Allow self identified and system user in action controller (#1158)

cammiida · web-flow · commit 2e0df54080fc · 2025-03-04T11:56:19.000+01:00
* allows system and selfidentified users to use user actions

* changes double equals to is
diff --git a/src/Altinn.App.Api/Controllers/ActionsController.cs b/src/Altinn.App.Api/Controllers/ActionsController.cs
@@ -80,7 +80,7 @@ public async Task<ActionResult<UserActionResponse>> Perform(
     )
     {
         string? action = actionRequest.Action;
-        if (action == null)
+        if (action is null)
         {
             return new BadRequestObjectResult(
                 new ProblemDetails()
@@ -94,7 +94,7 @@ public async Task<ActionResult<UserActionResponse>> Perform(
         }
 
         Instance instance = await _instanceClient.GetInstance(app, org, instanceOwnerPartyId, instanceGuid);
-        if (instance?.Process == null)
+        if (instance?.Process is null)
         {
             return Conflict($"Process is not started.");
         }
@@ -105,8 +105,16 @@ public async Task<ActionResult<UserActionResponse>> Perform(
         }
 
         var currentAuth = _authenticationContext.Current;
-        if (currentAuth is not Authenticated.User user)
-            return Unauthorized();
+
+        switch (currentAuth)
+        {
+            case Authenticated.User:
+            case Authenticated.SystemUser:
+            case Authenticated.SelfIdentifiedUser:
+                break;
+            default:
+                return Unauthorized();
+        }
 
         bool authorized = await _authorization.AuthorizeAction(
             new AppIdentifier(org, app),
@@ -124,14 +132,14 @@ public async Task<ActionResult<UserActionResponse>> Perform(
 
         UserActionContext userActionContext = new(
             dataMutator,
-            user.UserId,
+            null, // let userId be derived from currentAuth
             actionRequest.ButtonId,
             actionRequest.Metadata,
             language,
             currentAuth
         );
         IUserAction? actionHandler = _userActionService.GetActionHandler(action);
-        if (actionHandler == null)
+        if (actionHandler is null)
         {
             return new NotFoundObjectResult(
                 new UserActionResponse()
@@ -148,7 +156,7 @@ public async Task<ActionResult<UserActionResponse>> Perform(
 
         UserActionResult result = await actionHandler.HandleAction(userActionContext);
 
-        if (result.ResultType == ResultType.Failure)
+        if (result.ResultType is ResultType.Failure)
         {
             return StatusCode(
                 statusCode: result.ErrorType switch
diff --git a/src/Altinn.App.Core/Features/Action/UniqueSignatureAuthorizer.cs b/src/Altinn.App.Core/Features/Action/UniqueSignatureAuthorizer.cs
@@ -85,7 +85,7 @@ public async Task<bool> AuthorizeAction(UserActionAuthorizerContext context)
                     Authenticated.User a => a.UserId.ToString(CultureInfo.InvariantCulture) == signee?.UserId,
                     Authenticated.SelfIdentifiedUser a => a.UserId.ToString(CultureInfo.InvariantCulture)
                         == signee?.UserId,
-                    Authenticated.SystemUser a => a.SystemUserId[0].ToString() == signee?.UserId, // TODO: wait for systemuserid
+                    Authenticated.SystemUser a => a.SystemUserId[0] == signee?.SystemUserId,
                     _ => false,
                 };
                 if (unauthorized)
