        .get('/users/me/roles')
-        .matchHeader('authorization', `Bearer ${token.access_token}`)
-        .reply(200, [{ roleCode: 'role1' }, { roleCode: 'role2' }])
-
-      const output = await manageUsersApiClient.getUserRoles(token.access_token)
-      expect(output).toEqual(['role1', 'role2'])
-    })
-  })
 })

server/data/manageUsersApiClient.ts

@@ -28,10 +28,4 @@ export default class ManageUsersApiClient {
     logger.info('Getting user details: calling HMPPS Manage Users Api')
     return ManageUsersApiClient.restClient(token).get<User>({ path: '/users/me' })
   }
-
-  getUserRoles(token: string): Promise<string[]> {
-    return ManageUsersApiClient.restClient(token)
-      .get<UserRole[]>({ path: '/users/me/roles' })
-      .then(roles => roles.map(role => role.roleCode))
-  }
 }

server/services/userService.test.ts

@@ -1,10 +1,9 @@
 import UserService from './userService'
 import ManageUsersApiClient, { type User } from '../data/manageUsersApiClient'
+import createUserToken from '../testutils/createUserToken'
 
 jest.mock('../data/manageUsersApiClient')
 
-const token = 'some token'
-
 describe('User service', () => {
   let manageUsersApiClient: jest.Mocked<ManageUsersApiClient>
   let userService: UserService
@@ -16,14 +15,25 @@ describe('User service', () => {
     })
 
     it('Retrieves and formats user name', async () => {
+      const token = createUserToken([])
       manageUsersApiClient.getUser.mockResolvedValue({ name: 'john smith' } as User)
 
       const result = await userService.getUser(token)
 
       expect(result.displayName).toEqual('John Smith')
     })
 
+    it('Retrieves and formats roles', async () => {
+      const token = createUserToken(['ROLE_ONE', 'ROLE_TWO'])
+      manageUsersApiClient.getUser.mockResolvedValue({ name: 'john smith' } as User)
+
+      const result = await userService.getUser(token)
+
+      expect(result.roles).toEqual(['ONE', 'TWO'])
+    })
+
     it('Propagates error', async () => {
+      const token = createUserToken([])
       manageUsersApiClient.getUser.mockRejectedValue(new Error('some error'))
 
       await expect(userService.getUser(token)).rejects.toEqual(new Error('some error'))

server/services/userService.ts

@@ -1,16 +1,23 @@
+import { jwtDecode } from 'jwt-decode'
 import { convertToTitleCase } from '../utils/utils'
 import type { User } from '../data/manageUsersApiClient'
 import ManageUsersApiClient from '../data/manageUsersApiClient'
 
 export interface UserDetails extends User {
   displayName: string
+  roles: string[]
 }
 
 export default class UserService {
   constructor(private readonly manageUsersApiClient: ManageUsersApiClient) {}
 
   async getUser(token: string): Promise<UserDetails> {
     const user = await this.manageUsersApiClient.getUser(token)
-    return { ...user, displayName: convertToTitleCase(user.name) }
+    return { ...user, roles: this.getUserRoles(token), displayName: convertToTitleCase(user.name) }
+  }
+
+  getUserRoles(token: string): string[] {
+    const { authorities: roles = [] } = jwtDecode(token) as { authorities?: string[] }
+    return roles.map(role => role.substring(role.indexOf('_') + 1))
   }
 }

server/testutils/createUserToken.ts

@@ -0,0 +1,14 @@
+import jwt from 'jsonwebtoken'
+
+export default function createUserToken(authorities: string[]) {
+  const payload = {
+    user_name: 'user1',
+    scope: ['read', 'write'],
+    auth_source: 'nomis',
+    authorities,
+    jti: 'a610a10-cca6-41db-985f-e87efb303aaf',
+    client_id: 'clientid',
+  }
+
+  return jwt.sign(payload, 'secret', { expiresIn: '1h' })
+}