Merge pull request #1994 from bcgov/hotfix/ALCS-2396

trslater · web-flow · commit abd1303c860c · 2024-11-21T10:42:36.000-08:00
HOTFIX: allow all roles but commissioner to fetch tags
diff --git a/services/apps/alcs/src/alcs/tag/tag-category/tag-category.controller.ts b/services/apps/alcs/src/alcs/tag/tag-category/tag-category.controller.ts
@@ -3,7 +3,7 @@ import { ApiOAuth2 } from '@nestjs/swagger';
 import * as config from 'config';
 import { RolesGuard } from '../../../common/authorization/roles-guard.service';
 import { UserRoles } from '../../../common/authorization/roles.decorator';
-import { AUTH_ROLE } from '../../../common/authorization/roles';
+import { ANY_ROLE_BUT_COMMISSIONER, AUTH_ROLE } from '../../../common/authorization/roles';
 import { TagCategoryDto } from './tag-category.dto';
 import { TagCategoryService } from './tag-category.service';
 
@@ -14,7 +14,7 @@ export class TagCategoryController {
   constructor(private service: TagCategoryService) {}
 
   @Get('')
-  @UserRoles(AUTH_ROLE.ADMIN)
+  @UserRoles(...ANY_ROLE_BUT_COMMISSIONER)
   async fetch(
     @Query('pageIndex') pageIndex: number,
     @Query('itemsPerPage') itemsPerPage: number,
diff --git a/services/apps/alcs/src/alcs/tag/tag.controller.ts b/services/apps/alcs/src/alcs/tag/tag.controller.ts
@@ -4,7 +4,7 @@ import * as config from 'config';
 import { RolesGuard } from '../../common/authorization/roles-guard.service';
 import { UserRoles } from '../../common/authorization/roles.decorator';
 import { TagService } from './tag.service';
-import { AUTH_ROLE } from '../../common/authorization/roles';
+import { ANY_ROLE_BUT_COMMISSIONER, AUTH_ROLE } from '../../common/authorization/roles';
 import { TagDto } from './tag.dto';
 
 @Controller('tag')
@@ -14,7 +14,7 @@ export class TagController {
   constructor(private service: TagService) {}
 
   @Get('')
-  @UserRoles(AUTH_ROLE.ADMIN)
+  @UserRoles(...ANY_ROLE_BUT_COMMISSIONER)
   async fetch(
     @Query('pageIndex') pageIndex: number,
     @Query('itemsPerPage') itemsPerPage: number,
diff --git a/services/apps/alcs/src/common/authorization/roles.ts b/services/apps/alcs/src/common/authorization/roles.ts
@@ -18,12 +18,7 @@ export const ROLES_ALLOWED_APPLICATIONS = [
 ];
 
 export const ROLES_ALLOWED_BOARDS = ROLES_ALLOWED_APPLICATIONS;
-export const ROLES_ALLOWED_ARCHIVE = [
-  AUTH_ROLE.ADMIN,
-  AUTH_ROLE.APP_SPECIALIST,
-];
+export const ROLES_ALLOWED_ARCHIVE = [AUTH_ROLE.ADMIN, AUTH_ROLE.APP_SPECIALIST];
 export const ANY_AUTH_ROLE = Object.values(AUTH_ROLE);
-export const ROLES_ALLOWED_SEARCH = [
-  ...ROLES_ALLOWED_APPLICATIONS,
-  AUTH_ROLE.COMMISSIONER,
-];
+export const ROLES_ALLOWED_SEARCH = [...ROLES_ALLOWED_APPLICATIONS, AUTH_ROLE.COMMISSIONER];
+export const ANY_ROLE_BUT_COMMISSIONER = Object.values(AUTH_ROLE).filter((role) => role !== AUTH_ROLE.COMMISSIONER);
