Skip to content

Commit bb08ab1

Browse files
committed
Ensure safeguarding flags before Profile student calls
1 parent ec60963 commit bb08ab1

30 files changed

Lines changed: 215 additions & 66 deletions

app/controllers/api/school_members_controller.rb

Lines changed: 0 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,6 @@ class SchoolMembersController < ApiController
66
load_and_authorize_resource :school
77
authorize_resource :school_member, class: false
88

9-
before_action :create_safeguarding_flags
10-
119
def index
1210
result = SchoolMember::List.call(school: @school, token: current_user.token)
1311

@@ -18,34 +16,5 @@ def index
1816
render json: { error: result[:error] }, status: :unprocessable_content
1917
end
2018
end
21-
22-
private
23-
24-
def create_safeguarding_flags
25-
create_teacher_safeguarding_flag
26-
create_owner_safeguarding_flag
27-
end
28-
29-
def create_teacher_safeguarding_flag
30-
return unless current_user.school_teacher?(@school)
31-
32-
ProfileApiClient.create_safeguarding_flag(
33-
token: current_user.token,
34-
flag: ProfileApiClient::SAFEGUARDING_FLAGS[:teacher],
35-
email: current_user.email,
36-
school_id: @school.id
37-
)
38-
end
39-
40-
def create_owner_safeguarding_flag
41-
return unless current_user.school_owner?(@school)
42-
43-
ProfileApiClient.create_safeguarding_flag(
44-
token: current_user.token,
45-
flag: ProfileApiClient::SAFEGUARDING_FLAGS[:owner],
46-
email: current_user.email,
47-
school_id: @school.id
48-
)
49-
end
5019
end
5120
end

app/controllers/api/school_students_controller.rb

Lines changed: 0 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,6 @@ class SchoolStudentsController < ApiController
1010
load_and_authorize_resource :school
1111
authorize_resource :school_student, class: false
1212

13-
before_action :create_safeguarding_flags
14-
1513
def index
1614
result = SchoolStudent::List.call(school: @school, token: current_user.token)
1715

@@ -183,32 +181,5 @@ def school_students_params
183181
def student_ids_params
184182
params.fetch(:student_ids, [])
185183
end
186-
187-
def create_safeguarding_flags
188-
create_teacher_safeguarding_flag
189-
create_owner_safeguarding_flag
190-
end
191-
192-
def create_teacher_safeguarding_flag
193-
return unless current_user.school_teacher?(@school)
194-
195-
ProfileApiClient.create_safeguarding_flag(
196-
token: current_user.token,
197-
flag: ProfileApiClient::SAFEGUARDING_FLAGS[:teacher],
198-
email: current_user.email,
199-
school_id: @school.id
200-
)
201-
end
202-
203-
def create_owner_safeguarding_flag
204-
return unless current_user.school_owner?(@school)
205-
206-
ProfileApiClient.create_safeguarding_flag(
207-
token: current_user.token,
208-
flag: ProfileApiClient::SAFEGUARDING_FLAGS[:owner],
209-
email: current_user.email,
210-
school_id: @school.id
211-
)
212-
end
213184
end
214185
end

app/jobs/create_students_job.rb

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,9 @@ def self.attempt_perform_later(school_id:, students:, token:)
3131
end
3232

3333
def perform(school_id:, students:, token:)
34+
school = School.find(school_id)
3435
decrypted_students = StudentHelpers.decrypt_students(students)
36+
SafeguardingFlagService.create_for_token(token:, school:)
3537
responses = ProfileApiClient.create_school_students(token:, students: decrypted_students, school_id:)
3638
return if responses[:created].blank?
3739

