diff --git a/src/Altinn.App.Api/Controllers/ProcessController.cs b/src/Altinn.App.Api/Controllers/ProcessController.cs index 90904fcd0..9f9eb47c6 100644 --- a/src/Altinn.App.Api/Controllers/ProcessController.cs +++ b/src/Altinn.App.Api/Controllers/ProcessController.cs @@ -276,7 +276,7 @@ public async Task> NextElement( bool authorized; string checkedAction = EnsureActionNotTaskType(processNext?.Action ?? altinnTaskType); - authorized = await AuthorizeAction(checkedAction, org, app, instanceOwnerPartyId, instanceGuid); + authorized = await AuthorizeAction(checkedAction, org, app, instanceOwnerPartyId, instanceGuid, instance.Process.CurrentTask?.ElementId); if (!authorized) { @@ -372,7 +372,7 @@ public async Task> CompleteProcess( { string altinnTaskType = EnsureActionNotTaskType(instance.Process.CurrentTask?.AltinnTaskType); - bool authorized = await AuthorizeAction(altinnTaskType, org, app, instanceOwnerPartyId, instanceGuid); + bool authorized = await AuthorizeAction(altinnTaskType, org, app, instanceOwnerPartyId, instanceGuid, instance.Process.CurrentTask?.ElementId); if (!authorized) { return Forbid(); diff --git a/src/Altinn.App.Core/Features/Action/UniqueSignatureAuthorizer.cs b/src/Altinn.App.Core/Features/Action/UniqueSignatureAuthorizer.cs index 2672f46a2..ff9aef12d 100644 --- a/src/Altinn.App.Core/Features/Action/UniqueSignatureAuthorizer.cs +++ b/src/Altinn.App.Core/Features/Action/UniqueSignatureAuthorizer.cs @@ -38,6 +38,10 @@ public UniqueSignatureAuthorizer(IProcessReader processReader, IInstanceClient i /// public async Task AuthorizeAction(UserActionAuthorizerContext context) { + if (context.TaskId == null) + { + return true; + } var flowElement = _processReader.GetFlowElement(context.TaskId) as ProcessTask; if (flowElement?.ExtensionElements?.TaskExtension?.SignatureConfiguration?.UniqueFromSignaturesInDataTypes.Count > 0) { diff --git a/test/Altinn.App.Core.Tests/Features/Action/UniqueSignatureAuthorizerTests.cs b/test/Altinn.App.Core.Tests/Features/Action/UniqueSignatureAuthorizerTests.cs index e9e32789a..e421722b8 100644 --- a/test/Altinn.App.Core.Tests/Features/Action/UniqueSignatureAuthorizerTests.cs +++ b/test/Altinn.App.Core.Tests/Features/Action/UniqueSignatureAuthorizerTests.cs @@ -172,6 +172,37 @@ public async Task AuthorizeAction_returns_false_if_same_user_has_signed_previous result.Should().BeFalse(); } + [Fact] + public async Task AuthorizeAction_returns_true_if_taskID_is_null() + { + ProcessElement processTask = new ProcessTask() + { + ExtensionElements = new() + { + TaskExtension = new() + { + SignatureConfiguration = new() + { + UniqueFromSignaturesInDataTypes = new() + { + "signature" + } + } + } + } + }; + UniqueSignatureAuthorizer authorizer = CreateUniqueSignatureAuthorizer(processTask); + var user = new ClaimsPrincipal(new ClaimsIdentity(new List() + { + new(AltinnCoreClaimTypes.UserId, "1337"), + new(AltinnCoreClaimTypes.AuthenticationLevel, "2"), + new(AltinnCoreClaimTypes.Org, "tdd") + })); + + bool result = await authorizer.AuthorizeAction(new UserActionAuthorizerContext(user, new InstanceIdentifier("500001/abba2e90-f86f-4881-b0e8-38334408bcb4"), null, "sign")); + result.Should().BeTrue(); + } + [Fact] public async Task AuthorizeAction_returns_true_if_dataelement_not_of_type_SignDocument() {