@ministryofjustice/hmpps-prison-permissions-lib 2.2.1 → 2.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +38 -5
- package/README.md +1 -0
- package/dist/index.cjs +688 -591
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts +13 -5
- package/dist/index.esm.js +688 -591
- package/dist/index.esm.js.map +1 -1
- package/dist/services/permissions/PermissionsLogger.d.ts +1 -0
- package/dist/services/permissions/PermissionsService.d.ts +7 -2
- package/dist/services/permissions/utils/PermissionUtils.d.ts +3 -1
- package/dist/testUtils/PrisonerPermissionsMock.d.ts +1 -5
- package/dist/types/internal/permissions/PermissionCheckStatus.d.ts +1 -0
- package/dist/types/internal/permissions/PrisonerPermissionsContext.d.ts +1 -0
- package/dist/types/public/permissions/domains/interventions/personInterventions/PersonInterventionsPermissions.d.ts +2 -1
- package/dist/types/public/permissions/domains/prisonerSpecific/prisonerIncentives/PrisonerIncentivesPermissions.d.ts +2 -2
- package/package.json +3 -3
- package/dist/contractTests/prisonerProfile/scenarios/domains/interventions/personInterventions/CSIPReadScenarios.d.ts +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,28 @@
|
|
|
2
2
|
|
|
3
3
|
Please use this to capture reasoning behind changes:
|
|
4
4
|
|
|
5
|
+
## 2.4.0
|
|
6
|
+
|
|
7
|
+
The Connect DPS team have been supporting a request to make duplicate prisoner records more visible to users.
|
|
8
|
+
The policy is that if a prisoner record is a duplicate of a record that a user has access to, then the user should
|
|
9
|
+
have read-only access to the duplicate record if they wouldn't otherwise have had access. This allows users to see if
|
|
10
|
+
there is any relevant information in the duplicate record that they may need to be aware of when working with the
|
|
11
|
+
prisoner.
|
|
12
|
+
|
|
13
|
+
This release introduces support for this policy in the permissions library. The client currently needs to supply
|
|
14
|
+
a list of prisoner search results for the duplicate prisoner records by placing them in
|
|
15
|
+
`req.middleware.duplicatePrisonerData`. Duplicate prison numbers are found by making a request to the
|
|
16
|
+
`hmpps-person-record` API. This is optional, if the client does not provide this data then the
|
|
17
|
+
library will continue to function as before but without any additional access to duplicate records.
|
|
18
|
+
|
|
19
|
+
When a required permission is upgraded by a duplicate record, this is logged for audit purposes.
|
|
20
|
+
|
|
21
|
+
## 2.3.0
|
|
22
|
+
|
|
23
|
+
Adding an extra option `readOnly` to the `PermissionsService` which defaults to `false`. When set to `true`, this
|
|
24
|
+
will only grant read permissions. This allows a service to configure itself as read-only if required. This was initially
|
|
25
|
+
required by the Prisoner Profile to display a read-only view of duplicate prisoner profiles.
|
|
26
|
+
|
|
5
27
|
## 2.2.1
|
|
6
28
|
|
|
7
29
|
Minor dependency update
|
|
@@ -13,20 +35,31 @@ Introduced permissions for the Prisoner Moves domain. The first couple of permis
|
|
|
13
35
|
follow the base checks and just require additional roles.
|
|
14
36
|
|
|
15
37
|
# 2.1.0
|
|
16
|
-
|
|
38
|
+
|
|
39
|
+
Adds the sensitive edits role to the edit_contacts permission so users can edit Next of Kin and Emergency contacts in
|
|
40
|
+
the prisoner profile without requiring Contacts Administrator or Authoriser roles.
|
|
17
41
|
|
|
18
42
|
# 2.0.1
|
|
19
|
-
|
|
43
|
+
|
|
44
|
+
Fixes incorrect usage of `previousPrisonId` and `previousPrisonLeavingDate` when checking contacts read permissions.
|
|
45
|
+
These are only used in the context of transfers, not releases. The correct ones now in use are `lastPrisonId` and
|
|
46
|
+
`releaseDate`.
|
|
20
47
|
|
|
21
48
|
# 2.0.0
|
|
22
|
-
|
|
49
|
+
|
|
50
|
+
Replaced contacts read permissions check with one that handles released prisoners differently. Checks for current
|
|
51
|
+
prisoners are unaffected.
|
|
23
52
|
|
|
24
53
|
To be permitted to read contacts for released prisoners:
|
|
25
|
-
|
|
54
|
+
|
|
55
|
+
- the user's roles must include `InactiveBookings` and one or both of the following:
|
|
56
|
+
`ContactsAdministrator, ContactsAuthoriser`
|
|
26
57
|
- the prisoner must have been released within the last 3 years (`PermissionCheckStatus.EXCEEDS_TIME_RESTRICTION`)
|
|
27
58
|
- the previous prison of the prisoner must match the user's caseload
|
|
28
59
|
|
|
29
|
-
These changes were requested by the contacts team after noticing the 'External Contacts' widget was not showing on the
|
|
60
|
+
These changes were requested by the contacts team after noticing the 'External Contacts' widget was not showing on the
|
|
61
|
+
prisoner profiles of released prisoners. This was due to a caseload mismatch, as the assigned caseload for released
|
|
62
|
+
prisoners is 'OUT'.
|
|
30
63
|
|
|
31
64
|
## 1.1.2
|
|
32
65
|
|
package/README.md
CHANGED
|
@@ -79,6 +79,7 @@ The permissions service should be created just like any other of your services.
|
|
|
79
79
|
* `logger`: Bunyan logger for logging permissions events. Defaults to using `console`.
|
|
80
80
|
* `telemetryClient`: Optional but recommended. Instead of just logging permissions events, this provides richer metadata
|
|
81
81
|
to Application Insights.
|
|
82
|
+
* `readOnly`: Optional boolean (defaults to false) which, if set to true, will only grant read permissions.
|
|
82
83
|
|
|
83
84
|
e.g.
|
|
84
85
|
|