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
# frozen_string_literal: true
2+
3+
class SafeguardingFlagService
4+
class << self
5+
def create_for_school_roles(user:, school:)
6+
return if user.blank? || school.blank?
7+
8+
roles = []
9+
roles << :teacher if user.school_teacher?(school)
10+
roles << :owner if user.school_owner?(school)
11+
12+
create_for_roles(token: user.token, email: user.email, school:, roles:)
13+
end
14+
15+
def create_for_token(token:, school:)
16+
return if token.blank? || school.blank?
17+
18+
create_for_school_roles(user: User.from_token(token:), school:)
19+
end
20+
21+
def create_for_roles(token:, email:, school:, roles:)
22+
return if token.blank? || email.blank? || school.blank?
23+
24+
Array(roles).each do |role|
25+
flag = ProfileApiClient::SAFEGUARDING_FLAGS[role.to_sym]
26+
next if flag.blank?
27+
28+
ProfileApiClient.create_safeguarding_flag(
29+
token:,
30+
flag:,
31+
email:,
32+
school_id: school.id
33+
)
34+
end
35+
end
36+
end
37+
end

app/services/student_removal_service.rb

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,10 @@ def remove_students
3434
student_roles.destroy_all
3535

3636
# Remove from profile if requested - inside transaction so it can be rolled back
37-
ProfileApiClient.delete_school_student(token: @token, school_id: @school.id, student_id: user_id) if @remove_from_profile && @token.present?
37+
if @remove_from_profile && @token.present?
38+
SafeguardingFlagService.create_for_token(token: @token, school: @school)
39+
ProfileApiClient.delete_school_student(token: @token, school_id: @school.id, student_id: user_id)
40+
end
3841
end
3942
rescue StandardError => e
4043
result[:error] = "#{e.class}: #{e.message}"

lib/concepts/school_student/create.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@ def create_student(school, school_student_params, token)
2828
name:
2929
)
3030

31+
SafeguardingFlagService.create_for_token(token:, school:)
3132
response = ProfileApiClient.create_school_student(token:, username:, password:, name:, school_id:)
3233
user_id = response[:created].first
3334
Role.student.create!(school:, user_id:)

lib/concepts/school_student/create_batch_sso.rb

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ class << self
1515
def call(school:, school_students_params:, current_user:)
1616
response = OperationResponse.new
1717
response[:school_students] = []
18-
response[:school_students] = create_batch_sso(school, school_students_params, current_user.token)
18+
response[:school_students] = create_batch_sso(school, school_students_params, current_user)
1919
response
2020
rescue ValidationError => e
2121
response[:error] = "Error creating one or more students - see 'errors' key for details"
@@ -31,8 +31,10 @@ def call(school:, school_students_params:, current_user:)
3131

3232
private
3333

34-
def create_batch_sso(school, students, token)
34+
def create_batch_sso(school, students, current_user)
3535
students = normalize_student_params(students)
36+
token = current_user.token
37+
SafeguardingFlagService.create_for_school_roles(user: current_user, school:)
3638
responses = ProfileApiClient.create_school_students_sso(token:, students:, school_id: school.id)
3739

3840
create_student_roles(school, responses)

lib/concepts/school_student/delete.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ def call(school:, student_id:, token:)
1616
private
1717

1818
def delete_student(school, student_id, token)
19+
SafeguardingFlagService.create_for_token(token:, school:)
1920
ProfileApiClient.delete_school_student(token:, student_id:, school_id: school.id)
2021
end
2122
end

lib/concepts/school_student/list.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ def list_students(school, token, student_ids)
1919
student_ids ||= Role.student.where(school:).map(&:user_id)
2020
return [] if student_ids.empty?
2121

22+
SafeguardingFlagService.create_for_token(token:, school:)
2223
students = ProfileApiClient.list_school_students(token:, school_id: school.id, student_ids:)
2324
students.map do |student|
2425
User.new(student.to_h.slice(:id, :username, :name, :email).merge(sso_providers: student.ssoProviders))

lib/concepts/school_student/update.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ def update_student(school, student_id, school_student_params, token)
3939
validate(username:, password:, name:)
4040

4141
# Prevent updating SSO students (students with ssoProviders present)
42+
SafeguardingFlagService.create_for_token(token:, school:)
4243
student = ProfileApiClient.school_student(
4344
token: token,
4445
school_id: school.id,

0 commit comments

Comments
 (0)