OY-4903 katselmointihuomiot

.gitignore

@@ -33,6 +33,5 @@ npm-debug.log*
 /docker/ataru-cypress-http-proxy/etc/nginx/nginx.conf
 .clj-kondo/.cache
 .java
-.java-version
 .lsp
 .calva

spec/ataru/applications/application_access_control_spec.clj

@@ -339,3 +339,40 @@
                         ["application-1-oid" "application-2-oid"]
                         [:view-applications])]
           (should= false result))))))
+
+
+(describe "applications-review-authorized?"
+          (tags :unit)
+          (it "returns true if user has edit rights to all hakukohteet"
+              (let [session (session-with-rights :edit-applications
+                                                 ["1.2.246.562.10.10826252480" "1.2.246.562.10.10826252479"])
+                    result  (aac/applications-review-authorized?
+                             organization-service
+                             tarjonta-service
+                             session
+                             [:1.2.246.562.20.49028100004 :1.2.246.562.20.49028196522]
+                             [:edit-applications])]
+                (should= true result)))
+
+          (it "returns false if user has edit rights to only some of hakukohteet"
+              (let [session (session-with-rights :edit-applications ["1.2.246.562.10.10826252480"]
+                                                 :view-applications ["1.2.246.562.10.10826252479"])
+                    result  (aac/applications-review-authorized?
+                             organization-service
+                             tarjonta-service
+                             session
+                             [:1.2.246.562.20.49028100004 :1.2.246.562.20.49028196522]
+                             [:edit-applications])]
+                (should= false result)))
+
+          (it "returns true if user has edit rights to hakukohderyhma"
+              (let [session (session-with-rights :edit-applications ["1.2.246.562.28.00000000001"]
+                                                 :view-applications ["1.2.246.562.10.10826252479"])
+                    result  (aac/applications-review-authorized?
+                             organization-service
+                             tarjonta-service
+                             session
+                             [:1.2.246.562.20.49028196522]
+                             [:edit-applications])]
+                (should= false result))))
+

src/clj/ataru/applications/application_access_control.clj

@@ -38,9 +38,8 @@
 
 (defn all-hakukohteet-authorized-by-tarjoajat?
   [authorized-organization-oids hakukohteet]
-  (boolean
-   (every? #(authorized-by-tarjoaja? authorized-organization-oids %)
-           hakukohteet)))
+  (every? #(authorized-by-tarjoaja? authorized-organization-oids %)
+          hakukohteet))
 
 (defn authorized-by-hakukohde?
   [authorized-organization-oids hakukohde]
@@ -180,7 +179,7 @@
     rights
     (constantly false)
     #(all-hakukohteet-authorized-by-tarjoajat? %
-      (tarjonta-protocol/get-hakukohteet tarjonta-service (into (vector) (map name hakukohde-oids))))
+      (tarjonta-protocol/get-hakukohteet tarjonta-service (vec (map name hakukohde-oids))))
     (constantly true))))
 
 (defn- authenticate-by-opinto-ohjaaja-fn

src/clj/ataru/virkailija/virkailija_routes.clj

@@ -715,7 +715,7 @@
             nil (response/unauthorized {:error (str "Hakemuksen "
                                                  (:application-key review)
                                                  " käsittely ei ole sallittu")})
-            (-> (response/ok result)))))
+            (response/ok result))))
 
       (api/POST "/information-request" {session :session}
         :body [information-request ataru-schema/NewInformationRequest]