Merge pull request #3384 from bcgov/NDT-402-files-in-test-dont-download

fix: add cbc_admin role to allowed download of attachments
bcgov · Jun 26, 2024 · f0b9058 · f0b9058
2 parents 599d7c3 + f717fb6
commit f0b9058
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 13 deletions.
diff --git a/app/backend/lib/s3download.ts b/app/backend/lib/s3download.ts
@@ -23,14 +23,16 @@ s3download.get('/api/s3/download/:uuid/:fileName', async (req, res) => {
   const isRoleAuthorized =
     authRole?.pgRole === 'ccbc_admin' ||
     authRole?.pgRole === 'ccbc_analyst' ||
-    authRole?.pgRole === 'ccbc_auth_user';
+    authRole?.pgRole === 'ccbc_auth_user' ||
+    authRole?.pgRole === 'cbc_admin';
 
   if (!isRoleAuthorized || !uuid || !fileName) {
     return res.status(404).end();
   }
   if (
     authRole?.pgRole === 'ccbc_admin' ||
-    authRole?.pgRole === 'ccbc_analyst'
+    authRole?.pgRole === 'ccbc_analyst' ||
+    authRole?.pgRole === 'cbc_admin'
   ) {
     // first check AV tag
     // only for admin and analyst

diff --git a/app/tests/backend/lib/s3download.test.ts b/app/tests/backend/lib/s3download.test.ts
@@ -14,23 +14,23 @@ jest.mock('../../../utils/getAuthRole');
 
 jest.mock('../../../backend/lib/s3client', () => {
   return {
-    s3ClientV3: jest.fn().mockImplementation(() =>{}), 
-    getFileFromS3: (uuid, filename )=> {
+    s3ClientV3: jest.fn().mockImplementation(() => {}),
+    getFileFromS3: (uuid, filename) => {
       if (filename === 'error') {
         return Promise.reject(new Error('oops'));
-      }  
-      return new Promise((resolve)=>{ 
-        resolve({uuid});
+      }
+      return new Promise((resolve) => {
+        resolve({ uuid });
       });
     },
-    getFileTagging: () => { 
+    getFileTagging: () => {
       return new Promise((resolve) => {
         resolve({
           TagSet: [{ Key: 'av-status', Value: 'clean' }],
         });
       });
     },
-  }
+  };
 });
 
 jest.setTimeout(10000000);
@@ -62,24 +62,35 @@ describe('The s3 download', () => {
         pgRole: 'ccbc_auth_user',
         landingRoute: '/',
       };
-    }); 
+    });
 
     const response = await request(app).get('/api/s3/download/test/test');
     expect(response.status).toBe(200);
   });
-
+
+  it('should receive the correct response for cbc_admin user', async () => {
+    mocked(getAuthRole).mockImplementation(() => {
+      return {
+        pgRole: 'cbc_admin',
+        landingRoute: '/',
+      };
+    });
+
+    const response = await request(app).get('/api/s3/download/test/test');
+    expect(response.status).toBe(200);
+  });
+
   it('should receive the correct response for auth user and error', async () => {
     mocked(getAuthRole).mockImplementation(() => {
       return {
         pgRole: 'ccbc_auth_user',
         landingRoute: '/',
       };
-    }); 
+    });
 
     const response = await request(app).get('/api/s3/download/test/error');
     expect(response.status).toBe(500);
   });
 
-
   jest.resetAllMocks();
 });