From fafe6929eb10147685cc64ef39ed257c3d3a98eb Mon Sep 17 00:00:00 2001 From: Ashraf Mohammed <98876115+AshrafMd-1@users.noreply.github.com> Date: Wed, 15 May 2024 04:45:05 +0530 Subject: [PATCH] Restrict Unauthorized Users from Accessing Facility's Patient Registration (#7498) * add auth checks * remove merge conflict * Update ManagePatients.tsx * fix linting * add error notification * fix lint * fix lint * fix codes * fix bug * fix bug * dont allow null home facility users to add patient --- src/Components/Common/FacilitySelect.tsx | 3 ++ .../FacilitiesSelectDialogue.tsx | 12 ++++++++ src/Components/Patient/ManagePatients.tsx | 30 +++++++++++++++++-- src/Components/Patient/PatientHome.tsx | 25 ++++++++++++---- src/Components/Patient/PatientRegister.tsx | 29 ++++++++++++++++++ 5 files changed, 92 insertions(+), 7 deletions(-) diff --git a/src/Components/Common/FacilitySelect.tsx b/src/Components/Common/FacilitySelect.tsx index 052fe194abf..ac098cc2127 100644 --- a/src/Components/Common/FacilitySelect.tsx +++ b/src/Components/Common/FacilitySelect.tsx @@ -13,6 +13,7 @@ interface FacilitySelectProps { multiple?: boolean; facilityType?: number; district?: string; + state?: string; showAll?: boolean; showNOptions?: number; freeText?: boolean; @@ -33,6 +34,7 @@ export const FacilitySelect = (props: FacilitySelectProps) => { className = "", facilityType, district, + state, freeText = false, errors = "", } = props; @@ -47,6 +49,7 @@ export const FacilitySelect = (props: FacilitySelectProps) => { facility_type: facilityType, exclude_user: exclude_user, district, + state, }; const { data } = await request( diff --git a/src/Components/ExternalResult/FacilitiesSelectDialogue.tsx b/src/Components/ExternalResult/FacilitiesSelectDialogue.tsx index 7239e0b912d..4dfe8850272 100644 --- a/src/Components/ExternalResult/FacilitiesSelectDialogue.tsx +++ b/src/Components/ExternalResult/FacilitiesSelectDialogue.tsx @@ -3,6 +3,7 @@ import DialogModal from "../Common/Dialog"; import { FacilitySelect } from "../Common/FacilitySelect"; import { FacilityModel } from "../Facility/models"; import { useTranslation } from "react-i18next"; +import useAuthUser from "../../Common/hooks/useAuthUser"; interface Props { show: boolean; @@ -15,6 +16,7 @@ interface Props { const FacilitiesSelectDialog = (props: Props) => { const { show, handleOk, handleCancel, selectedFacility, setSelected } = props; const { t } = useTranslation(); + const authUser = useAuthUser(); return ( { errors="" showAll={false} multiple={false} + district={ + authUser?.user_type === "DistrictAdmin" + ? authUser?.district?.toString() + : undefined + } + state={ + authUser?.user_type === "StateAdmin" + ? authUser?.state?.toString() + : undefined + } />
diff --git a/src/Components/Patient/ManagePatients.tsx b/src/Components/Patient/ManagePatients.tsx index dd9a58ad80d..b9a5cc6f34c 100644 --- a/src/Components/Patient/ManagePatients.tsx +++ b/src/Components/Patient/ManagePatients.tsx @@ -755,10 +755,36 @@ export const PatientManager = () => { { - if (qParams.facility) + const showAllFacilityUsers = ["DistrictAdmin", "StateAdmin"]; + if ( + qParams.facility && + showAllFacilityUsers.includes(authUser.user_type) + ) navigate(`/facility/${qParams.facility}/patient`); - else if (onlyAccessibleFacility) + else if ( + qParams.facility && + !showAllFacilityUsers.includes(authUser.user_type) && + authUser.home_facility_object?.id !== qParams.facility + ) + Notification.Error({ + msg: "Oops! Non-Home facility users don't have permission to perform this action.", + }); + else if ( + !showAllFacilityUsers.includes(authUser.user_type) && + authUser.home_facility_object?.id + ) { + navigate( + `/facility/${authUser.home_facility_object.id}/patient`, + ); + } else if (onlyAccessibleFacility) navigate(`/facility/${onlyAccessibleFacility.id}/patient`); + else if ( + !showAllFacilityUsers.includes(authUser.user_type) && + !authUser.home_facility_object?.id + ) + Notification.Error({ + msg: "Oops! No home facility found", + }); else setShowDialog("create"); }} className="w-full lg:w-fit" diff --git a/src/Components/Patient/PatientHome.tsx b/src/Components/Patient/PatientHome.tsx index 370a07fae64..93e109a2eae 100644 --- a/src/Components/Patient/PatientHome.tsx +++ b/src/Components/Patient/PatientHome.tsx @@ -678,11 +678,25 @@ export const PatientHome = (props: any) => { className="mt-4 w-full" disabled={!patientData.is_active} authorizeFor={NonReadOnlyUsers} - onClick={() => - navigate( - `/facility/${patientData?.facility}/patient/${id}/update`, - ) - } + onClick={() => { + const showAllFacilityUsers = [ + "DistrictAdmin", + "StateAdmin", + ]; + if ( + !showAllFacilityUsers.includes(authUser.user_type) && + authUser.home_facility_object?.id !== + patientData.facility + ) { + Notification.Error({ + msg: "Oops! Non-Home facility users don't have permission to perform this action.", + }); + } else { + navigate( + `/facility/${patientData?.facility}/patient/${id}/update`, + ); + } + }} > Update Details @@ -844,6 +858,7 @@ export const PatientHome = (props: any) => {
+
{ return ; } + const PatientRegisterAuth = () => { + const showAllFacilityUsers = ["DistrictAdmin", "StateAdmin"]; + if ( + !showAllFacilityUsers.includes(authUser.user_type) && + authUser.home_facility_object?.id === facilityId + ) { + return true; + } + if ( + authUser.user_type === "DistrictAdmin" && + authUser.district === facilityObject?.district + ) { + return true; + } + if ( + authUser.user_type === "StateAdmin" && + authUser.state === facilityObject?.state + ) { + return true; + } + + return false; + }; + + if (!isLoading && facilityId && facilityObject && !PatientRegisterAuth()) { + return ; + } + return (
{statusDialog.show && (