Merge branch 'main' into feat/default-scopes

island-is · Oct 18, 2024 · 8e3a9d0 · 8e3a9d0
2 parents 17df3b8 + 1972eb3
commit 8e3a9d0
Show file tree

Hide file tree

Showing 57 changed files with 1,006 additions and 337 deletions.
diff --git a/apps/judicial-system/api/src/app/modules/auth/auth.controller.ts b/apps/judicial-system/api/src/app/modules/auth/auth.controller.ts
@@ -256,16 +256,16 @@ export class AuthController {
             ? PRISON_CASES_ROUTE
             : CASES_ROUTE,
       }
-    } else {
-      const defender = await this.authService.findDefender(authUser.nationalId)
-
-      if (defender) {
-        return {
-          userId: defender.id,
-          userNationalId: defender.nationalId,
-          jwtToken: this.sharedAuthService.signJwt(defender, csrfToken),
-          redirectRoute: requestedRedirectRoute ?? DEFENDER_CASES_ROUTE,
-        }
+    }
+
+    const defender = await this.authService.findDefender(authUser.nationalId)
+
+    if (defender) {
+      return {
+        userId: defender.id,
+        userNationalId: defender.nationalId,
+        jwtToken: this.sharedAuthService.signJwt(defender, csrfToken),
+        redirectRoute: requestedRedirectRoute ?? DEFENDER_CASES_ROUTE,
       }
     }
 

diff --git a/apps/judicial-system/backend/src/app/modules/case/filters/case.filter.ts b/apps/judicial-system/backend/src/app/modules/case/filters/case.filter.ts
@@ -1,5 +1,4 @@
 import { normalizeAndFormatNationalId } from '@island.is/judicial-system/formatters'
-import type { User } from '@island.is/judicial-system/types'
 import {
   CaseAppealState,
   CaseDecision,
@@ -20,16 +19,18 @@ import {
   isRequestCase,
   isRestrictionCase,
   RequestSharedWithDefender,
+  type User,
   UserRole,
 } from '@island.is/judicial-system/types'
 
+import { CivilClaimant, Defendant } from '../../defendant'
 import { Case } from '../models/case.model'
 import { DateLog } from '../models/dateLog.model'
 
 const canProsecutionUserAccessCase = (
   theCase: Case,
   user: User,
-  forUpdate = true,
+  forUpdate: boolean,
 ): boolean => {
   // Check case type access
   if (user.role !== UserRole.PROSECUTOR && !isIndictmentCase(theCase.type)) {
@@ -196,7 +197,7 @@ const canAppealsCourtUserAccessCase = (theCase: Case): boolean => {
 
 const canPrisonStaffUserAccessCase = (
   theCase: Case,
-  forUpdate = true,
+  forUpdate: boolean,
 ): boolean => {
   // Prison staff users cannot update cases
   if (forUpdate) {
@@ -234,7 +235,7 @@ const canPrisonStaffUserAccessCase = (
 
 const canPrisonAdminUserAccessCase = (
   theCase: Case,
-  forUpdate = true,
+  forUpdate: boolean,
 ): boolean => {
   // Prison admin users cannot update cases
   if (forUpdate) {
@@ -306,29 +307,27 @@ const canPrisonAdminUserAccessCase = (
   return true
 }
 
-const canDefenceUserAccessCase = (theCase: Case, user: User): boolean => {
+const canDefenceUserAccessRequestCase = (
+  theCase: Case,
+  user: User,
+): boolean => {
   // Check case state access
   if (
     ![
       CaseState.SUBMITTED,
-      CaseState.WAITING_FOR_CANCELLATION,
       CaseState.RECEIVED,
       CaseState.ACCEPTED,
       CaseState.REJECTED,
       CaseState.DISMISSED,
-      CaseState.COMPLETED,
     ].includes(theCase.state)
   ) {
     return false
   }
 
-  const arraignmentDate = DateLog.arraignmentDate(theCase.dateLogs)
-
   // Check submitted case access
   const canDefenderAccessSubmittedCase =
-    isRequestCase(theCase.type) &&
     theCase.requestSharedWithDefender ===
-      RequestSharedWithDefender.READY_FOR_COURT
+    RequestSharedWithDefender.READY_FOR_COURT
 
   if (
     theCase.state === CaseState.SUBMITTED &&
@@ -338,50 +337,94 @@ const canDefenceUserAccessCase = (theCase: Case, user: User): boolean => {
   }
 
   // Check received case access
-  if (theCase.state === CaseState.RECEIVED) {
-    const canDefenderAccessReceivedCase =
-      isIndictmentCase(theCase.type) ||
-      canDefenderAccessSubmittedCase ||
-      Boolean(arraignmentDate)
+  const canDefenderAccessReceivedCase =
+    canDefenderAccessSubmittedCase ||
+    Boolean(DateLog.arraignmentDate(theCase.dateLogs))
 
-    if (!canDefenderAccessReceivedCase) {
-      return false
-    }
+  if (theCase.state === CaseState.RECEIVED && !canDefenderAccessReceivedCase) {
+    return false
   }
 
   const normalizedAndFormattedNationalId = normalizeAndFormatNationalId(
     user.nationalId,
   )
 
