diff --git a/legal-api/src/legal_api/services/authz.py b/legal-api/src/legal_api/services/authz.py index 3447a3bb8e..a03f06789b 100644 --- a/legal-api/src/legal_api/services/authz.py +++ b/legal-api/src/legal_api/services/authz.py @@ -153,7 +153,7 @@ def has_roles(jwt: JwtManager, roles: list[str]) -> bool: return bool(jwt.validate_roles(roles)) -def get_allowable_filings_dict(): +def get_allowable_filings_dict(is_authorization: bool = False): """Return dictionary containing rules for when filings are allowed.""" # importing here to avoid circular dependencies # pylint: disable=import-outside-toplevel @@ -668,6 +668,30 @@ def get_allowable_filings_dict(): else: del allowable_filings_dict[user_type][Business.State.ACTIVE.value][filing_type] + # Remove some alteration blockers when authorization is not required + if not is_authorization: + for user_type_dict in allowable_filings_dict.values(): + alteration_blockers = ( + user_type_dict + .get(Business.State.ACTIVE, {}) + .get("alteration", {}) + .get("blockerChecks", {}) + ) + + if not alteration_blockers: + continue + + if BusinessBlocker.NOT_IN_GOOD_STANDING in alteration_blockers.get("business", []): + alteration_blockers["business"].remove(BusinessBlocker.NOT_IN_GOOD_STANDING) + + if "restoration.limitedRestoration" in alteration_blockers.get("invalidStateFilings", []): + alteration_blockers["invalidStateFilings"].remove("restoration.limitedRestoration") + + if "restoration.limitedRestorationExtension" in alteration_blockers.get("invalidStateFilings", []): + alteration_blockers["invalidStateFilings"].remove( + "restoration.limitedRestorationExtension" + ) + return allowable_filings_dict @@ -680,6 +704,7 @@ def is_allowed(business: Business, # noqa: PLR0913 filing: Filing = None): """Is allowed to do filing.""" is_ignore_draft_blockers = False + is_authorization = True if filing: if filing.status not in [Filing.Status.DRAFT.value, @@ -693,7 +718,7 @@ def is_allowed(business: Business, # noqa: PLR0913 # this check is to make sure that amalgamation application is not allowed/authorized with continue in corps if filing_type == "amalgamationApplication" and legal_type in ["C", "CBEN", "CUL", "CCC"]: return False - allowable_filings = get_allowed_filings(business, state, legal_type, jwt, is_ignore_draft_blockers) + allowable_filings = get_allowed_filings(business, state, legal_type, jwt, is_ignore_draft_blockers, is_authorization) for allowable_filing in allowable_filings: if ( @@ -786,11 +811,13 @@ def get_could_file(legal_type: str, return could_filing_types -def get_allowed_filings(business: Business, +def get_allowed_filings(business: Business, # noqa: PLR0913 state: Business.State, legal_type: str, jwt: JwtManager, - is_ignore_draft_blockers: bool = False): + is_ignore_draft_blockers: bool = False, + is_authorization: bool = False + ): """Get allowed type of filing types for the current user.""" # importing here to avoid circular dependencies # pylint: disable=import-outside-toplevel @@ -806,7 +833,7 @@ def get_allowed_filings(business: Business, # doing this check up front to cache result business_blocker_dict: dict = business_blocker_check(business, is_ignore_draft_blockers) - allowable_filings = get_allowable_filings_dict().get(user_role, {}).get(state, {}) + allowable_filings = get_allowable_filings_dict(is_authorization).get(user_role, {}).get(state, {}) allowable_filing_types = [] for