revise roleUtils.ts and update roleUtils.test.ts

services/rights/roleUtils.ts

@@ -42,16 +42,18 @@ const rolesToChange: Array<string> = [
   'ROLE_ONLINEREGISTRATION_ADMINISTRATION_VIEW'
 ]
 
-const actions = ['VIEW', 'MANAGE', 'REFERENCE', 'CORE']
+const actions = ['VIEW', 'REFERENCE', 'CORE']
 
 const actionMap: AnyJson = {
   '': 'manage',
-  'VIEW': 'read'
+  'VIEW': 'read',
+  'REFERENCE': null,
+  'CORE': null,
 }
 
 interface Role {
   subject: string
-  action: 'VIEW' | 'MANAGE' | 'REFERENCE' | ''
+  action: 'VIEW' | 'CORE' | 'REFERENCE' | ''
 }
 
 /**
@@ -100,7 +102,7 @@ class RoleUtils {
     }
     parts.shift()
 
-    let action: 'VIEW' | 'MANAGE' | 'REFERENCE' | '' = ''
+    let action: 'VIEW' | 'CORE' | 'REFERENCE' | '' = ''
     if (actions.includes(parts.at(-1) ?? '')) {
       // @ts-ignore
       action = parts.pop() ?? ''
@@ -113,12 +115,22 @@ class RoleUtils {
 
   static roleToString(role: Role) {
     //  TODO: est-ce qu'il faut retransformer les - en _ ?  (si oui, attention à maj les tests)
-    return ['ROLE', role.subject, role.action].filter((s: string) => s.length > 0).join('_')
+    return ['ROLE', role.subject, role.action].filter((s: string) => s !== null && s.length > 0).join('_')
   }
 
-  static roleToAbility(role: Role): AbilitiesType {
+  /**
+   * Construit une habilité à partir du rôle en paramètre.
+   * Retourne null si le role ne donne droit à aucune habilité
+   * @param role
+   */
+  static roleToAbility(role: Role): AbilitiesType | null {
+    const mappedAction = actionMap[role.action]
+    if (mappedAction === null) {
+      return null
+    }
+
     return {
-      action: actionMap[role.action],
+      action: mappedAction,
       subject: role.subject.toLowerCase()
     }
   }
@@ -142,7 +154,7 @@ class RoleUtils {
       const ability = RoleUtils.roleToAbility(parsed)
 
       // @ts-ignore
-      if (ability.subject && typeof ability.action !== 'undefined') {
+      if (ability !== null && ability.subject && typeof ability.action !== 'undefined') {
         abilities.push(ability)
       }
     })

tests/units/services/rights/roleUtils.test.ts

@@ -29,7 +29,7 @@ describe('filterFunctionRoles', () => {
 describe('parseRole', () => {
     test('simple call', () => {
         expect(RoleUtils.parseRole('ROLE_MYSUBJECT_VIEW')).toEqual({ subject: 'MYSUBJECT', action: 'VIEW' })
-        expect(RoleUtils.parseRole('ROLE_MYSUBJECT_MANAGE')).toEqual({ subject: 'MYSUBJECT', action: 'MANAGE' })
+        expect(RoleUtils.parseRole('ROLE_MYSUBJECT_CORE')).toEqual({ subject: 'MYSUBJECT', action: 'CORE' })
         expect(RoleUtils.parseRole('ROLE_MYSUBJECT_REFERENCE')).toEqual({ subject: 'MYSUBJECT', action: 'REFERENCE' })
         expect(RoleUtils.parseRole('ROLE_MYSUBJECT')).toEqual({ subject: 'MYSUBJECT', action: '' })
     })
@@ -62,7 +62,8 @@ describe('roleToAbility', () => {
       expect(RoleUtils.roleToAbility({ subject: 'MYSUBJECT', action: '' })).toEqual({ action: 'manage', subject: 'mysubject'})
       expect(RoleUtils.roleToAbility({ subject: 'MYSUBJECT', action: 'VIEW' })).toEqual({ action: 'read', subject: 'mysubject'})
       expect(RoleUtils.roleToAbility({ subject: 'MY-SUBJECT', action: '' })).toEqual({ action: 'manage', subject: 'my-subject'})
-      expect(RoleUtils.roleToAbility({ subject: 'MY-SUBJECT', action: 'REFERENCE' })).toEqual({ action: undefined, subject: 'my-subject'})
+      expect(RoleUtils.roleToAbility({ subject: 'MY-SUBJECT', action: 'REFERENCE' })).toEqual(null)
+      expect(RoleUtils.roleToAbility({ subject: 'MY-SUBJECT', action: 'CORE' })).toEqual(null)
   })
 })