Merge pull request #3501 from NationalSecurityAgency/t#3500/gb_role_filter

dwalizer · web-flow · commit 35501f675a56 · 2025-09-08T12:44:02.000-04:00
T#3500/gb role filter
diff --git a/dashboard/src/components/badges/global/GlobalBadgePage.vue b/dashboard/src/components/badges/global/GlobalBadgePage.vue
@@ -91,7 +91,7 @@ const goLive = (editedBadge) => {
 };
 const badgeEdited = (editedBadge) => {
   const origId = badge.value.badgeId;
-  badgeState.loadGlobalBadgeDetailsState(badgeId.value).finally(() => {
+  badgeState.loadGlobalBadgeDetailsState(editedBadge.badgeId).finally(() => {
     badge.value = badgeState.badge;
     if (origId !== editedBadge.badgeId) {
       badgeId.value = editedBadge.badgeId;
diff --git a/service/src/main/java/skills/auth/AuthUtils.groovy b/service/src/main/java/skills/auth/AuthUtils.groovy
@@ -29,6 +29,7 @@ class AuthUtils {
     static final Pattern QUIZ_ID_PATTERN = Pattern.compile("^/admin/quiz-definitions/([^/]+).*\$")
     static final Pattern ADMIN_GROUP_ID_PATTERN = Pattern.compile("^/admin/admin-group-definitions/([^/]+).*\$")
     static final Pattern QUIZ_ID_PATTERN_API = Pattern.compile("^/api/quizzes/([^/]+).*\$")
+    static final Pattern GLOBAL_BADGE_ID_PATTERN = Pattern.compile("^/admin/badges/([^/]+).*\$")
 
     // Example: /admin/projects/{projectId}/approvals/approve
     // Example: /admin/projects/{projectId}/approvals/reject
@@ -64,6 +65,10 @@ class AuthUtils {
         return this.getIdFromRequest(servletRequest, ADMIN_GROUP_ID_PATTERN, "adminGroupId")
     }
 
+    static String getGlobalBadgeIdFromRequest(HttpServletRequest servletRequest) {
+        return this.getIdFromRequest(servletRequest, GLOBAL_BADGE_ID_PATTERN, "globalBadgeId")
+    }
+
     private static String getIdFromRequest(HttpServletRequest servletRequest, Pattern pattern, String label) {
         String res
         if (servletRequest) {
diff --git a/service/src/main/java/skills/auth/UserAuthService.groovy b/service/src/main/java/skills/auth/UserAuthService.groovy
@@ -263,6 +263,13 @@ class UserAuthService {
                 shouldAddRole = true
             }
         }
+        if (userRole.roleName == RoleName.ROLE_GLOBAL_BADGE_ADMIN) {
+            shouldAddRole = false
+            String globalBadgeId = AuthUtils.getGlobalBadgeIdFromRequest(servletRequest)
+            if (globalBadgeId && userRole.globalBadgeId && globalBadgeId.equalsIgnoreCase(userRole.globalBadgeId)) {
+                shouldAddRole = true
+            }
+        }
         return shouldAddRole
     }
 
diff --git a/service/src/test/java/skills/intTests/badges/GlobalBadgeAccessSpecs.groovy b/service/src/test/java/skills/intTests/badges/GlobalBadgeAccessSpecs.groovy
@@ -210,6 +210,8 @@ class GlobalBadgeAccessSpecs extends DefaultIntSpec {
         def user2Service = createService("user2")
 
         when:
+        def badge2 = createBadge(2, 2)
+        user2Service.createGlobalBadge(badge2)
         user2Service.updateGlobalBadge(badge1)
 
         then:

Original file line number	Diff line number	Diff line change
`@@ -263,6 +263,13 @@ class UserAuthService {`
`263`	`263`	`shouldAddRole = true`
`264`	`264`	`}`
`265`	`265`	`}`
	`266`	`+ if (userRole.roleName == RoleName.ROLE_GLOBAL_BADGE_ADMIN) {`
	`267`	`+ shouldAddRole = false`
	`268`	`+ String globalBadgeId = AuthUtils.getGlobalBadgeIdFromRequest(servletRequest)`
	`269`	`+ if (globalBadgeId && userRole.globalBadgeId && globalBadgeId.equalsIgnoreCase(userRole.globalBadgeId)) {`
	`270`	`+ shouldAddRole = true`
	`271`	`+ }`
	`272`	`+ }`
`266`	`273`	`return shouldAddRole`
`267`	`274`	`}`
`268`	`275`