allowable_filing_key, allowable_filing_value in allowable_filings.items(): diff --git a/legal-api/tests/unit/services/test_authorization.py b/legal-api/tests/unit/services/test_authorization.py index 4c13be3b73..5fab81f461 100644 --- a/legal-api/tests/unit/services/test_authorization.py +++ b/legal-api/tests/unit/services/test_authorization.py @@ -1848,7 +1848,8 @@ def mock_auth(one, two): # pylint: disable=unused-argument; mocks of library me FilingKey.COD_CP, FilingKey.COO_CORPS])), ('general_user_corps', True, Business.State.ACTIVE, ['BC', 'BEN', 'CC', 'ULC'], 'general', [BASIC_USER], - expected_lookup([FilingKey.AR_CORPS, + expected_lookup([FilingKey.ALTERATION, + FilingKey.AR_CORPS, FilingKey.COA_CORPS, FilingKey.COD_CORPS, FilingKey.COO_CORPS, @@ -1858,7 +1859,8 @@ def mock_auth(one, two): # pylint: disable=unused-argument; mocks of library me FilingKey.TRANSPARENCY_REGISTER_INITIAL])), ('general_user_continue_in_corps', True, Business.State.ACTIVE, ['C', 'CBEN', 'CCC', 'CUL'], 'general', [BASIC_USER], - expected_lookup([FilingKey.AR_CORPS, + expected_lookup([FilingKey.ALTERATION, + FilingKey.AR_CORPS, FilingKey.COA_CORPS, FilingKey.COD_CORPS, FilingKey.COO_CORPS, @@ -2508,6 +2510,7 @@ def mock_auth(one, two): # pylint: disable=unused-argument; mocks of library me expected_lookup([FilingKey.ADMN_FRZE, FilingKey.AGM_EXTENSION, FilingKey.AGM_LOCATION_CHANGE, + FilingKey.ALTERATION, FilingKey.AMALGAMATION_REGULAR, FilingKey.AMALGAMATION_VERTICAL, FilingKey.AMALGAMATION_HORIZONTAL, @@ -2542,6 +2545,7 @@ def mock_auth(one, two): # pylint: disable=unused-argument; mocks of library me expected_lookup_continue_in_corps([FilingKey.ADMN_FRZE, FilingKey.AGM_EXTENSION, FilingKey.AGM_LOCATION_CHANGE, + FilingKey.ALTERATION, FilingKey.AMALGAMATION_REGULAR, FilingKey.AMALGAMATION_VERTICAL, FilingKey.AMALGAMATION_HORIZONTAL, @@ -2686,6 +2690,7 @@ def mock_auth(one, two): # pylint: disable=unused-argument; mocks of library me ['limitedRestoration', 'limitedRestorationExtension'], expected_lookup([FilingKey.AGM_EXTENSION, FilingKey.AGM_LOCATION_CHANGE, + FilingKey.ALTERATION, FilingKey.AMALGAMATION_REGULAR, FilingKey.AMALGAMATION_VERTICAL, FilingKey.AMALGAMATION_HORIZONTAL, @@ -2727,6 +2732,7 @@ def mock_auth(one, two): # pylint: disable=unused-argument; mocks of library me ['limitedRestoration', 'limitedRestorationExtension'], expected_lookup_continue_in_corps([FilingKey.AGM_EXTENSION, FilingKey.AGM_LOCATION_CHANGE, + FilingKey.ALTERATION, FilingKey.AMALGAMATION_REGULAR, FilingKey.AMALGAMATION_VERTICAL, FilingKey.AMALGAMATION_HORIZONTAL, @@ -3442,7 +3448,8 @@ def mock_auth(one, two): # pylint: disable=unused-argument; mocks of library me FilingKey.COD_CP, FilingKey.COO_CORPS])), ('general_user_corps', Business.State.ACTIVE, ['BC', 'BEN', 'CC', 'ULC'], 'general', [BASIC_USER], None, - expected_lookup([FilingKey.AR_CORPS, + expected_lookup([FilingKey.ALTERATION, + FilingKey.AR_CORPS, FilingKey.COA_CORPS, FilingKey.COD_CORPS, FilingKey.COO_CORPS, @@ -3452,7 +3459,8 @@ def mock_auth(one, two): # pylint: disable=unused-argument; mocks of library me FilingKey.TRANSPARENCY_REGISTER_INITIAL])), ('general_user_continue_in_corps', Business.State.ACTIVE, ['C', 'CBEN', 'CCC', 'CUL'], 'general', [BASIC_USER], None, - expected_lookup([FilingKey.AR_CORPS, + expected_lookup([FilingKey.ALTERATION, + FilingKey.AR_CORPS, FilingKey.COA_CORPS, FilingKey.COD_CORPS, FilingKey.COO_CORPS,