refactor: Authenticated Pages and Layouts

[bryan-robitaille]

Summary | Résumé

Merged #4968 into this PR.

Updates the following libs to use authorizations helper from @lib/privileges

• Invitations
• Security Questions
• App Settings
• Users
• Flags Cache

Adds AuthenticatedAction to:

• Profile
• Security Questions
• Manage Form Access
• Settings Management
• Flag Management
• Permission Management

Moves AccessControlError from @lib/auth/index.ts barrel file to own @lib/auth/errors. This was required due to the complex module mocking behavior required by Jest in out tests.

And now for the 'piece de resistance'... Presenting the wonderfully complex

AuthenticatedPage and AuthenticatedLayout

The AuthenticatedPage and AuthenticatedLayout provide wrapper functionality on NextJS pages and layouts that verifies if a user has an existing session and if they have authorization to view the page or sub-pages under the layout.

AuthenticatedPage

Function signatures:

const page = async ({params, searchParams}) => {
const {locale, session} = await params;
return <> Boop Boop </>;
}
const authorizations = [
authorization.canViewAllForms
];

AuthenticatedPage<params>(page);
AuthenticatedPage<params>(authorizations, page);

The param signature type passed into AuthenticatedPage becomes a union type with {locale: string, session: Session} on the param property.

AuthenticatedLayout

Function signatures:

const layout = async ({children, params}) => {
const {locale, session} = await params;
return <> {children} </>;
}
const authorizations = [
authorization.hasAdministrativePrivileges
];

AuthenticatedLayout<params>(layout);
AuthenticatedLayout<params>(authorizations, layout);

The param signature type passed into AuthenticatedLayout becomes a union type with {locale: string, session: Session} on the param property.

Test instructions | Instructions pour tester la modification

Smoke test everything... lol

Unresolved questions / Out of scope | Questions non résolues ou hors sujet

Passing in authorizations that require a variable, like a form ID, to AuthenticatedPage and AuthenticatedLayout is currently out of scope.

Pull Request Checklist

Please complete the following items in the checklist before you request a review:

• Have you completely tested the functionality of change introduced in this PR? Is the PR solving the problem it's meant to solve within the scope of the related issue?
• The PR does not introduce any new issues such as failed tests, console warnings or new bugs.
• If this PR adds a package have you ensured its licensed correctly and does not add additional security issues?
• Is the code clean, readable and maintainable? Is it easy to understand and comprehend.
• Does your code have adequate comprehensible comments? Do new functions have docstrings?
• Have you modified the change log and updated any relevant documentation?
• Is there adequate test coverage? Both unit tests and end-to-end tests where applicable?
• If your PR is touching any UI is it accessible? Have you tested it with a screen reader? Have you tested it with automated testing tools such as axe?

[github-actions]

🧪 Review environment

https://vo3mbst2ves7qqjpgo7nkdykj40vzdqf.lambda-url.ca-central-1.on.aws/