feat: Added findByIdAccess method to Proposal and Sample APIs

CI/ESS/e2e/cypress.config.ts

@@ -8,9 +8,9 @@ export default defineConfig({
     lbTokenPrefix: "Bearer ",
     viewportWidth: 1280,
     username: "admin",
-    password: "am2jf70TPNZsSan",
+    password: "27f5fd86ae68fe740eef42b8bbd1d7d5",
     secondaryUsername: "archiveManager",
-    secondaryPassword: "aman",
+    secondaryPassword: "6d3b76392e6f41b087c11f8b77e3f9de",
     guestUsername: "user1",
     guestUserEmail: "user1@your.site",
     guestPassword: "a609316768619f154ef58db4d847b75e",

CI/ESS/e2e/cypress.github.ts

@@ -8,9 +8,9 @@ export default defineConfig({
     lbTokenPrefix: "Bearer ",
     viewportWidth: 1280,
     username: "admin",
-    password: "am2jf70TPNZsSan",
+    password: "27f5fd86ae68fe740eef42b8bbd1d7d5",
     secondaryUsername: "archiveManager",
-    secondaryPassword: "aman",
+    secondaryPassword: "6d3b76392e6f41b087c11f8b77e3f9de",
     guestUsername: "user1",
     guestUserEmail: "user1@your.site",
     guestPassword: "a609316768619f154ef58db4d847b75e",

CI/ESS/e2e/cypress.nestjs.ts

@@ -8,9 +8,9 @@ export default defineConfig({
     lbTokenPrefix: "Bearer ",
     viewportWidth: 1280,
     username: "admin",
-    password: "am2jf70TPNZsSan",
+    password: "27f5fd86ae68fe740eef42b8bbd1d7d5",
     secondaryUsername: "archiveManager",
-    secondaryPassword: "aman",
+    secondaryPassword: "6d3b76392e6f41b087c11f8b77e3f9de",
     guestUsername: "user1",
     guestUserEmail: "user1@your.site",
     guestPassword: "a609316768619f154ef58db4d847b75e",

CI/ESS/e2e/functionalAccounts.json

@@ -1,32 +1,46 @@
 [
   {
     "username": "admin",
-    "email": "admin@your.site",
-    "password": "am2jf70TPNZsSan",
+    "email": "admin@scicat.project",
+    "password": "27f5fd86ae68fe740eef42b8bbd1d7d5",
     "role": "admin",
     "global": true
   },
   {
-    "username": "ingestor",
-    "email": "scicatingestor@your.site",
-    "password": "aman",
-    "role": "ingestor",
+    "username": "adminIngestor",
+    "email": "adminingestor@scicat.project",
+    "password": "13f4242dc691a3ee3bb5ca2006edcdf7",
+    "role": "adminingestor",
     "global": false
   },
   {
     "username": "archiveManager",
-    "email": "scicatarchivemanager@your.site",
-    "password": "aman",
+    "email": "archivemanager@scicat.project",
+    "password": "6d3b76392e6f41b087c11f8b77e3f9de",
     "role": "archivemanager",
     "global": false
   },
+  {
+    "username": "datasetIngestor",
+    "email": "datasetingestor@scicat.project",
+    "password": "bc35db76848cf9fbb7f40b6661644e97",
+    "role": "datasetingestor",
+    "global": false
+  },
   {
     "username": "proposalIngestor",
-    "email": "scicatproposalingestor@your.site",
-    "password": "aman",
+    "email": "proposalingestor@scicat.project",
+    "password": "7d8cd858fb9d0e4f5d91c34fd4016167",
     "role": "proposalingestor",
     "global": false
   },
+  {
+    "username": "sampleIngestor",
+    "email": "sampleingestor@scicat.project",
+    "password": "e4876cb39c7dc4fe957d7c4f6a34cdd8",
+    "role": "sampleingestor",
+    "global": false
+  },
   {
     "username": "user1",
     "email": "user1@your.site",

cypress.config.ts

@@ -8,9 +8,9 @@ export default defineConfig({
     lbTokenPrefix: "Bearer ",
     viewportWidth: 1280,
     username: "admin",
-    password: "am2jf70TPNZsSan",
+    password: "27f5fd86ae68fe740eef42b8bbd1d7d5",
     secondaryUsername: "archiveManager",
-    secondaryPassword: "aman",
+    secondaryPassword: "6d3b76392e6f41b087c11f8b77e3f9de",
     guestUsername: "user1",
     guestUserEmail: "user1@your.site",
     guestPassword: "a609316768619f154ef58db4d847b75e",

src/app/shared/sdk/services/custom/Proposal.ts

@@ -891,6 +891,36 @@ export class ProposalApi extends BaseLoopBackApi {
     return result;
   }
 
