From 2bef72f833e1173fd008043ecae60a8c225d0d5a Mon Sep 17 00:00:00 2001
From: Okke Harsta <oharsta@zilverline.com>
Date: Fri, 23 Aug 2024 16:24:25 +0200
Subject: [PATCH] Fixes #286

---
 .../java/access/profile/ProfileController.java   |  2 +-
 .../access/profile/ProfileControllerTest.java    | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/server/src/main/java/access/profile/ProfileController.java b/server/src/main/java/access/profile/ProfileController.java
index c533a38e..228de082 100644
--- a/server/src/main/java/access/profile/ProfileController.java
+++ b/server/src/main/java/access/profile/ProfileController.java
@@ -48,7 +48,7 @@ public ResponseEntity<List<UserRoleProfile>> roles(@RequestParam("collabPersonId
         Optional<User> optionalUser = userRepository.findBySubIgnoreCase(collabPersonId);
         Set<UserRole> userRoles = optionalUser.map(User::getUserRoles).orElse(Collections.emptySet());
         List<Role> roles = userRoles.stream()
-                .filter(userRole -> userRole.getAuthority().equals(Authority.GUEST))
+                .filter(userRole -> userRole.getAuthority().equals(Authority.GUEST) || userRole.isGuestRoleIncluded())
                 .map(UserRole::getRole).toList();
         return ResponseEntity.ok(
                 manage.addManageMetaData(roles).stream().
diff --git a/server/src/test/java/access/profile/ProfileControllerTest.java b/server/src/test/java/access/profile/ProfileControllerTest.java
index 4affb8e1..6a8b0612 100644
--- a/server/src/test/java/access/profile/ProfileControllerTest.java
+++ b/server/src/test/java/access/profile/ProfileControllerTest.java
@@ -45,6 +45,22 @@ void roles() {
     }
 
     @Test
+    void rolesGuestRoleIncluded() {
+        stubForManagerProvidersByIdIn(EntityType.SAML20_SP, List.of("1"));
+
+        List<UserRoleProfile> roles = given()
+                .when()
+                .auth().preemptive().basic("profile", "secret")
+                .accept(ContentType.JSON)
+                .contentType(ContentType.JSON)
+                .queryParam("collabPersonId", MANAGE_SUB)
+                .get("/api/profile")
+                .as(new TypeRef<>() {
+                });
+        assertEquals(1, roles.size());
+    }
+
+        @Test
     void rolesNotExistentUser() {
         List<UserRoleProfile> roles = given()
                 .when()