Bugfix for missing taskId (#267)

Altinn · Jun 26, 2023 · 6e09641 · 6e09641
1 parent b60e7ad
commit 6e09641
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 2 deletions.
diff --git a/src/Altinn.App.Api/Controllers/ProcessController.cs b/src/Altinn.App.Api/Controllers/ProcessController.cs
@@ -276,7 +276,7 @@ public async Task<ActionResult<AppProcessState>> NextElement(
 
                 bool authorized;
                 string checkedAction = EnsureActionNotTaskType(processNext?.Action ?? altinnTaskType);
-                authorized = await AuthorizeAction(checkedAction, org, app, instanceOwnerPartyId, instanceGuid);
+                authorized = await AuthorizeAction(checkedAction, org, app, instanceOwnerPartyId, instanceGuid, instance.Process.CurrentTask?.ElementId);
 
                 if (!authorized)
                 {
@@ -372,7 +372,7 @@ public async Task<ActionResult<AppProcessState>> CompleteProcess(
             {
                 string altinnTaskType = EnsureActionNotTaskType(instance.Process.CurrentTask?.AltinnTaskType);
 
-                bool authorized = await AuthorizeAction(altinnTaskType, org, app, instanceOwnerPartyId, instanceGuid);
+                bool authorized = await AuthorizeAction(altinnTaskType, org, app, instanceOwnerPartyId, instanceGuid, instance.Process.CurrentTask?.ElementId);
                 if (!authorized)
                 {
                     return Forbid();

diff --git a/src/Altinn.App.Core/Features/Action/UniqueSignatureAuthorizer.cs b/src/Altinn.App.Core/Features/Action/UniqueSignatureAuthorizer.cs
@@ -38,6 +38,10 @@ public UniqueSignatureAuthorizer(IProcessReader processReader, IInstanceClient i
     /// <inheritdoc />
     public async Task<bool> AuthorizeAction(UserActionAuthorizerContext context)
     {
+        if (context.TaskId == null)
+        {
+            return true;
+        }
         var flowElement = _processReader.GetFlowElement(context.TaskId) as ProcessTask;
         if (flowElement?.ExtensionElements?.TaskExtension?.SignatureConfiguration?.UniqueFromSignaturesInDataTypes.Count > 0)
         {

diff --git a/test/Altinn.App.Core.Tests/Features/Action/UniqueSignatureAuthorizerTests.cs b/test/Altinn.App.Core.Tests/Features/Action/UniqueSignatureAuthorizerTests.cs
@@ -172,6 +172,37 @@ public async Task AuthorizeAction_returns_false_if_same_user_has_signed_previous
         result.Should().BeFalse();
     }
 
+    [Fact]
+    public async Task AuthorizeAction_returns_true_if_taskID_is_null()
+    {
+        ProcessElement processTask = new ProcessTask()
+        {
+            ExtensionElements = new()
+            {
+                TaskExtension = new()
+                {
+                    SignatureConfiguration = new()
+                    {
+                        UniqueFromSignaturesInDataTypes = new()
+                        {
+                            "signature"
+                        }
+                    }
+                }
+            }
+        };
+        UniqueSignatureAuthorizer authorizer = CreateUniqueSignatureAuthorizer(processTask);
+        var user = new ClaimsPrincipal(new ClaimsIdentity(new List<Claim>()
+        {
+            new(AltinnCoreClaimTypes.UserId, "1337"),
+            new(AltinnCoreClaimTypes.AuthenticationLevel, "2"),
+            new(AltinnCoreClaimTypes.Org, "tdd")
+        }));
+
+        bool result = await authorizer.AuthorizeAction(new UserActionAuthorizerContext(user, new InstanceIdentifier("500001/abba2e90-f86f-4881-b0e8-38334408bcb4"), null, "sign"));
+        result.Should().BeTrue();
+    }
+
     [Fact]
     public async Task AuthorizeAction_returns_true_if_dataelement_not_of_type_SignDocument()
     {