chore(j-s): Access for prisons to appeal rulings

[oddsson]

Access for prisons to appeal rulings

Asana

What

Enable prison users to see appeal rulings

Why

This was recently removed and turns out, prisons actually need to be able to see appeal rulings.

Screenshots / Gifs

Checklist:

• I have performed a self-review of my own code
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• Formatting passes locally with my changes
• I have rebased against main before asking for a review

Summary by CodeRabbit

• New Features

  • Introduced a new user type check for prison staff, allowing access to specific case file categories.
  • Added a new category for prison staff case file access, enhancing user permissions.

• Bug Fixes

  • Updated logic to ensure proper access control for prison staff and admin users when viewing case files.

• Tests

  • Reorganized and clarified test cases for user roles, ensuring accurate permissions are enforced for prison admin and prison users.

[coderabbitai]

Walkthrough

The changes introduce a new user type check for prison staff in the case file access logic, specifically allowing access to certain case file categories for users identified as prison staff. A new constant is defined for prison staff case file categories, and the access logic is adjusted to accommodate this new user type. Additionally, the test cases have been reorganized to reflect the distinction between prison admin users and prison users, ensuring clarity in permissions related to case file access.

Changes

File	Change Summary
apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts	Introduced a new constant prisonStaffCaseFileCategories for prison staff access, modified access logic for case files.
apps/judicial-system/backend/src/app/modules/file/guards/test/limitedAccessViewCaseFileGuard.spec.ts	Reorganized test cases to differentiate between "prison admin users" and "prison users," updating logic and descriptions accordingly.

Possibly related PRs

• fix(j-s): Defender Case File Access #15070: Modifies access logic for case files based on user roles, relevant to the new user type check for isPrisonStaffUser.
• chore(j-s): Remove cover letter case file #15269: Involves modifications to caseFileCategory.ts, specifically related to case file categories, aligning with updates made in the main PR.
• fix(j-s): Allow prison system users to see rulings #15935: Expands prisonAdminCaseFileCategories to include CaseFileCategory.RULING, related to changes introducing new categories for prison staff case file access.

Suggested labels

automerge

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  -- I pushed a fix in commit <commit_id>, please review it.
  -- Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  -- @coderabbitai generate unit testing code for this file.
  -- @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  -- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  -- @coderabbitai read src/utils.ts and generate unit testing code.
  -- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  -- @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

Outside diff range and nitpick comments (1)

apps/judicial-system/backend/src/app/modules/file/guards/test/limitedAccessViewCaseFileGuard.spec.ts (1)

Line range hint 216-307: LGTM! Well-structured tests for prison admin users.

The tests for prison admin users are comprehensive and well-organized. They cover various scenarios across different case types, states, and file categories, aligning with the PR objectives.

A minor suggestion for improvement:

Consider extracting the allowedCaseFileCategories array to a constant at the top of the file or in a separate constants file. This would make it easier to maintain and reuse across different test cases if needed.

const PRISON_ADMIN_ALLOWED_CATEGORIES = [
  CaseFileCategory.APPEAL_RULING,
  CaseFileCategory.RULING,
];

Then use this constant in your tests:

describe.each(PRISON_ADMIN_ALLOWED_CATEGORIES)(
  'prison admin users can view %s',
  (category) => {
  // ... rest of the test
}

Tools

Biome

[error] 287-295: Disallow duplicate setup and teardown hooks.

Disallow beforeEach duplicacy inside the describe function.

(lint/suspicious/noDuplicateTestHooks)

---

[error] 348-356: Disallow duplicate setup and teardown hooks.

Disallow beforeEach duplicacy inside the describe function.

(lint/suspicious/noDuplicateTestHooks)

---

[error] 377-385: Disallow duplicate setup and teardown hooks.

Disallow beforeEach duplicacy inside the describe function.

(lint/suspicious/noDuplicateTestHooks)

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between e9c1d7c and b8774ed.

