Skip to content

Commit

Permalink
✨ [#4398] Make auth_attribute_path required if update existing object…
Browse files Browse the repository at this point in the history
… True

this field is necessary to perform the initial data reference ownership check, which is performed when updating existing objects
  • Loading branch information
stevenbal committed Nov 12, 2024
1 parent 7cdb7f4 commit fc53ad1
Show file tree
Hide file tree
Showing 4 changed files with 59 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import {
mockCataloguesGet as mockZGWApisCataloguesGet,
} from 'components/admin/form_design/registrations/zgw/mocks';
import {
FeatureFlagsDecorator,
FormDecorator,
ValidationErrorsDecorator,
} from 'components/admin/form_design/story-decorators';
Expand All @@ -20,7 +21,7 @@ import RegistrationFields from './RegistrationFields';

export default {
title: 'Form design / Registration / RegistrationFields',
decorators: [ValidationErrorsDecorator, FormDecorator],
decorators: [FeatureFlagsDecorator, ValidationErrorsDecorator, FormDecorator],
component: RegistrationFields,
args: {
availableBackends: [
Expand Down Expand Up @@ -572,6 +573,11 @@ export const ConfiguredBackends = {
};

export const ObjectsAPI = {
parameters: {
featureFlags: {
REGISTRATION_OBJECTS_API_ENABLE_EXISTING_OBJECT_INTEGRATION: true,
},
},
args: {
configuredBackends: [
{
Expand Down Expand Up @@ -623,6 +629,29 @@ export const ObjectsAPI = {
await selectEvent.select(catalogueSelect, 'Catalogus 2');
});

await step(
'Path to auth attribute is required if updating existing objects is enabled',
async () => {
const otherSettingsTitle = modal.getByRole('heading', {
name: 'Overige instellingen (Tonen)',
});
expect(otherSettingsTitle).toBeVisible();
await userEvent.click(within(otherSettingsTitle).getByRole('link', {name: '(Tonen)'}));

const authAttributePath = modal.getByText(
'Path to auth attribute (e.g. BSN/KVK) in objects'
);

expect(authAttributePath).not.toHaveClass('required');

const updateExistingObject = modal.getByLabelText('Bestaand object bijwerken');
await userEvent.click(updateExistingObject);

// Checking `updateExistingObject` should make `authAttributePath` required
expect(authAttributePath).toHaveClass('required');
}
);

await step('Submit the form', async () => {
await userEvent.click(modal.getByRole('button', {name: 'Opslaan'}));
expect(args.onChange).toHaveBeenCalled();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,10 @@ import {FeatureFlagsContext} from 'components/admin/form_design/Context';
import ArrayInput from 'components/admin/forms/ArrayInput';
import Field from 'components/admin/forms/Field';
import FormRow from 'components/admin/forms/FormRow';
import {Checkbox} from 'components/admin/forms/Inputs';

const AuthAttributePath = () => {
const [fieldProps, , fieldHelpers] = useField({name: 'authAttributePath', type: 'array'});
const [updateExistingObject] = useField('updateExistingObject');
const {setValue} = fieldHelpers;
const {REGISTRATION_OBJECTS_API_ENABLE_EXISTING_OBJECT_INTEGRATION = false} =
useContext(FeatureFlagsContext);
Expand All @@ -33,6 +33,7 @@ const AuthAttributePath = () => {
defaultMessage="This is used to perform validation to verify that the authenticated user is the owner of the object."
/>
}
required={!!updateExistingObject.value}
>
<ArrayInput
name="authAttributePath"
Expand Down
10 changes: 10 additions & 0 deletions src/openforms/registrations/contrib/objects_api/config.py
Original file line number Diff line number Diff line change
Expand Up @@ -357,6 +357,16 @@ def validate(self, attrs: RegistrationOptions) -> RegistrationOptions:
{"version": _("Unknown version: {version}").format(version=version)}
)

if attrs.get("update_existing_object") and not attrs.get("auth_attribute_path"):
raise serializers.ValidationError(
{
"auth_attribute_path": _(
'This field is required if "Update existing object" is checked'
)
},
code="required",
)

if not self.context.get("validate_business_logic", True):
return attrs

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -188,6 +188,23 @@ def test_invalid_objects_api_group(self):
error = options.errors["objects_api_group"][0]
self.assertEqual(error.code, "does_not_exist")

def test_auth_attribute_path_required_if_update_existing_object_is_true(self):
options = ObjectsAPIOptionsSerializer(
data={
"objects_api_group": self.objects_api_group.pk,
"version": 2,
"objecttype": "8e46e0a5-b1b4-449b-b9e9-fa3cea655f48",
"objecttype_version": 1,
"update_existing_object": True,
"auth_attribute_path": [],
},
)

self.assertFalse(options.is_valid())
self.assertIn("auth_attribute_path", options.errors)
error = options.errors["auth_attribute_path"][0]
self.assertEqual(error.code, "required")

def test_valid_serializer(self):
options = ObjectsAPIOptionsSerializer(
data={
Expand Down

0 comments on commit fc53ad1

Please sign in to comment.