From 680decf2d36a755c410c1b59f30be440b1b3bda0 Mon Sep 17 00:00:00 2001
From: valurefugl <valure@fuglar.com>
Date: Tue, 24 Dec 2024 13:47:53 +0000
Subject: [PATCH 1/2] Filter delegated national registry scopes by delegation
 types.

---
 .../delegations/test/delegations-scopes.spec.ts | 17 +++++++++++++++++
 .../lib/delegations/delegation-scope.service.ts | 13 ++++++++-----
 .../testing/src/fixtures/fixture-factory.ts     |  1 +
 3 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts b/apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts
index 61367667d5c2..b6c3085c7bc3 100644
--- a/apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts
+++ b/apps/services/auth/ids-api/src/app/delegations/test/delegations-scopes.spec.ts
@@ -19,6 +19,7 @@ const domainName = faker.random.word()
 const identityResources = ['id1', 'id2']
 
 const legalGuardianScopes = ['lg1', 'lg2']
+const legalGuardianMinorScopes = ['lgm1', 'lgm2']
 const procurationHolderScopes = ['ph1', 'ph2']
 const customScopes1 = ['cu1', 'cu2']
 const customScopes2 = ['cu3', 'cu4']
@@ -26,6 +27,7 @@ const legalRepresentativeScopes = ['lr1', 'lr2']
 
 const apiScopes = [
   ...legalGuardianScopes,
+  ...legalGuardianMinorScopes,
   ...procurationHolderScopes,
   ...customScopes1,
   ...customScopes2,
@@ -44,6 +46,9 @@ const supportedDelegationTypes = (scopeName: string): AuthDelegationType[] => {
   if (legalGuardianScopes.includes(scopeName)) {
     result.push(AuthDelegationType.LegalGuardian)
   }
+  if (legalGuardianMinorScopes.includes(scopeName)) {
+    result.push(AuthDelegationType.LegalGuardianMinor)
+  }
   if (procurationHolderScopes.includes(scopeName)) {
     result.push(AuthDelegationType.ProcurationHolder)
   }
@@ -108,6 +113,18 @@ const testCases: Record<string, TestCase> = {
     delegationType: [AuthDelegationType.LegalRepresentative],
     expected: [...legalRepresentativeScopes, ...identityResources],
   },
+  '8': {
+    fromNationalId: createNationalId('person'),
+    delegationType: [
+      AuthDelegationType.LegalGuardian,
+      AuthDelegationType.LegalGuardianMinor,
+    ],
+    expected: [
+      ...legalGuardianScopes,
+      ...legalGuardianMinorScopes,
+      ...identityResources,
+    ],
+  },
 }
 
 const user = createCurrentUser({
diff --git a/libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts b/libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts
index 701fa0785810..f21a9a2c7e0c 100644
--- a/libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts
+++ b/libs/auth-api-lib/src/lib/delegations/delegation-scope.service.ts
@@ -3,9 +3,9 @@ import { ConfigType } from '@nestjs/config'
 import { InjectModel } from '@nestjs/sequelize'
 import addDays from 'date-fns/addDays'
 import startOfDay from 'date-fns/startOfDay'
+import * as kennitala from 'kennitala'
 import { Op, Transaction } from 'sequelize'
 import { uuid } from 'uuidv4'
-import * as kennitala from 'kennitala'
 
 import { SyslumennService } from '@island.is/clients/syslumenn'
 import { logger } from '@island.is/logging'
@@ -21,16 +21,16 @@ import { ApiScope } from '../resources/models/api-scope.model'
 import { IdentityResource } from '../resources/models/identity-resource.model'
 import { DelegationProviderService } from './delegation-provider.service'
 import { DelegationConfig } from './DelegationConfig'
+import { ApiScopeInfo } from './delegations-incoming.service'
 import { DelegationsIndexService } from './delegations-index.service'
 import { UpdateDelegationScopeDTO } from './dto/delegation-scope.dto'
 import { DelegationDelegationType } from './models/delegation-delegation-type.model'
 import { DelegationScope } from './models/delegation-scope.model'
 import { DelegationTypeModel } from './models/delegation-type.model'
 import { Delegation } from './models/delegation.model'
-import { ApiScopeInfo } from './delegations-incoming.service'
+import filterByCustomScopeRule from './utils/filterByScopeCustomScopeRule'
 
 import type { User } from '@island.is/auth-nest-tools'
-import filterByCustomScopeRule from './utils/filterByScopeCustomScopeRule'
 
 @Injectable()
 export class DelegationScopeService {
@@ -238,7 +238,9 @@ export class DelegationScopeService {
       )
   }
 
-  private async findAllNationalRegistryScopes(): Promise<string[]> {
+  private async findAllNationalRegistryScopes(
+    delegationTypes: string[],
+  ): Promise<string[]> {
     const apiScopes = await this.apiScopeModel.findAll({
       include: [
         {
@@ -249,6 +251,7 @@ export class DelegationScopeService {
               model: DelegationTypeModel,
               where: {
                 provider: AuthDelegationProvider.NationalRegistry,
+                id: delegationTypes,
               },
             },
           ],
@@ -416,7 +419,7 @@ export class DelegationScopeService {
       await this.delegationProviderService.findProviders(delegationTypes)
 
     if (providers.includes(AuthDelegationProvider.NationalRegistry)) {
-      scopePromises.push(this.findAllNationalRegistryScopes())
+      scopePromises.push(this.findAllNationalRegistryScopes(delegationTypes))
     }
 
     if (providers.includes(AuthDelegationProvider.CompanyRegistry)) {
diff --git a/libs/services/auth/testing/src/fixtures/fixture-factory.ts b/libs/services/auth/testing/src/fixtures/fixture-factory.ts
index b6a37fbf32b5..700a5f0f0630 100644
--- a/libs/services/auth/testing/src/fixtures/fixture-factory.ts
+++ b/libs/services/auth/testing/src/fixtures/fixture-factory.ts
@@ -316,6 +316,7 @@ export class FixtureFactory {
       case AuthDelegationType.Custom:
         return AuthDelegationProvider.Custom
       case AuthDelegationType.LegalGuardian:
+      case AuthDelegationType.LegalGuardianMinor:
         return AuthDelegationProvider.NationalRegistry
       case AuthDelegationType.ProcurationHolder:
         return AuthDelegationProvider.CompanyRegistry

From c085ec695d40c6341072ca558c51568d31782eda Mon Sep 17 00:00:00 2001
From: valurefugl <valure@fuglar.com>
Date: Tue, 24 Dec 2024 14:24:44 +0000
Subject: [PATCH 2/2] Fix tests.

---
 .../modules/delegations/actorDelegations.controller.spec.ts  | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/apps/services/auth/public-api/src/app/modules/delegations/actorDelegations.controller.spec.ts b/apps/services/auth/public-api/src/app/modules/delegations/actorDelegations.controller.spec.ts
index a7ad9fb47b1e..194b027e3d61 100644
--- a/apps/services/auth/public-api/src/app/modules/delegations/actorDelegations.controller.spec.ts
+++ b/apps/services/auth/public-api/src/app/modules/delegations/actorDelegations.controller.spec.ts
@@ -793,7 +793,10 @@ describe('ActorDelegationsController', () => {
               await clientDelegationTypeModel.destroy({
                 where: {
                   clientId: client.clientId,
-                  delegationType: AuthDelegationType.LegalGuardian,
+                  delegationType: [
+                    AuthDelegationType.LegalGuardian,
+                    AuthDelegationType.LegalGuardianMinor,
+                  ],
                 },
               })