Merge remote-tracking branch 'origin/main' into mb/TTAHUB-3134/adjust…

…-goal-permissions
HHS · Jul 2, 2024 · 6b3bc92 · 6b3bc92
2 parents e17794a + ff92640
commit 6b3bc92
Show file tree

Hide file tree

Showing 6 changed files with 86 additions and 4 deletions.
diff --git a/config/config.js b/config/config.js
@@ -108,7 +108,7 @@ module.exports = {
       ssl: true,
     },
     pool: {
-      max: 10,
+      max: 30,
       validate: connectionValidation,
     },
   },

diff --git a/src/lib/cron.js b/src/lib/cron.js
@@ -17,11 +17,11 @@ import { logger, auditLogger } from '../logger';
 // Run at 4 am ET
 const schedule = '0 4 * * *';
 // Run daily at 4 pm
-const dailySched = '0 16 * * 1-5';
+const dailySched = '1 16 * * 1-5';
 // Run at 4 pm every Friday
-const weeklySched = '0 16 * * 5';
+const weeklySched = '5 16 * * 5';
 // Run at 4 pm on the last of the month
-const monthlySched = '0 16 28-31 * *';
+const monthlySched = '10 16 28-31 * *';
 const timezone = 'America/New_York';
 
 const runJob = () => {

diff --git a/src/models/activityReportCollaborator.js b/src/models/activityReportCollaborator.js
@@ -1,4 +1,5 @@
 const { Model } = require('sequelize');
+const { auditLogger } = require('../logger');
 const generateFullName = require('./helpers/generateFullName');
 
 export default (sequelize, DataTypes) => {
@@ -27,6 +28,11 @@ export default (sequelize, DataTypes) => {
     fullName: {
       type: DataTypes.VIRTUAL,
       get() {
+        if (!this.user) {
+          const { stack } = new Error();
+          auditLogger.error(`Access attempt to undefined user for userID: ${this.userId}, stack: ${stack}`);
+          return '';
+        }
         const roles = this.roles && this.roles.length
           ? this.roles : this.user.roles;
         return generateFullName(this.user.name, roles);

diff --git a/src/models/tests/activityReportCollaborator.test.js b/src/models/tests/activityReportCollaborator.test.js
@@ -0,0 +1,24 @@
+import { ActivityReportCollaborator } from '..';
+import { auditLogger } from '../../logger';
+
+jest.mock('../../logger');
+
+describe('ActivityReportCollaborator Model', () => {
+  it('should handle undefined user gracefully', () => {
+    const instance = new ActivityReportCollaborator();
+    instance.user = undefined;
+    instance.userId = 1;
+
+    expect(() => instance.fullName).not.toThrow();
+    expect(auditLogger.error).toHaveBeenCalled();
+    expect(instance.fullName).toBe('');
+  });
+
+  it('should return correct fullName when user and roles are defined', () => {
+    const instance = new ActivityReportCollaborator();
+    instance.user = { name: 'Joe Brown', roles: [{ name: 'Admin' }] };
+    instance.roles = [{ name: 'GS' }];
+
+    expect(instance.fullName).toEqual('Joe Brown, GS');
+  });
+});
diff --git a/src/policies/goals.js b/src/policies/goals.js
@@ -107,7 +107,11 @@ export default class Goal {
   }
 
   canView() {
+    if (!this.goal || !this.goal.grant) {
+      return false;
+    }
     const region = this.goal.grant.regionId;
+
     return this.canReadInRegion(region);
   }
 }
diff --git a/src/policies/goals.test.js b/src/policies/goals.test.js
@@ -233,4 +233,52 @@ describe('Goals policies', () => {
       expect(policy.isOnApprovedActivityReports()).toBe(true);
     });
   });
+
+  describe('canView', () => {
+    it('returns false if no goal', () => {
+      const user = {
+        permissions: [
+          {
+            regionId: 2,
+            scopeId: SCOPES.APPROVE_REPORTS,
+          },
+        ],
+      };
+
+      const policy = new Goal(user);
+      expect(policy.canView()).toBe(false);
+    });
+
+    it('returns false if goal has no grant', () => {
+      const user = {
+        permissions: [
+          {
+            regionId: 2,
+            scopeId: SCOPES.APPROVE_REPORTS,
+          },
+        ],
+      };
+
+      const policy = new Goal(user, {});
+      expect(policy.canView()).toBe(false);
+    });
+
+    it('returns true if user has permissions in that region', () => {
+      const user = {
+        permissions: [
+          {
+            regionId: 2,
+            scopeId: SCOPES.APPROVE_REPORTS,
+          },
+        ],
+      };
+
+      const goal = {
+        grant: { regionId: 2 },
+      };
+
+      const policy = new Goal(user, goal);
+      expect(policy.canView()).toBe(true);
+    });
+  });
 });