Revert "PI-2883 Restrict contact search to trial users (#293)"

This reverts commit d37a1e1.
ministryofjustice · Mar 11, 2025 · 0451feb · 0451feb
1 parent e7031fe
commit 0451feb
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 42 deletions.
diff --git a/server/middleware/authorisationMiddleware.test.ts b/server/middleware/authorisationMiddleware.test.ts
@@ -3,9 +3,8 @@ import type { Request, Response } from 'express'
 
 import authorisationMiddleware from './authorisationMiddleware'
 
-function createToken(authorities: string[], sub: string = 'USER1') {
+function createToken(authorities: string[]) {
   const payload = {
-    sub,
     user_name: 'USER1',
     scope: ['read', 'write'],
     auth_source: 'nomis',
@@ -18,16 +17,14 @@ function createToken(authorities: string[], sub: string = 'USER1') {
 }
 
 describe('authorisationMiddleware', () => {
-  let req: Request = {
-    path: '/index',
-  } as unknown as jest.Mocked<Request>
+  let req: Request
   const next = jest.fn()
 
-  function createResWithToken({ authorities, sub = 'USER1' }: { authorities: string[]; sub?: string }): Response {
+  function createResWithToken({ authorities }: { authorities: string[] }): Response {
     return {
       locals: {
         user: {
-          token: createToken(authorities, sub),
+          token: createToken(authorities),
         },
       },
       redirect: jest.fn(),
@@ -64,28 +61,4 @@ describe('authorisationMiddleware', () => {
     expect(next).toHaveBeenCalled()
     expect(res.redirect).not.toHaveBeenCalled()
   })
-
-  it('should redirect when trying to access contact search', async () => {
-    const res = createResWithToken({ authorities: ['SOME_REQUIRED_ROLE'], sub: 'OTHER_USER' })
-    req = {
-      path: '/contacts/something',
-    } as unknown as jest.Mocked<Request>
-
-    await authorisationMiddleware(['SOME_REQUIRED_ROLE'])(req, res, next)
-
-    expect(next).not.toHaveBeenCalled()
-    expect(res.redirect).toHaveBeenCalled()
-  })
-
-  it('should return next when trying to access contact search as authorised username', async () => {
-    const res = createResWithToken({ authorities: ['SOME_REQUIRED_ROLE'], sub: 'MARCUSASPIN' })
-    req = {
-      path: '/contacts/something',
-    } as unknown as jest.Mocked<Request>
-
-    await authorisationMiddleware(['SOME_REQUIRED_ROLE'])(req, res, next)
-
-    expect(next).toHaveBeenCalled()
-    expect(res.redirect).not.toHaveBeenCalled()
-  })
 })
diff --git a/server/middleware/authorisationMiddleware.ts b/server/middleware/authorisationMiddleware.ts
@@ -4,26 +4,16 @@ import type { RequestHandler } from 'express'
 import logger from '../../logger'
 import asyncMiddleware from './asyncMiddleware'
 
-const authorisedContactSearchUsers = ['ZOEWALKERNPS', 'JOEPRINOLD1HMPPS', 'MARCUSASPIN', 'AOJ19Y', 'ANDREWLOGANMOJ']
-
 export default function authorisationMiddleware(authorisedRoles: string[] = []): RequestHandler {
   return asyncMiddleware((req, res, next) => {
     if (res.locals?.user?.token) {
-      const { authorities: roles = [], sub } = jwtDecode(res.locals.user.token) as {
-        authorities?: string[]
-        sub?: string
-      }
+      const { authorities: roles = [] } = jwtDecode(res.locals.user.token) as { authorities?: string[] }
 
       if (authorisedRoles.length && !roles.some(role => authorisedRoles.includes(role))) {
         logger.error('User is not authorised to access this')
         return res.redirect('/authError')
       }
 
-      if (req.path.includes('/contacts/') && sub && !authorisedContactSearchUsers.includes(sub.toUpperCase())) {
-        logger.error(`User '${sub}' is not authorised to access contact search`)
-        return res.redirect('/authError')
-      }
-
       return next()
     }