+  /**
+   * @method findByIdAccess
+   * @param {string} id ID of the resource
+   * @param {Function} [customHeaders] Optional custom headers function
+   * @return {Observable<{ canAccess: boolean }>}
+   */
+  public findByIdAccess<T>(
+    id: string,
+    customHeaders?: Function,
+  ): Observable<{ canAccess: boolean }> {
+    let _method: string = "GET";
+    let _url: string =
+      LoopBackConfig.getPath() +
+      "/" +
+      LoopBackConfig.getApiVersion() +
+      "/Proposals/:id/authorization";
+    let _routeParams: any = { id };
+    let _postBody: any = {};
+    let _urlParams: any = {};
+    let result = this.request(
+      _method,
+      _url,
+      _routeParams,
+      _urlParams,
+      _postBody,
+      null,
+      customHeaders,
+    );
+    return result;
+  }
   /**
    * Find proposal that took data at specified instrument and time
    *

src/app/shared/sdk/services/custom/Sample.ts

@@ -622,6 +622,37 @@ export class SampleApi extends BaseLoopBackApi {
     return result;
   }
 
+  /**
+   * @method findByIdAccess
+   * @param {string} id ID of the resource
+   * @param {Function} [customHeaders] Optional custom headers function
+   * @return {Observable<{ canAccess: boolean }>}
+   */
+  public findByIdAccess<T>(
+    id: string,
+    customHeaders?: Function,
+  ): Observable<{ canAccess: boolean }> {
+    let _method: string = "GET";
+    let _url: string =
+      LoopBackConfig.getPath() +
+      "/" +
+      LoopBackConfig.getApiVersion() +
+      "/Samples/:id/authorization";
+    let _routeParams: any = { id };
+    let _postBody: any = {};
+    let _urlParams: any = {};
+    let result = this.request(
+      _method,
+      _url,
+      _routeParams,
+      _urlParams,
+      _postBody,
+      null,
+      customHeaders,
+    );
+    return result;
+  }
+
   /**
    * Get a list of sample characteristic keys
    *

src/app/state-management/actions/proposals.actions.ts

@@ -31,6 +31,9 @@ export const fetchProposalCompleteAction = createAction(
 export const fetchProposalFailedAction = createAction(
   "[Proposal] Fetch Proposal Failed",
 );
+export const fetchProposalAccessFailedAction = createAction(
+  "[Proposal] Fetch Proposal Access Failed",
+);
 
 export const fetchProposalDatasetsAction = createAction(
   "[Proposal] Fetch Datasets",

src/app/state-management/actions/samples.actions.ts

@@ -44,6 +44,9 @@ export const fetchSampleCompleteAction = createAction(
 export const fetchSampleFailedAction = createAction(
   "[Sample] Fetch Sample Failed",
 );
+export const fetchSampleAccessFailedAction = createAction(
+  "[Sample] Fetch Sample Access Failed",
+);
 export const fetchSampleAttachmentsAction = createAction(
   "[Sample] Fetch Sample Attachments",
   props<{ sampleId: string }>(),

src/app/state-management/effects/proposals.effects.spec.ts

@@ -6,7 +6,7 @@ import {
   Dataset,
   Attachment,
 } from "shared/sdk";
-import { Observable } from "rxjs";
+import { Observable, of, throwError } from "rxjs";
 import { ProposalEffects } from "./proposals.effects";
 import { TestBed } from "@angular/core/testing";
 import { provideMockStore } from "@ngrx/store/testing";
@@ -61,6 +61,7 @@ describe("ProposalEffects", () => {
           useValue: jasmine.createSpyObj("proposalApi", [
             "fullquery",
             "findById",
+            "findByIdAccess",
             "createAttachments",
             "updateByIdAttachments",
             "destroyByIdAttachments",
@@ -240,29 +241,70 @@ describe("ProposalEffects", () => {
 
   describe("fetchProposal$", () => {
     const proposalId = "testId";
+    const permission = {
+      accepted: { canAccess: true },
+      rejected: { canAccess: false },
+    };
 
