diff --git a/client/src/__tests__/utils/UserRole.test.js b/client/src/__tests__/utils/UserRole.test.js
index 1c6db91e..4ef095d3 100644
--- a/client/src/__tests__/utils/UserRole.test.js
+++ b/client/src/__tests__/utils/UserRole.test.js
@@ -3,6 +3,7 @@ import {
allowedAuthoritiesForInvitation,
allowedToDeleteInvitation,
allowedToEditRole,
+ highestAuthority,
allowedToRenewUserRole,
AUTHORITIES,
isUserAllowed
@@ -91,4 +92,11 @@ test("Allowed to edit", () => {
userRoles: [{authority: AUTHORITIES.INVITER, role: role}]
}
expect(allowedToEditRole(user, role)).toBeFalsy();
-})
+});
+
+test("Highest authority", () => {
+ const user = {
+ institutionAdmin: true,
+ }
+ expect(highestAuthority(user, false)).toEqual(AUTHORITIES.INSTITUTION_ADMIN);
+});
diff --git a/client/src/components/User.js b/client/src/components/User.js
index ea47bffb..f22b6baa 100644
--- a/client/src/components/User.js
+++ b/client/src/components/User.js
@@ -113,7 +113,7 @@ export const User = ({user, other, config}) => {
{attributes.map((attr, index) => attribute(index, attr[0], attr[1]))}
{I18n.t("users.roles")}
- {highestAuthority(user) === AUTHORITIES.GUEST &&
+ {highestAuthority(user, false) === AUTHORITIES.GUEST &&
}
{(!hasRoles && user.superUser) &&
diff --git a/client/src/tabs/Users.js b/client/src/tabs/Users.js
index 2161826c..453c7150 100644
--- a/client/src/tabs/Users.js
+++ b/client/src/tabs/Users.js
@@ -61,7 +61,7 @@ export const Users = () => {
searchUsers(query)
.then(results => {
setInitial(false);
- results.forEach(user => user.highestAuthority = highestAuthority(user));
+ results.forEach(user => user.highestAuthority = highestAuthority(user, false));
setUsers(results);
setMoreToShow(results.length === 15 && query !== "owl");
setNoResults(results.length === 0);
diff --git a/client/src/utils/UserRole.js b/client/src/utils/UserRole.js
index b6d5e429..c414d406 100644
--- a/client/src/utils/UserRole.js
+++ b/client/src/utils/UserRole.js
@@ -24,11 +24,11 @@ const AUTHORITIES_HIERARCHY = {
[AUTHORITIES.GUEST]: 5
}
-export const highestAuthority = user => {
+export const highestAuthority = (user, forceApplications = true) => {
if (user.superUser) {
return AUTHORITIES.SUPER_USER;
}
- if (user.institutionAdmin && !isEmpty(user.applications)) {
+ if (user.institutionAdmin && (!isEmpty(user.applications) || !forceApplications)) {
return AUTHORITIES.INSTITUTION_ADMIN;
}
return (user.userRoles || []).reduce((acc, u) => {
diff --git a/server/src/main/java/access/model/User.java b/server/src/main/java/access/model/User.java
index 0cce73cf..4b5955aa 100644
--- a/server/src/main/java/access/model/User.java
+++ b/server/src/main/java/access/model/User.java
@@ -100,6 +100,10 @@ public User(boolean superUser, Map attributes) {
this.createdAt = Instant.now();
this.lastActivity = this.createdAt;
+ this.nameInvariant(attributes);
+ }
+
+ private void nameInvariant(Map attributes) {
String name = (String) attributes.get("name");
String preferredUsername = (String) attributes.get("preferred_username");
if (StringUtils.hasText(name)) {
@@ -181,6 +185,8 @@ public void updateAttributes(Map attributes) {
this.familyName = (String) attributes.get("family_name");
this.email = (String) attributes.get("email");
this.lastActivity = Instant.now();
+
+ this.nameInvariant(attributes);
this.updateRemoteAttributes(attributes);
}
diff --git a/server/src/test/java/access/model/UserTest.java b/server/src/test/java/access/model/UserTest.java
index f8cb302a..dda8376d 100644
--- a/server/src/test/java/access/model/UserTest.java
+++ b/server/src/test/java/access/model/UserTest.java
@@ -11,9 +11,13 @@ class UserTest {
@Test
void fromAttributes() {
- User user = new User(false, Map.of(
+ Map attributes = Map.of(
"email", "john.doe@example.com"
- ));
+ );
+ User user = new User(false, attributes);
+ assertEquals("John Doe", user.getName());
+
+ user.updateAttributes(attributes);
assertEquals("John Doe", user.getName());
user = new User(false, Map.of(