revert

NHSDigital · Jun 11, 2024 · 6d0ca73 · 6d0ca73
1 parent bec9307
commit 6d0ca73
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 20 deletions.
diff --git a/proxies/live/apiproxy/policies/RaiseFault.403NoPointers.xml b/proxies/live/apiproxy/policies/RaiseFault.403NoPointers.xml
@@ -14,7 +14,7 @@
                             "display": "Access has been denied to process this request"
                         } ]
                     },
-                    "diagnostics": "Provided ODS code has no pointers within requesting app - hi from eesa!"
+                    "diagnostics": "Provided ODS code has no pointers within requesting app"
                 } ]
             }
             </Payload>

diff --git a/proxies/live/apiproxy/resources/jsc/ConnectionMetadata.SetRequestHeaders.js b/proxies/live/apiproxy/resources/jsc/ConnectionMetadata.SetRequestHeaders.js
@@ -31,7 +31,7 @@
   }
 
   var nrlPermissions = context.getVariable("app.nrl-permissions");
-  var hasAllPointersPermission = false;
+
   if (nrlPermissions != null) {
     // Convert it into a complex object
     var permissionLines = nrlPermissions.split(/\s+/);
@@ -40,19 +40,19 @@
       var permissionLine = permissionLines[i];
       if (permissionLine && permissionLine.trim().length !== 0) {
         permissions.push(permissionLine);
-        if (permissionLine.trim() === "allow-all-pointer-types") {
-          hasAllPointersPermission = true;
-        }
       }
     }
 
     connectionMetadata["nrl.permissions"] = permissions;
   }
 
   var pointerTypes = [];
+
+  // Read the associated `nrl-ods-<ods_code>` custom attribute from the APIGEE app
+  var nrlPointerTypes = context.getVariable("app.nrl-ods-" + odsCode);
   var enableAuthorizationLookup = context.getVariable("app.enable-authorization-lookup");
   // If it's not a 1D sync request, check auth lookup first then ods code pointer types otherwise skip it
-  if (hasAllPointersPermission === false){
+  if (!permissions.includes("allow-all-pointer-types")){
     if(enableAuthorizationLookup == "true") {
       enableAuthorizationLookup = true
     } else if (enableAuthorizationLookup === null) {
@@ -62,30 +62,25 @@
       return;
     }
 
-
-    // Read the associated `nrl-ods-<ods_code>` custom attribute from the APIGEE app
-    var nrlPointerTypes = context.getVariable("app.nrl-ods-" + odsCode);
-
     if ((enableAuthorizationLookup === true && nrlPointerTypes) || (enableAuthorizationLookup === false && !nrlPointerTypes)) {
       //This will trigger RaiseFault.403NoPointers.xml - see targets/target.xml
       return;
     }
-    if (nrlPointerTypes){
-      // Convert it into a complex object
-      var lines = nrlPointerTypes.split(/\s+/);
+  }
 
-      for (var i = 0; i < lines.length; i++) {
-        var line = lines[i];
-        if (line && line.trim().length !== 0) {
-          pointerTypes.push(line);
-        }
+  if (nrlPointerTypes){
+    // Convert it into a complex object
+    var lines = nrlPointerTypes.split(/\s+/);
+
+    for (var i = 0; i < lines.length; i++) {
+      var line = lines[i];
+      if (line && line.trim().length !== 0) {
+        pointerTypes.push(line);
       }
     }
   }
 
 
-
-
   var odsCodeExtension = context.getVariable(
     "request.header.NHSD-End-User-Organisation"
   );