-    it("should result in a fetchCountCompleteAction", () => {
+    it("should result in a fetchProposalCompleteAction", () => {
       const action = fromActions.fetchProposalAction({ proposalId });
       const outcome = fromActions.fetchProposalCompleteAction({ proposal });
 
-      actions = hot("-a", { a: action });
-      const response = cold("-a|", { a: proposal });
-      proposalApi.findById.and.returnValue(response);
+      proposalApi.findByIdAccess
+        .withArgs(proposalId)
+        .and.returnValue(of(permission.accepted));
+      proposalApi.findById
+        .withArgs(encodeURIComponent(proposalId))
+        .and.returnValue(of(proposal));
+
+      actions = hot("a", { a: action });
+      const expected = cold("b", { b: outcome });
 
-      const expected = cold("--b", { b: outcome });
       expect(effects.fetchProposal$).toBeObservable(expected);
     });
 
     it("should result in a fetchProposalFailedAction", () => {
       const action = fromActions.fetchProposalAction({ proposalId });
-      const outcome = fromActions.fetchProposalFailedAction();
+      const failure = fromActions.fetchProposalFailedAction();
 
-      actions = hot("-a", { a: action });
-      const response = cold("-#", {});
-      proposalApi.findById.and.returnValue(response);
+      proposalApi.findByIdAccess
+        .withArgs(proposalId)
+        .and.returnValue(of(permission.accepted));
+      proposalApi.findById.and.returnValue(throwError(() => new Error()));
+
+      actions = hot("a", { a: action });
+      const expected = cold("b", { b: failure });
+
+      expect(effects.fetchProposal$).toBeObservable(expected);
+    });
+
+    it("should do nothing if findByIdAccess returns false", () => {
+      const action = fromActions.fetchProposalAction({ proposalId });
+
+      proposalApi.findByIdAccess
+        .withArgs(proposalId)
+        .and.returnValue(of(permission.rejected));
+
+      actions = hot("a", { a: action });
+      const expected = cold("------");
+
+      expect(effects.fetchProposal$).toBeObservable(expected);
+      expect(proposalApi.findById).not.toHaveBeenCalled();
+    });
+
+    it("should result in fetchProposalAccessFailedAction if findByIdAccess failed", () => {
+      const action = fromActions.fetchProposalAction({ proposalId });
+      const failure = fromActions.fetchProposalAccessFailedAction();
+
+      proposalApi.findByIdAccess
+        .withArgs(proposalId)
+        .and.returnValue(throwError(() => new Error()));
+
+      actions = hot("a", { a: action });
+      const expected = cold("b", { b: failure });
 
-      const expected = cold("--b", { b: outcome });
       expect(effects.fetchProposal$).toBeObservable(expected);
+      expect(proposalApi.findById).not.toHaveBeenCalled();
     });
   });
 

src/app/state-management/effects/proposals.effects.ts

@@ -7,7 +7,7 @@ import {
   selectFullqueryParams,
   selectDatasetsQueryParams,
 } from "state-management/selectors/proposals.selectors";
-import { map, mergeMap, catchError, switchMap } from "rxjs/operators";
+import { map, mergeMap, catchError, switchMap, filter } from "rxjs/operators";
 import { of } from "rxjs";
 import {
   loadingAction,
@@ -60,16 +60,22 @@ export class ProposalEffects {
   fetchProposal$ = createEffect(() => {
     return this.actions$.pipe(
       ofType(fromActions.fetchProposalAction),
-      switchMap(({ proposalId }) =>
-        this.proposalApi
-          .findById<Proposal>(encodeURIComponent(proposalId))
-          .pipe(
-            map((proposal: Proposal) =>
-              fromActions.fetchProposalCompleteAction({ proposal }),
-            ),
-            catchError(() => of(fromActions.fetchProposalFailedAction())),
+      switchMap(({ proposalId }) => {
+        return this.proposalApi.findByIdAccess(proposalId).pipe(
+          filter((permission: { canAccess: boolean }) => permission.canAccess),
+          switchMap(() =>
+            this.proposalApi
+              .findById<Proposal>(encodeURIComponent(proposalId))
+              .pipe(
+                map((proposal: Proposal) =>
+                  fromActions.fetchProposalCompleteAction({ proposal }),
+                ),
+                catchError(() => of(fromActions.fetchProposalFailedAction())),
+              ),
           ),
-      ),
+          catchError(() => of(fromActions.fetchProposalAccessFailedAction())),
+        );
+      }),
     );
   });