Skip to content

Fixes issue where HealthConditionsForm fields are not accessible to u…#13910

Merged
roldy merged 3 commits into
developmentfrom
bugfix-13704-pre-existing-conditions-visibility-roles
Apr 22, 2026
Merged

Fixes issue where HealthConditionsForm fields are not accessible to u…#13910
roldy merged 3 commits into
developmentfrom
bugfix-13704-pre-existing-conditions-visibility-roles

Conversation

@roldy
Copy link
Copy Markdown
Contributor

@roldy roldy commented Apr 16, 2026
edited by coderabbitai Bot
Loading

…sers with the correct rights & roles

Fixes #13704

Summary by CodeRabbit

  • New Features

    • Added test coverage verifying pseudonymization of sensitive health data based on user permissions.

  • Bug Fixes & Improvements

    • Health condition fields and side panels (surveys, self-reports) now respect both feature flags and explicit view permissions.
    • Form behavior updated when jurisdiction is hidden: responsible region/district are no longer required.

  • Tests

    • New JUnit test validating visibility of "other conditions" with and without sensitive-data rights.

@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Apr 16, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1ad06bb5-ccb2-4a16-8a50-eb06856391f7

📥 Commits

Reviewing files that changed from the base of the PR and between 23ff182 and fbf98d7.

📒 Files selected for processing (2)
  • sormas-ui/src/main/java/de/symeda/sormas/ui/caze/CaseDataForm.java
  • sormas-ui/src/main/java/de/symeda/sormas/ui/contact/ContactDataView.java
📝 Walkthrough

Walkthrough

Refactors field access for health-condition fields by introducing pseudonymization and jurisdiction flags in forms, replaces UiFieldAccessCheckers with FieldAccessHelper-based access checking, gates survey/self-report UI behind user rights, removes inline OTHER_CONDITIONS permission toggles, and adds a backend test for pseudonymization behavior.

Changes

Cohort / File(s) Summary
Backend Test
sormas-backend/.../CaseFacadeEjbPseudonymizationTest.java		 Added testOtherConditionsHiddenWithoutSensitiveDataRight() asserting health conditions are pseudonymized for users without SEE_PERSONAL_DATA_IN_JURISDICTION and visible to national admin.
Form access wiring
sormas-ui/src/main/java/de/symeda/sormas/ui/caze/CaseDataForm.java, sormas-ui/src/main/java/de/symeda/sormas/ui/contact/ContactDataForm.java		 Added isPseudonymized and inJurisdiction fields; switched construction of HealthConditionsForm and form access checkers to FieldAccessHelper.getFieldAccessCheckers(inJurisdiction, isPseudonymized) (removed UiFieldAccessCheckers usage).
Case creation UI
sormas-ui/src/main/java/de/symeda/sormas/ui/caze/CaseCreateForm.java		 When hiding jurisdiction section and filling defaults, responsibleRegionCombo and responsibleDistrictCombo are also set to not required (setRequired(false)).
Side-panel / feature gating
sormas-ui/src/main/java/de/symeda/sormas/ui/caze/CaseDataView.java, sormas-ui/src/main/java/de/symeda/sormas/ui/caze/CaseFilterForm.java, sormas-ui/src/main/java/de/symeda/sormas/ui/contact/ContactDataView.java		 Survey and self-report side-panel/components now require both feature flag and specific user right (SURVEY_VIEW, SELF_REPORT_VIEW) before being added; minor formatting/conditional refactoring.
Permission cleanup in form
sormas-ui/src/main/java/de/symeda/sormas/ui/clinicalcourse/HealthConditionsForm.java		 Removed inline permission-based enabling/editability code for OTHER_CONDITIONS (deleted checks that toggled readOnly/enabled and cleared input prompt); related imports removed.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

Suggested reviewers

  • obinna-h-n
  • raulbob
  • KarnaiahPesula

Poem

🐇
I hop through code with nimble paws,
Hiding bits with careful laws.
When rights are few I tuck them tight,
When admins view, they glow in light.
Hooray — pseudonymized and right! 🎉

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check ❓ Inconclusive The title is truncated and incomplete, cutting off mid-word at 'u…', making it unclear what the main issue is about. Complete the title to clearly convey the full issue, e.g., 'Fix HealthConditionsForm field accessibility for users with correct rights and roles'.
✅ Passed checks (3 passed)
Check name Status Explanation
Description check ✅ Passed The PR description properly references the issue number #13704 as required by the template, providing sufficient context about the fix.
Linked Issues check ✅ Passed Code changes comprehensively address issue #13704 by implementing proper access control for the HealthConditionsForm fields based on user rights and pseudonymization status.
Out of Scope Changes check ✅ Passed All changes are directly related to fixing the accessibility of HealthConditionsForm fields and related access control, with no unrelated modifications detected.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch bugfix-13704-pre-existing-conditions-visibility-roles

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@roldy roldy merged commit 230943b into development Apr 22, 2026
4 of 5 checks passed
@roldy roldy deleted the bugfix-13704-pre-existing-conditions-visibility-roles branch April 22, 2026 12:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@raulbob raulbob raulbob approved these changes

@obinna-h-n obinna-h-n Awaiting requested review from obinna-h-n

@KarnaiahPesula KarnaiahPesula Awaiting requested review from KarnaiahPesula

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Pre-Existing conditions free text field is marked confidential - Case Form - Influenza

2 participants

@roldy @raulbob