From 6ada332ee9f472e6e781c5a764a29e8c016b68da Mon Sep 17 00:00:00 2001 From: Rajandeep Date: Thu, 22 Jan 2026 08:34:04 -0800 Subject: [PATCH 1/5] 30660 - Validate Auto Detect Completing Party --- legal-api/src/legal_api/services/bootstrap.py | 58 +++++++++++-------- 1 file changed, 35 insertions(+), 23 deletions(-) diff --git a/legal-api/src/legal_api/services/bootstrap.py b/legal-api/src/legal_api/services/bootstrap.py index 21363eb4ef..d4c820c685 100644 --- a/legal-api/src/legal_api/services/bootstrap.py +++ b/legal-api/src/legal_api/services/bootstrap.py @@ -344,8 +344,8 @@ def get_contacts(cls, config, org_id: str, user_token: Optional[str] = None): else: token = cls.get_bearer_token() - membership_response = requests.get( - url=f"{auth_url}/users/orgs/{org_id}/membership", + user_response = requests.get( + url=f"{auth_url}/users/@me", headers={**cls.CONTENT_TYPE_JSON, "Authorization": cls.BEARER + token}, timeout=cls.timeout @@ -358,37 +358,49 @@ def get_contacts(cls, config, org_id: str, user_token: Optional[str] = None): timeout=cls.timeout ) - if membership_response.status_code != HTTPStatus.OK or org_info_response.status_code != HTTPStatus.OK: + if user_response.status_code != HTTPStatus.OK or org_info_response.status_code != HTTPStatus.OK: return None try: - membership_data = membership_response.json() + user_data = user_response.json() org_info = org_info_response.json() - user_info = membership_data.get("user", {}) - first_name = user_info.get("firstname", "") - last_name = user_info.get("lastname", "") - - user_contacts = user_info.get("contacts", []) - user_contact = user_contacts[0] if user_contacts else {} - email = user_contact.get("email", "") - phone = user_contact.get("phone", "") - - org_contacts = org_info.get("contacts", []) - org_contact = org_contacts[0] if org_contacts else {} - + first_name = user_data.get("firstname", "") + last_name = user_data.get("lastname", "") + + user_contacts = user_data.get("contacts", []) + email = "" + if user_contacts and len(user_contacts) > 0 and user_contacts[0].get("email"): + # BCSC + email = user_contacts[0].get("email", "") + elif user_data.get("email"): + # IDIR + email = user_data.get("email", "") + + phone = "" + if user_contacts and len(user_contacts) > 0 and user_contacts[0].get("phone"): + # BCSC + phone = user_contacts[0].get("phone", "") + elif user_data.get("phone"): + # IDIR + phone = user_data.get("phone", "") + + mailing_address = org_info.get("mailingAddress", {}) + if not mailing_address: + current_app.logger.warning(f"No mailing address found for org {org_id}") + mailing_address = {} contact = { - "street": org_contact.get("street", ""), - "city": org_contact.get("city", ""), - "region": org_contact.get("region", ""), - "country": org_contact.get("country", ""), - "postalCode": org_contact.get("postalCode", ""), + "street": mailing_address.get("street", ""), + "city": mailing_address.get("city", ""), + "region": mailing_address.get("region", ""), + "country": mailing_address.get("country", ""), + "postalCode": mailing_address.get("postalCode", ""), "firstName": first_name, "lastName": last_name, "email": email, "phone": phone, - "streetAdditional": org_contact.get("streetAdditional", ""), - "delieveryInstructions": org_contact.get("deliveryInstructions", "") + "streetAdditional": mailing_address.get("streetAdditional", ""), + "delieveryInstructions": mailing_address.get("deliveryInstructions", "") } return {"contacts": [contact]} except Exception as e: From 632d00211e2984d3ab6970be43866b19965354be Mon Sep 17 00:00:00 2001 From: Rajandeep Date: Thu, 22 Jan 2026 13:41:29 -0800 Subject: [PATCH 2/5] updated for system compliance --- .../filings/validations/common_validations.py | 27 ++++++++++--------- .../src/legal_api/services/permissions.py | 10 +++++-- 2 files changed, 22 insertions(+), 15 deletions(-) diff --git a/legal-api/src/legal_api/services/filings/validations/common_validations.py b/legal-api/src/legal_api/services/filings/validations/common_validations.py index cf8b58bf30..7e1205079b 100644 --- a/legal-api/src/legal_api/services/filings/validations/common_validations.py +++ b/legal-api/src/legal_api/services/filings/validations/common_validations.py @@ -1150,20 +1150,21 @@ def validate_permission_and_completing_party(business: Optional[Business], filin account_id = request.headers.get("account-id", request.headers.get("accountId", None)) if account_id and completing_party_exists and filing_json.get("filing", {}).get(filing_type, {}).get("parties"): - completing_party_result = validate_completing_party(filing_json, filing_type, account_id) - if completing_party_result.get("error"): - msg.extend(completing_party_result["error"]) + permission_error = check_completing_party_permission(msg, filing_type) - # Check if any relevant fields changed - should_check_permission = ( - (check_email and completing_party_result.get("email_changed")) or - (check_name and completing_party_result.get("name_changed")) or - (check_address and completing_party_result.get("address_changed")) - ) - if should_check_permission: - error = check_completing_party_permission(msg, filing_type) - if