Skip to content

Commit

Permalink
fix(api): update get-presentation-steps user access to campaign check
Browse files Browse the repository at this point in the history
  • Loading branch information
Jeyffrey authored Nov 14, 2024
1 parent 465ae56 commit f56980e
Show file tree
Hide file tree
Showing 4 changed files with 35 additions and 9 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ const getPresentationSteps = async function ({
locale,
badgeRepository,
campaignRepository,
campaignParticipationRepository,
learningContentRepository,
}) {
const campaign = await campaignRepository.getByCode(campaignCode);
Expand All @@ -15,11 +16,11 @@ const getPresentationSteps = async function ({
if (campaign.archivedAt) throw new ArchivedCampaignError();
if (campaign.deletedAt) throw new DeletedCampaignError();

const hasUserAccessToResult = await campaignRepository.checkIfUserOrganizationHasAccessToCampaign(
campaign.id,
const hasUserAccessToCampaign = await campaignParticipationRepository.findOneByCampaignIdAndUserId({
campaignId: campaign.id,
userId,
);
if (!hasUserAccessToResult)
});
if (!hasUserAccessToCampaign)
throw new UserNotAuthorizedToAccessEntityError('User does not have access to this campaign');

const campaignBadges = await badgeRepository.findByCampaignId(campaign.id);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -358,10 +358,9 @@ describe('Acceptance | API | Campaign Route', function () {
const userId = databaseBuilder.factory.buildUser().id;
const organization = databaseBuilder.factory.buildOrganization();

databaseBuilder.factory.buildMembership({
const organizationLearner = databaseBuilder.factory.buildOrganizationLearner({
userId,
organizationId: organization.id,
organizationRole: Membership.roles.MEMBER,
});

const targetProfile = databaseBuilder.factory.buildTargetProfile({ organizationId: organization.id });
Expand All @@ -381,6 +380,13 @@ describe('Acceptance | API | Campaign Route', function () {
campaignId: campaign.id,
skillId: learningContentObjects.competences[0].skillIds[0],
});

databaseBuilder.factory.buildCampaignParticipation({
userId,
campaignId: campaign.id,
organizationLearnerId: organizationLearner.id,
});

await databaseBuilder.commit();

// when
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,18 @@ describe('Integration | Campaign | UseCase | get-presentation-steps', function (

campaign = databaseBuilder.factory.buildCampaign({ targetProfileId });

user = databaseBuilder.factory.buildUser.withMembership({ organizationId: campaign.organizationId });
user = databaseBuilder.factory.buildUser();

const organizationLearner = databaseBuilder.factory.buildOrganizationLearner({
userId: user.id,
campaignId: campaign.id,
});

databaseBuilder.factory.buildCampaignParticipation({
userId: user.id,
campaignId: campaign.id,
organizationLearnerId: organizationLearner.id,
});

badges = [
databaseBuilder.factory.buildBadge({ targetProfileId }),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ const { FRENCH_SPOKEN } = LOCALE;
describe('Unit | Domain | Use Cases | get-presentation-steps', function () {
let badgeRepository;
let campaignRepository;
let campaignParticipationRepository;
let learningContentRepository;

const locale = FRENCH_SPOKEN;
Expand All @@ -23,6 +24,9 @@ describe('Unit | Domain | Use Cases | get-presentation-steps', function () {
getByCode: sinon.stub(),
checkIfUserOrganizationHasAccessToCampaign: sinon.stub(),
};
campaignParticipationRepository = {
findOneByCampaignIdAndUserId: sinon.stub(),
};
learningContentRepository = { findByCampaignId: sinon.stub() };
});

Expand Down Expand Up @@ -75,14 +79,15 @@ describe('Unit | Domain | Use Cases | get-presentation-steps', function () {
const campaignId = Symbol('campaign-id');

campaignRepository.getByCode.withArgs(campaignCode).resolves({ id: campaignId });
campaignRepository.checkIfUserOrganizationHasAccessToCampaign.withArgs(campaignId, userId).resolves(false);
campaignParticipationRepository.findOneByCampaignIdAndUserId.withArgs({ campaignId, userId }).resolves(null);

// when
const error = await catchErr(getPresentationSteps)({
userId,
campaignCode,
locale,
campaignRepository,
campaignParticipationRepository,
badgeRepository,
learningContentRepository,
});
Expand All @@ -98,14 +103,17 @@ describe('Unit | Domain | Use Cases | get-presentation-steps', function () {
const campaignId = Symbol('campaign-id');

campaignRepository.getByCode.withArgs(campaignCode).resolves({ id: campaignId });
campaignRepository.checkIfUserOrganizationHasAccessToCampaign.withArgs(campaignId, userId).resolves(true);
campaignParticipationRepository.findOneByCampaignIdAndUserId
.withArgs({ campaignId, userId })
.resolves(Symbol('a campaign participation'));

// when
await getPresentationSteps({
userId,
campaignCode,
locale,
campaignRepository,
campaignParticipationRepository,
badgeRepository,
learningContentRepository,
});
Expand Down

0 comments on commit f56980e

Please sign in to comment.