(User Roles) Remove legacy scopes

CHANGELOG.md

@@ -4,6 +4,8 @@
 
 ### Breaking changes
 
+- Removed unused searchBirthRegistrations and searchDeathRegistrations queries, as they are no longer used by the client.
+
 - **Title** Description
 
 ## Improvements

packages/auth/src/features/authenticateSuperUser/handler.ts

@@ -17,7 +17,7 @@ import {
 } from '@auth/features/authenticate/service'
 import { unauthorized } from '@hapi/boom'
 import { WEB_USER_JWT_AUDIENCES, JWT_ISSUER } from '@auth/constants'
-import { SUPER_ADMIN_SCOPES } from '@opencrvs/commons/authentication'
+import { Scope, SCOPES } from '@opencrvs/commons/authentication'
 import { logger } from '@opencrvs/commons'
 
 interface IAuthPayload {
@@ -43,6 +43,11 @@ export default async function authenticateSuperUserHandler(
     throw unauthorized()
   }
 
+  const SUPER_ADMIN_SCOPES = [
+    SCOPES.BYPASSRATELIMIT,
+    SCOPES.CONFIG_UPDATE_ALL
+  ] satisfies Scope[]
+
   const token = await createToken(
     result.userId,
     SUPER_ADMIN_SCOPES,

packages/client/graphql.schema.json

@@ -7281,13 +7281,9 @@
             "description": null,
             "args": [],
             "type": {
-              "kind": "NON_NULL",
-              "name": null,
-              "ofType": {
-                "kind": "OBJECT",
-                "name": "UserRole",
-                "ofType": null
-              }
+              "kind": "SCALAR",
+              "name": "String",
+              "ofType": null
             },
             "isDeprecated": false,
             "deprecationReason": null
@@ -14044,88 +14040,6 @@
             "isDeprecated": false,
             "deprecationReason": null
           },
-          {
-            "name": "searchBirthRegistrations",
-            "description": null,
-            "args": [
-              {
-                "name": "fromDate",
-                "description": null,
-                "type": {
-                  "kind": "SCALAR",
-                  "name": "Date",
-                  "ofType": null
-                },
-                "defaultValue": null,
-                "isDeprecated": false,
-                "deprecationReason": null
-              },
-              {
-                "name": "toDate",
-                "description": null,
-                "type": {
-                  "kind": "SCALAR",
-                  "name": "Date",
-                  "ofType": null
-                },
-                "defaultValue": null,
-                "isDeprecated": false,
-                "deprecationReason": null
-              }
-            ],
-            "type": {
-              "kind": "LIST",
-              "name": null,
-              "ofType": {
-                "kind": "OBJECT",
-                "name": "BirthRegistration",
-                "ofType": null
-              }
-            },
-            "isDeprecated": false,
-            "deprecationReason": null
-          },
-          {
-            "name": "searchDeathRegistrations",
-            "description": null,
-            "args": [
-              {
-                "name": "fromDate",
-                "description": null,
-                "type": {
-                  "kind": "SCALAR",
-                  "name": "Date",
-                  "ofType": null
-                },
-                "defaultValue": null,
-                "isDeprecated": false,
-                "deprecationReason": null
-              },
-              {
-                "name": "toDate",
-                "description": null,
-                "type": {
-                  "kind": "SCALAR",
-                  "name": "Date",
-                  "ofType": null
-                },
-                "defaultValue": null,
-                "isDeprecated": false,
-                "deprecationReason": null
-              }
-            ],
-            "type": {
-              "kind": "LIST",
-              "name": null,
-              "ofType": {
-                "kind": "OBJECT",
-                "name": "DeathRegistration",
-                "ofType": null
-              }
-            },
-            "isDeprecated": false,
-            "deprecationReason": null
-          },
           {
             "name": "searchEvents",
             "description": null,

packages/client/src/profile/queries.ts

@@ -52,13 +52,7 @@ const FETCH_USER = gql`
           firstNames
           familyName
         }
-        role {
-          label {
-            id
-            defaultMessage
-            description
-          }
-        }
+        role
         signature {
           data
           type

packages/client/src/tests/schema.graphql

@@ -1312,8 +1312,6 @@ type Query {
     to: Date
   ): [Notification]
   fetchBirthRegistration(id: ID!): BirthRegistration
-  searchBirthRegistrations(fromDate: Date, toDate: Date): [BirthRegistration]
-  searchDeathRegistrations(fromDate: Date, toDate: Date): [DeathRegistration]
   queryRegistrationByIdentifier(identifier: ID!): BirthRegistration
   queryPersonByIdentifier(identifier: ID!): Person
   listBirthRegistrations(

packages/client/src/tests/util.tsx

@@ -169,16 +169,6 @@ export const ACTION_STATUS_MAP = {
     SUBMISSION_STATUS.READY_TO_REQUEST_CORRECTION
 } as const
 