-  // Check case defender access
+  // Check case defender assignment
+  if (
+    theCase.defenderNationalId &&
+    normalizedAndFormattedNationalId.includes(theCase.defenderNationalId)
+  ) {
+    return true
+  }
+
+  return false
+}
+
+const canDefenceUserAccessIndictmentCase = (
+  theCase: Case,
+  user: User,
+  forUpdate: boolean,
+): boolean => {
+  // Check case state access
+  if (
+    ![
+      CaseState.WAITING_FOR_CANCELLATION,
+      CaseState.RECEIVED,
+      CaseState.COMPLETED,
+    ].includes(theCase.state)
+  ) {
+    return false
+  }
+
+  // Check received case access
+  const canDefenderAccessReceivedCase = Boolean(
+    DateLog.arraignmentDate(theCase.dateLogs),
+  )
+
+  if (theCase.state === CaseState.RECEIVED && !canDefenderAccessReceivedCase) {
+    return false
+  }
+
+  // Check case defender assignment
+  if (Defendant.isDefenderOfDefendant(user.nationalId, theCase.defendants)) {
+    return true
+  }
+
+  // Check case spokesperson assignment
+  if (
+    CivilClaimant.isSpokespersonOfCivilClaimant(
+      user.nationalId,
+      theCase.civilClaimants,
+    ) &&
+    !forUpdate
+  ) {
+    return true
+  }
+
+  return false
+}
+
+const canDefenceUserAccessCase = (
+  theCase: Case,
+  user: User,
+  forUpdate: boolean,
+): boolean => {
+  if (isRequestCase(theCase.type)) {
+    return canDefenceUserAccessRequestCase(theCase, user)
+  }
+
   if (isIndictmentCase(theCase.type)) {
-    if (
-      !theCase.defendants?.some(
-        (defendant) =>
-          defendant.defenderNationalId &&
-          normalizedAndFormattedNationalId.includes(
-            defendant.defenderNationalId,
-          ),
-      )
-    ) {
-      return false
-    }
-  } else {
-    if (
-      !theCase.defenderNationalId ||
-      !normalizedAndFormattedNationalId.includes(theCase.defenderNationalId)
-    ) {
-      return false
-    }
+    return canDefenceUserAccessIndictmentCase(theCase, user, forUpdate)
   }
 
-  return true
+  // Other cases are not accessible to defence users
+  return false
 }
 
 export const canUserAccessCase = (
   theCase: Case,
   user: User,
-  forUpdate = true,
+  forUpdate: boolean,
 ): boolean => {
   if (isProsecutionUser(user)) {
     return canProsecutionUserAccessCase(theCase, user, forUpdate)
@@ -404,7 +447,7 @@ export const canUserAccessCase = (
   }
 
   if (isDefenceUser(user)) {
-    return canDefenceUserAccessCase(theCase, user)
+    return canDefenceUserAccessCase(theCase, user, forUpdate)
   }
 
   if (isPublicProsecutorUser(user)) {

diff --git a/apps/judicial-system/backend/src/app/modules/case/filters/cases.filter.ts b/apps/judicial-system/backend/src/app/modules/case/filters/cases.filter.ts
@@ -277,13 +277,26 @@ const getDefenceUserCasesQueryFilter = (user: User): WhereOptions => {
               ],
             },
             {
-              id: {
-                [Op.in]: Sequelize.literal(`
-                (SELECT case_id
-                  FROM defendant
-                  WHERE defender_national_id in ('${normalizedNationalId}', '${formattedNationalId}'))
-              `),
-              },
+              [Op.or]: [
+                {
+                  id: {
+                    [Op.in]: Sequelize.literal(`
+                      (SELECT case_id
+                        FROM defendant
+                        WHERE defender_national_id in ('${normalizedNationalId}', '${formattedNationalId}'))
+                    `),
+                  },
+                },
+                {
+                  id: {
+                    [Op.in]: Sequelize.literal(`
+                      (SELECT case_id
+                        FROM civil_claimant
+                        WHERE has_spokesperson = true AND spokesperson_national_id in ('${normalizedNationalId}', '${formattedNationalId}'))
+                    `),
+                  },
+                },
+              ],
             },
           ],
         },

diff --git a/apps/judicial-system/backend/src/app/modules/case/filters/test/cases.filter.spec.ts b/apps/judicial-system/backend/src/app/modules/case/filters/test/cases.filter.spec.ts
@@ -453,13 +453,26 @@ describe('getCasesQueryFilter', () => {
                   ],
                 },
                 {
-                  id: {
-                    [Op.in]: Sequelize.literal(`
-                (SELECT case_id
-                  FROM defendant
-                  WHERE defender_national_id in ('${user.nationalId}', '${user.nationalId}'))
-              `),
-                  },
+                  [Op.or]: [
+                    {
+                      id: {
+                        [Op.in]: Sequelize.literal(`
+                      (SELECT case_id
+                        FROM defendant
+                        WHERE defender_national_id in ('${user.nationalId}', '${user.nationalId}'))
+                    `),
+                      },
+                    },
+                    {
+                      id: {
+                        [Op.in]: Sequelize.literal(`
+                      (SELECT case_id
+                        FROM civil_claimant
+                        WHERE has_spokesperson = true AND spokesperson_national_id in ('${user.nationalId}', '${user.nationalId}'))
+                    `),
+                      },
+                    },
+                  ],
                 },
               ],
             },