Files selected for processing (2)

• apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts (3 hunks)
• apps/judicial-system/backend/src/app/modules/file/guards/test/limitedAccessViewCaseFileGuard.spec.ts (4 hunks)

Additional context used

Path-based instructions (2)

apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts (1)

Pattern apps/**/*: "Confirm that the code adheres to the following:

• NextJS best practices, including file structure, API routes, and static generation methods.
• Efficient state management and server-side rendering techniques.
• Optimal use of TypeScript for component and utility type safety."

apps/judicial-system/backend/src/app/modules/file/guards/test/limitedAccessViewCaseFileGuard.spec.ts (1)

Pattern apps/**/*: "Confirm that the code adheres to the following:

• NextJS best practices, including file structure, API routes, and static generation methods.
• Efficient state management and server-side rendering techniques.
• Optimal use of TypeScript for component and utility type safety."

Biome

apps/judicial-system/backend/src/app/modules/file/guards/test/limitedAccessViewCaseFileGuard.spec.ts

[error] 287-295: Disallow duplicate setup and teardown hooks.

Disallow beforeEach duplicacy inside the describe function.

(lint/suspicious/noDuplicateTestHooks)

---

[error] 348-356: Disallow duplicate setup and teardown hooks.

Disallow beforeEach duplicacy inside the describe function.

(lint/suspicious/noDuplicateTestHooks)

Additional comments not posted (3)

apps/judicial-system/backend/src/app/modules/file/guards/test/limitedAccessViewCaseFileGuard.spec.ts (1)

Line range hint 216-307: LGTM! Comprehensive and well-structured tests.

The overall structure and completeness of the tests are excellent. They cover various scenarios for different user roles, case types, states, and file categories. The additions for prison admin users and prison users are consistent with existing test patterns and thoroughly test the access rights.

The changes successfully meet the PR objectives by:

1. Restoring the ability for prison users to view appeal rulings.
2. Differentiating between prison admin users and regular prison users.
3. Ensuring that access is properly restricted based on user roles and case states.

These tests provide good coverage and should help prevent future regressions in access control for different user roles.

Tools

Biome

[error] 287-295: Disallow duplicate setup and teardown hooks.

Disallow beforeEach duplicacy inside the describe function.

(lint/suspicious/noDuplicateTestHooks)

---

[error] 348-356: Disallow duplicate setup and teardown hooks.

Disallow beforeEach duplicacy inside the describe function.

(lint/suspicious/noDuplicateTestHooks)

---

[error] 377-385: Disallow duplicate setup and teardown hooks.

Disallow beforeEach duplicacy inside the describe function.

(lint/suspicious/noDuplicateTestHooks)

apps/judicial-system/backend/src/app/modules/file/guards/caseFileCategory.ts (2)

43-43: Verify intentional overlap of 'APPEAL_RULING' in case file categories

CaseFileCategory.APPEAL_RULING appears in both prisonStaffCaseFileCategories and prisonAdminCaseFileCategories. Please confirm that this overlap is intentional and aligns with the required access permissions.

---

46-46: ⚠️ Potential issue

Fix typo in function name 'canLimitedAcccessUserViewCaseFile'

The function name canLimitedAcccessUserViewCaseFile has an extra 'c' in "Access". Please correct the spelling to canLimitedAccessUserViewCaseFile.

Apply this diff to fix the typo:

-export const canLimitedAcccessUserViewCaseFile = (
+export const canLimitedAccessUserViewCaseFile = (

Likely invalid or redundant comment.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 36.71%. Comparing base (c7efccb) to head (de87980).
Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #16138   +/-   ##
=======================================
  Coverage   36.70%   36.71%           
=======================================
  Files        6761     6761           
  Lines      139077   139076    -1     
  Branches    39501    39500    -1     
=======================================
+ Hits        51054    51060    +6     
+ Misses      88023    88016    -7     

Flag	Coverage Δ
judicial-system-backend	54.80% <100.00%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
...nd/src/app/modules/file/guards/caseFileCategory.ts	96.55% <100.00%> (+0.71%)	⬆️

... and 4 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c7efccb...de87980. Read the comment docs.

[datadog-island-is]

Datadog Report

All test runs 2924126 🔗

✅ 2 Total Test Services: 0 Failed, 2 Passed
➡️ Test Sessions change in coverage: 3 no change

Test Services

Service Name	Failed	Known Flaky	New Flaky	Passed	Skipped	Total Time	Code Coverage Change	Test Service View
api	0	0	0	4	0	2.64s	1 no change	Link
judicial-system-backend	0	0	0	21220	0	20m 8.22s	1 no change	Link

[gudjong]

Nice