TTA-102-prevent-an-admin-to-revoke-its-own-credentials (#930)

* Switch disabled to prevent admin from auto-revoke

* added imports used in .ts to .spec.ts

* fixed tests

Co-authored-by: mmaquina <[email protected]>

Author: mmaquina

src/app/modules/users/components/users-list/users-list.component.html

@@ -20,6 +20,7 @@
         <td class="col-3 text-center">
           <ui-switch
             size="small"
+            [disabled]="checkRoleCurrentUser(user.email)"
             (change)="!isDevelopmentOrProd?switchGroup('time-tracker-admin', user):null; updateRole(ROLES.admin, user, $event);"
             [checked]="user.groups.includes('time-tracker-admin')"></ui-switch>
           admin

src/app/modules/users/components/users-list/users-list.component.spec.ts

@@ -1,4 +1,5 @@
 import { waitForAsync, ComponentFixture, TestBed } from '@angular/core/testing';
+import { HttpClientTestingModule, HttpTestingController } from '@angular/common/http/testing';
 import { MockStore, provideMockStore } from '@ngrx/store/testing';
 import { NgxPaginationModule } from 'ngx-pagination';
 import { UsersListComponent } from './users-list.component';
@@ -7,12 +8,22 @@ import { ActionsSubject } from '@ngrx/store';
 import { DataTablesModule } from 'angular-datatables';
 import { GrantUserRole, RevokeUserRole } from '../../store/user.actions';
 import { ROLES } from '../../../../../environments/environment';
+import { LoginService } from '../../../login/services/login.service';
+import { of } from 'rxjs';
+import { UserInfoService } from 'src/app/modules/user/services/user-info.service';
+
 
 describe('UsersListComponent', () => {
   let component: UsersListComponent;
   let fixture: ComponentFixture<UsersListComponent>;
   let store: MockStore<UserState>;
+  let httpMock: HttpTestingController;
   const actionSub: ActionsSubject = new ActionsSubject();
+  let loginService: LoginService;
+  let userInfoService: UserInfoService;
+  const userInfoServiceStub = {
+    isAdmin: () => of(false),
+  };
 
   const state: UserState = {
     data: [
@@ -33,9 +44,11 @@ describe('UsersListComponent', () => {
   beforeEach(
     waitForAsync(() => {
       TestBed.configureTestingModule({
-        imports: [NgxPaginationModule, DataTablesModule],
+        imports: [NgxPaginationModule, DataTablesModule, HttpClientTestingModule],
         declarations: [UsersListComponent],
-        providers: [provideMockStore({ initialState: state }), { provide: ActionsSubject, useValue: actionSub }],
+        providers: [provideMockStore({ initialState: state }),
+          { provide: ActionsSubject, useValue: actionSub },
+          { providers: LoginService, useValue: {}},],
       }).compileComponents();
     })
   );
@@ -44,6 +57,9 @@ describe('UsersListComponent', () => {
     fixture = TestBed.createComponent(UsersListComponent);
     component = fixture.componentInstance;
     store = TestBed.inject(MockStore);
+    httpMock = TestBed.inject(HttpTestingController);
+    loginService = TestBed.inject(LoginService);
+    userInfoService = TestBed.inject(UserInfoService);
     store.setState(state);
     fixture.detectChanges();
   });
@@ -229,9 +245,19 @@ describe('UsersListComponent', () => {
     expect(component.ROLES).toEqual(ROLES);
   });
 
+  it('Should call to localstorage and helper decode for get information about user when checkRoleCurrentUser method is called', () => {
+    const account = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImFiYyIsIm5hbWUiOiJhYmMiLCJlbWFpbCI6ImVtYWlsIiwiZ3JvdXBzIjpbImFkbWluIl19.gy1GljkoiuOjP8DzkoLRYE9SldBn5ljRc4kp8rwq7UI';
+    spyOn(loginService, 'getLocalStorage').and.returnValue(account);
+    spyOn(userInfoService, 'isAdmin').and.returnValue(of(true));
+    const response = component.checkRoleCurrentUser('email')
+    expect(response).toBeTrue();
+    expect(userInfoService.isAdmin).toHaveBeenCalled();
+    expect(loginService.getLocalStorage).toHaveBeenCalled();
+  });
+
   afterEach(() => {
     component.dtTrigger.unsubscribe();
     component.loadUsersSubscription.unsubscribe();
     fixture.destroy();
   });
-});
+});

src/app/modules/users/components/users-list/users-list.component.ts

@@ -9,6 +9,9 @@ import { EnvironmentType } from 'src/environments/enum';
 import { User } from '../../models/users';
 import { LoadUsers, UserActionTypes, AddUserToGroup, RemoveUserFromGroup } from '../../store/user.actions';
 import { getIsLoading } from '../../store/user.selectors';
+import { UserInfoService } from 'src/app/modules/user/services/user-info.service';
+import { LoginService } from '../../../login/services/login.service';
+import { JwtHelperService } from '@auth0/angular-jwt';
 
 @Component({
   selector: 'app-users-list',
@@ -28,13 +31,15 @@ export class UsersListComponent implements OnInit, OnDestroy, AfterViewInit {
   };
   switchGroupsSubscription: Subscription;
   isDevelopmentOrProd = true;
+  helper: JwtHelperService;
 
   public get ROLES() {
     return ROLES;
   }
 
-  constructor(private store: Store<User>, private actionsSubject$: ActionsSubject) {
+  constructor(private store: Store<User>, private actionsSubject$: ActionsSubject, private userInfoService: UserInfoService, private loginService: LoginService) {
     this.isLoading$ = store.pipe(delay(0), select(getIsLoading));
+    this.helper = new JwtHelperService();
   }
 
   ngOnInit(): void {
@@ -94,4 +99,11 @@ export class UsersListComponent implements OnInit, OnDestroy, AfterViewInit {
       )
     );
   }
+   
+  checkRoleCurrentUser(userEmail: string){
+    const token = this.loginService.getLocalStorage('user');
+    const user = this.helper.decodeToken(token);
+    return this.userInfoService.isAdmin() && (userEmail === user.email);
+  }
+
 }