fix: Return distinct actions in GetAlinnActions (#1298)

elsand · web-flow · commit 49948b246247 · 2024-10-18T17:45:53.000+02:00
## Description

GetAltinnActions now removes duplicate action/resource tuples, which
results in simpler XACML requests and dialog tokens.

## Related Issue(s)

- N/A

## Verification

- [x] **Your** code builds clean without any errors or warnings
- [x] Manual testing done (required)
- [x] Relevant automated test added (if you find this hard, leave it and
we'll help out)


&lt;!-- This is an auto-generated comment: release notes by coderabbit.ai
--&gt;

## Summary by CodeRabbit

- **New Features**
- Improved handling of duplicate actions in the Altinn authorization
process, ensuring a cleaner and more accurate list of actions.
  
- **Bug Fixes**
- Enhanced test coverage for action retrieval, ensuring the correct
actions and attributes are validated.

&lt;!-- end of auto-generated comment: release notes by coderabbit.ai --&gt;
diff --git a/src/Digdir.Domain.Dialogporten.Infrastructure/Altinn/Authorization/DialogEntityExtensions.cs b/src/Digdir.Domain.Dialogporten.Infrastructure/Altinn/Authorization/DialogEntityExtensions.cs
@@ -20,6 +20,8 @@ public static List<AltinnAction> GetAltinnActions(this DialogEntity dialogEntity
                 .Select(x => new AltinnAction(GetReadActionForAuthorizationAttribute(x.AuthorizationAttribute!), x.AuthorizationAttribute)))
             // We always need to check if the user can read the main resource
             .Append(new AltinnAction(Constants.ReadAction, Constants.MainResource))
+            .GroupBy(x => new { x.Name, x.AuthorizationAttribute })
+            .Select(g => g.First()) // Remove duplicates by grouping
             .ToList();
     }
 
diff --git a/tests/Digdir.Domain.Dialogporten.Infrastructure.Unit.Tests/DialogEntityExtensionsTests.cs b/tests/Digdir.Domain.Dialogporten.Infrastructure.Unit.Tests/DialogEntityExtensionsTests.cs
@@ -1,5 +1,6 @@
 ﻿using Digdir.Domain.Dialogporten.Application.Common.Authorization;
 using Digdir.Domain.Dialogporten.Domain.Dialogs.Entities;
+using Digdir.Domain.Dialogporten.Domain.Dialogs.Entities.Actions;
 using Digdir.Domain.Dialogporten.Infrastructure.Altinn.Authorization;
 using Xunit;
 
@@ -13,11 +14,23 @@ public void GetAltinnActionsShouldReturnCorrectActionsForTransmissionAuthorizati
         // Arrange
         var dialogEntity = new DialogEntity
         {
-            ApiActions = [],
-            GuiActions = [],
+            ApiActions = [
+                new DialogApiAction { Action = "read" },
+                new DialogApiAction { Action = "read" },
+                new DialogApiAction { Action = "read", AuthorizationAttribute = "foo" },
+                new DialogApiAction { Action = "transmissionread", AuthorizationAttribute = "bar" },
+                new DialogApiAction { Action = "apiread" },
+            ],
+            GuiActions = [
+                new DialogGuiAction { Action = "read" },
+                new DialogGuiAction { Action = "read" },
+                new DialogGuiAction { Action = "read", AuthorizationAttribute = "foo" },
+                new DialogGuiAction { Action = "transmissionread", AuthorizationAttribute = "bar" },
+                new DialogGuiAction { Action = "guiread" },
+            ],
             Transmissions =
             [
-                new() { AuthorizationAttribute = "foo" },
+                new() { AuthorizationAttribute = "bar" },
                 new() { AuthorizationAttribute = "urn:altinn:subresource:bar" },
                 new() { AuthorizationAttribute = "urn:altinn:task:Task_1" },
                 new() { AuthorizationAttribute = "urn:altinn:resource:some-service:element1" },
@@ -30,8 +43,12 @@ public void GetAltinnActionsShouldReturnCorrectActionsForTransmissionAuthorizati
 
         // Assert
         Assert.NotNull(actions);
-        Assert.NotEmpty(actions);
-        Assert.Contains(actions, a => a is { Name: Constants.TransmissionReadAction, AuthorizationAttribute: "foo" });
+        Assert.Equal(9, actions.Count);
+        Assert.Contains(actions, a => a is { Name: Constants.ReadAction, AuthorizationAttribute: Constants.MainResource });
+        Assert.Contains(actions, a => a is { Name: Constants.ReadAction, AuthorizationAttribute: "foo" });
+        Assert.Contains(actions, a => a is { Name: Constants.TransmissionReadAction, AuthorizationAttribute: "bar" });
+        Assert.Contains(actions, a => a is { Name: "apiread", AuthorizationAttribute: Constants.MainResource });
+        Assert.Contains(actions, a => a is { Name: "guiread", AuthorizationAttribute: Constants.MainResource });
         Assert.Contains(actions, a => a is { Name: Constants.TransmissionReadAction, AuthorizationAttribute: "urn:altinn:subresource:bar" });
         Assert.Contains(actions, a => a is { Name: Constants.TransmissionReadAction, AuthorizationAttribute: "urn:altinn:task:Task_1" });
         Assert.Contains(actions, a => a is { Name: Constants.ReadAction, AuthorizationAttribute: "urn:altinn:resource:some-service:element1" });

Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,8 @@ public static List<AltinnAction> GetAltinnActions(this DialogEntity dialogEntity`
`20`	`20`	`.Select(x => new AltinnAction(GetReadActionForAuthorizationAttribute(x.AuthorizationAttribute!), x.AuthorizationAttribute)))`
`21`	`21`	`// We always need to check if the user can read the main resource`
`22`	`22`	`.Append(new AltinnAction(Constants.ReadAction, Constants.MainResource))`
	`23`	`+ .GroupBy(x => new { x.Name, x.AuthorizationAttribute })`
	`24`	`+ .Select(g => g.First()) // Remove duplicates by grouping`
`23`	`25`	`.ToList();`
`24`	`26`	`}`
`25`	`27`