error: - return error + if permission_error: + completing_party_result = validate_completing_party(filing_json, filing_type, account_id) + if completing_party_result.get("error"): + msg.extend(completing_party_result["error"]) + + # Check if any relevant fields changed + should_check_permission = ( + (check_email and completing_party_result.get("email_changed")) or + (check_name and completing_party_result.get("name_changed")) or + (check_address and completing_party_result.get("address_changed")) + ) + if should_check_permission and permission_error: + return permission_error if check_document_email: return check_document_email_changes(filing_json, filing_type, account_id, msg) diff --git a/legal-api/src/legal_api/services/permissions.py b/legal-api/src/legal_api/services/permissions.py index b391fd10a5..713a1145ea 100644 --- a/legal-api/src/legal_api/services/permissions.py +++ b/legal-api/src/legal_api/services/permissions.py @@ -117,20 +117,26 @@ def get_authorized_permissions_for_user(): def get_authorized_user_role(token_info: Optional[dict] = None) -> str: """Return the first matching authorized role from the JWT, based on priority.""" role_priority = [ + authz.SYSTEM_ROLE, + authz.COLIN_SVC_ROLE, authz.STAFF_ROLE, authz.SBC_STAFF_ROLE, authz.CONTACT_CENTRE_STAFF_ROLE, authz.MAXIMUS_STAFF_ROLE, - authz.PUBLIC_USER, + authz.PUBLIC_USER ] if token_info is None: token_info = getattr(g, "jwt_oidc_token_info", {}) or {} - roles_in_token = token_info.get("realm_access", {}).get("roles", []) + + if authz.SYSTEM_ROLE in roles_in_token or authz.COLIN_SVC_ROLE in roles_in_token: + return authz.STAFF_ROLE + for role in role_priority: if role in roles_in_token: return role + return None @staticmethod From d904c21720bde5cd55478fcdbe89112d1297bbac Mon Sep 17 00:00:00 2001 From: Rajandeep Date: Thu, 22 Jan 2026 13:45:57 -0800 Subject: [PATCH 3/5] typo --- legal-api/src/legal_api/services/bootstrap.py | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/legal-api/src/legal_api/services/bootstrap.py b/legal-api/src/legal_api/services/bootstrap.py index d4c820c685..7720cddb8d 100644 --- a/legal-api/src/legal_api/services/bootstrap.py +++ b/legal-api/src/legal_api/services/bootstrap.py @@ -377,14 +377,6 @@ def get_contacts(cls, config, org_id: str, user_token: Optional[str] = None): # IDIR email = user_data.get("email", "") - phone = "" - if user_contacts and len(user_contacts) > 0 and user_contacts[0].get("phone"): - # BCSC - phone = user_contacts[0].get("phone", "") - elif user_data.get("phone"): - # IDIR - phone = user_data.get("phone", "") - mailing_address = org_info.get("mailingAddress", {}) if not mailing_address: current_app.logger.warning(f"No mailing address found for org {org_id}") @@ -398,9 +390,8 @@ def get_contacts(cls, config, org_id: str, user_token: Optional[str] = None): "firstName": first_name, "lastName": last_name, "email": email, - "phone": phone, "streetAdditional": mailing_address.get("streetAdditional", ""), - "delieveryInstructions": mailing_address.get("deliveryInstructions", "") + "deliveryInstructions": mailing_address.get("deliveryInstructions", "") } return {"contacts": [contact]} except Exception as e: From 147b4a08197c7a0fe0bb7b2915ddd292f5162e2e Mon Sep 17 00:00:00 2001 From: Rajandeep Date: Mon, 26 Jan 2026 15:27:02 -0800 Subject: [PATCH 4/5] updated --- legal-api/src/legal_api/services/permissions.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/legal-api/src/legal_api/services/permissions.py b/legal-api/src/legal_api/services/permissions.py index 767354062b..a712b1efb3 100644 --- a/legal-api/src/legal_api/services/permissions.py +++ b/legal-api/src/legal_api/services/permissions.py @@ -117,15 +117,15 @@ def get_authorized_permissions_for_user(): def get_authorized_user_role(token_info: Optional[dict] = None) -> str: """Return the first matching authorized role from the JWT, based on priority.""" role_priority = [ + authz.STAFF_ROLE, authz.SYSTEM_ROLE, authz.COLIN_SVC_ROLE, - authz.STAFF_ROLE, authz.SYSTEM_ROLE, authz.COLIN_SVC_ROLE, authz.SBC_STAFF_ROLE, authz.CONTACT_CENTRE_STAFF_ROLE, authz.MAXIMUS_STAFF_ROLE, - authz.PUBLIC_USER + authz.PUBLIC_USER, ] if token_info is None: @@ -138,7 +138,6 @@ def get_authorized_user_role(token_info: Optional[dict] = None) -> str: for role in role_priority: if role in roles_in_token: return role - return None @staticmethod From 9a43b7e3324c50cd8b3d4c816659a6760d1630c6 Mon Sep 17 00:00:00 2001 From: Rajandeep Date: Mon, 26 Jan 2026 15:27:35 -0800 Subject: [PATCH 5/5] updated --- legal-api/src/legal_api/services/permissions.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/legal-api/src/legal_api/services/permissions.py b/legal-api/src/legal_api/services/permissions.py index a712b1efb3..f1a5c1a9a1 100644 --- a/legal-api/src/legal_api/services/permissions.py +++ b/legal-api/src/legal_api/services/permissions.py @@ -120,8 +120,6 @@ def get_authorized_user_role(token_info: Optional[dict] = None) -> str: authz.STAFF_ROLE, authz.SYSTEM_ROLE, authz.COLIN_SVC_ROLE, - authz.SYSTEM_ROLE, - authz.COLIN_SVC_ROLE, authz.SBC_STAFF_ROLE, authz.CONTACT_CENTRE_STAFF_ROLE, authz.MAXIMUS_STAFF_ROLE,