-export const validateScopeToken = jwt.sign(
-  { scope: ['validate'] },
-  readFileSync('./test/cert.key'),
-  {
-    algorithm: 'RS256',
-    issuer: 'opencrvs:auth-service',
-    audience: 'opencrvs:gateway-user'
-  }
-)
-
 export function flushPromises() {
   return new Promise((resolve) => setImmediate(resolve))
 }

packages/client/src/utils/gateway-deprecated-do-not-use.d.ts

@@ -23,8 +23,6 @@ import { GraphQLResolveInfo, GraphQLScalarType } from 'graphql'
 export interface GQLQuery {
   listNotifications?: Array<GQLNotification | null>
   fetchBirthRegistration?: GQLBirthRegistration
-  searchBirthRegistrations?: Array<GQLBirthRegistration | null>
-  searchDeathRegistrations?: Array<GQLDeathRegistration | null>
   queryRegistrationByIdentifier?: GQLBirthRegistration
   queryPersonByIdentifier?: GQLPerson
   listBirthRegistrations?: GQLBirthRegResultSet
@@ -2032,8 +2030,6 @@ export interface GQLResolver {
 export interface GQLQueryTypeResolver<TParent = any> {
   listNotifications?: QueryToListNotificationsResolver<TParent>
   fetchBirthRegistration?: QueryToFetchBirthRegistrationResolver<TParent>
-  searchBirthRegistrations?: QueryToSearchBirthRegistrationsResolver<TParent>
-  searchDeathRegistrations?: QueryToSearchDeathRegistrationsResolver<TParent>
   queryRegistrationByIdentifier?: QueryToQueryRegistrationByIdentifierResolver<TParent>
   queryPersonByIdentifier?: QueryToQueryPersonByIdentifierResolver<TParent>
   listBirthRegistrations?: QueryToListBirthRegistrationsResolver<TParent>

packages/client/src/utils/gateway.ts

@@ -59,6 +59,7 @@ export const scopes = [
   'record.registration-revoke',
   'record.registration-request-reinstatement',
   'record.registration-reinstate',
+  'record.certify',
   'search.birth:my-jurisdiction',
   'search.birth',
   'search.death:my-jurisdiction',
@@ -145,6 +146,7 @@ export const SCOPES = {
   RECORD_REGISTRATION_REQUEST_REINSTATEMENT:
     'record.registration-request-reinstatement',
   RECORD_REGISTRATION_REINSTATE: 'record.registration-reinstate',
+  RECORD_CERTIFY: 'record.certify',
   SEARCH_BIRTH_MY_JURISDICTION: 'search.birth:my-jurisdiction',
   SEARCH_BIRTH: 'search.birth',
   SEARCH_DEATH_MY_JURISDICTION: 'search.death:my-jurisdiction',
@@ -945,7 +947,7 @@ export enum IntegratingSystemType {
 export type LocalRegistrar = {
   __typename?: 'LocalRegistrar'
   name: Array<Maybe<HumanName>>
-  role: UserRole
+  role?: Maybe<Scalars['String']>
   signature?: Maybe<Signature>
 }
 
@@ -1569,8 +1571,6 @@ export type Query = {
   queryPersonByIdentifier?: Maybe<Person>
   queryPersonByNidIdentifier?: Maybe<Person>
   queryRegistrationByIdentifier?: Maybe<BirthRegistration>
-  searchBirthRegistrations?: Maybe<Array<Maybe<BirthRegistration>>>
-  searchDeathRegistrations?: Maybe<Array<Maybe<DeathRegistration>>>
   searchEvents?: Maybe<EventSearchResultSet>
   searchFieldAgents?: Maybe<SearchFieldAgentResult>
   searchUsers?: Maybe<SearchUserResult>
@@ -2716,21 +2716,13 @@ export type FetchUserQuery = {
     }
     localRegistrar?: {
       __typename?: 'LocalRegistrar'
+      role?: string | null
       name: Array<{
         __typename?: 'HumanName'
         use?: string | null
         firstNames?: string | null
         familyName?: string | null
       } | null>
-      role: {
-        __typename?: 'UserRole'
-        label: {
-          __typename?: 'I18nMessage'
-          id: string
-          defaultMessage: string
-          description: string
-        }
-      }
       signature?: {
         __typename?: 'Signature'
         data?: string | null

packages/client/src/views/OfficeHome/inExternalValidation/inExternalValidationTab.test.tsx

@@ -31,7 +31,7 @@ const EVENT_CREATION_TIME = 1583322631424 // Wed Mar 04 2020 13:50:31 GMT+0200 (
 const SEND_FOR_VALIDATION_TIME = 1582912800000 // Fri Feb 28 2020 20:00:00 GMT+0200 (Eastern European Standard Time)
 
 const registerScopeToken = jwt.sign(
-  { scope: ['register'] },
+  { scope: ['record.register'] },
   readFileSync('./test/cert.key'),
   {
     algorithm: 'RS256',

packages/commons/src/authentication.ts

@@ -23,12 +23,6 @@ export const SYSTEM_INTEGRATION_SCOPES = {
   nationalId: SCOPES.NATIONALID
 } as const
 
-export const SUPER_ADMIN_SCOPES = [
-  SCOPES.NATLSYSADMIN,
-  SCOPES.BYPASSRATELIMIT,
-  SCOPES.SYSADMIN
-] satisfies Scope[]
-
 export const DEFAULT_ROLES_DEFINITION = [
   {
     id: 'FIELD_AGENT',

packages/commons/src/scopes.ts

@@ -74,6 +74,7 @@ export const SCOPES = {
   RECORD_REGISTRATION_REQUEST_REINSTATEMENT:
     'record.registration-request-reinstatement',
   RECORD_REGISTRATION_REINSTATE: 'record.registration-reinstate',
+  RECORD_CERTIFY: 'record.certify',
 
   // search
   SEARCH_BIRTH_MY_JURISDICTION: 'search.birth:my-jurisdiction',