TD-4460- action filter applied to verify centre specific self assessment

Auldrin-Possa · Auldrin-Possa · commit 19e62f7bc29c · 2024-08-09T17:32:50.000+01:00
diff --git a/DigitalLearningSolutions.Data/DataServices/SelfAssessmentDataService/CandidateAssessmentsDataService.cs b/DigitalLearningSolutions.Data/DataServices/SelfAssessmentDataService/CandidateAssessmentsDataService.cs
@@ -329,7 +329,8 @@ public IEnumerable<CandidateAssessment> GetCandidateAssessments(int delegateUser
                         DelegateUserID,
                         SelfAssessmentID,
                         CompletedDate,
-                        RemovedDate
+                        RemovedDate,
+                        CentreId
                     FROM CandidateAssessments
                     WHERE SelfAssessmentID = @selfAssessmentId
                         AND DelegateUserID = @delegateUserId",
diff --git a/DigitalLearningSolutions.Data/DataServices/SelfAssessmentDataService/SelfAssessmentDataService.cs b/DigitalLearningSolutions.Data/DataServices/SelfAssessmentDataService/SelfAssessmentDataService.cs
@@ -170,6 +170,7 @@ int GetSelfAssessmentActivityDelegatesExportCount(string searchString, string so
         IEnumerable<Accessor> GetAccessor(int selfAssessmentId, int delegateUserID);
         ActivitySummaryCompetencySelfAssesment? GetActivitySummaryCompetencySelfAssesment(int CandidateAssessmentSupervisorVerificationsId);
         bool IsUnsupervisedSelfAssessment(int selfAssessmentId);
+        bool IsCentreSelfAssessment(int selfAssessmentId, int centreId);
     }
 
     public partial class SelfAssessmentDataService : ISelfAssessmentDataService
@@ -719,5 +720,14 @@ public bool IsUnsupervisedSelfAssessment(int selfAssessmentId)
             );
             return ResultCount > 0;
         }
+
+        public bool IsCentreSelfAssessment(int selfAssessmentId, int centreId)
+        {
+            var ResultCount = connection.ExecuteScalar<int>(
+                @"SELECT count(*) FROM CentreSelfAssessments WHERE SelfAssessmentID = @selfAssessmentId and CentreID = @centreId",
+                new { selfAssessmentId, centreId }
+            );
+            return ResultCount > 0;
+        }
     }
 }
diff --git a/DigitalLearningSolutions.Data/Models/SelfAssessments/CandidateAssessment.cs b/DigitalLearningSolutions.Data/Models/SelfAssessments/CandidateAssessment.cs
@@ -13,5 +13,6 @@ public class CandidateAssessment
         public DateTime? CompletedDate { get; set; }
 
         public DateTime? RemovedDate { get; set; }
+        public int CentreId { get; set; }
     }
 }
diff --git a/DigitalLearningSolutions.Web.Tests/ServiceFilter/VerifyDelegateUserCanAccessSelfAssessmentTests.cs b/DigitalLearningSolutions.Web.Tests/ServiceFilter/VerifyDelegateUserCanAccessSelfAssessmentTests.cs
@@ -36,7 +36,7 @@ public void Returns_Redirect_to_access_denied_if_delegate_does_not_have_self_ass
         {
             // Given
             var context = GetDefaultContext();
-            A.CallTo(() => selfAssessmentService.CanDelegateAccessSelfAssessment(A<int>._, A<int>._)).Returns(false);
+            A.CallTo(() => selfAssessmentService.CanDelegateAccessSelfAssessment(A<int>._, A<int>._, A<int>._)).Returns(false);
 
             // When
             new VerifyDelegateUserCanAccessSelfAssessment(selfAssessmentService, logger).OnActionExecuting(context);
@@ -54,7 +54,7 @@ public void Does_not_return_access_denied_if_delegate_has_self_assessment()
         {
             // Given
             var context = GetDefaultContext();
-            A.CallTo(() => selfAssessmentService.CanDelegateAccessSelfAssessment(A<int>._, A<int>._)).Returns(true);
+            A.CallTo(() => selfAssessmentService.CanDelegateAccessSelfAssessment(A<int>._, A<int>._, A<int>._)).Returns(true);
 
             // When
             new VerifyDelegateUserCanAccessSelfAssessment(selfAssessmentService, logger).OnActionExecuting(context);
diff --git a/DigitalLearningSolutions.Web.Tests/Services/SelfAssessmentServiceTests.cs b/DigitalLearningSolutions.Web.Tests/Services/SelfAssessmentServiceTests.cs
@@ -31,11 +31,12 @@ public void CanDelegateAccessSelfAssessment_returns_true_with_no_completed_or_re
                 .With(ca => ca.CompletedDate = null)
                 .With(ca => ca.RemovedDate = null)
                 .Build().ToList();
+            A.CallTo(() => selfAssessmentDataService.IsCentreSelfAssessment(A<int>._, A<int>._)).Returns(true);
             A.CallTo(() => selfAssessmentDataService.GetCandidateAssessments(A<int>._, A<int>._))
                 .Returns(candidateAssessments);
 
             // When
-            var result = selfAssessmentService.CanDelegateAccessSelfAssessment(1, 1);
+            var result = selfAssessmentService.CanDelegateAccessSelfAssessment(1, 1, 1);
 
             // Then
             result.Should().BeTrue();
@@ -54,11 +55,13 @@ public void CanDelegateAccessSelfAssessment_returns_true_with_at_least_one_valid
                 .With(ca => ca.CompletedDate = null)
                 .With(ca => ca.RemovedDate = null)
                 .Build().ToList();
+
+            A.CallTo(() => selfAssessmentDataService.IsCentreSelfAssessment(A<int>._, A<int>._)).Returns(true);
             A.CallTo(() => selfAssessmentDataService.GetCandidateAssessments(A<int>._, A<int>._))
                 .Returns(candidateAssessments);
 
             // When
-            var result = selfAssessmentService.CanDelegateAccessSelfAssessment(1, 1);
+            var result = selfAssessmentService.CanDelegateAccessSelfAssessment(1, 1, 1);
 
             // Then
             result.Should().BeTrue();
@@ -78,7 +81,7 @@ public void CanDelegateAccessSelfAssessment_returns_false_with_only_completed_or
                 .Returns(candidateAssessments);
 
             // When
-            var result = selfAssessmentService.CanDelegateAccessSelfAssessment(1, 1);
+            var result = selfAssessmentService.CanDelegateAccessSelfAssessment(1, 1, 1);
 
             // Then
             result.Should().BeFalse();
@@ -92,7 +95,7 @@ public void CanDelegateAccessSelfAssessment_returns_false_no_assessments()
                 .Returns(new List<CandidateAssessment>());
 
             // When
-            var result = selfAssessmentService.CanDelegateAccessSelfAssessment(1, 1);
+            var result = selfAssessmentService.CanDelegateAccessSelfAssessment(1, 1, 1);
 
             // Then
             result.Should().BeFalse();
diff --git a/DigitalLearningSolutions.Web/Controllers/LearningPortalController/SelfAssessment.cs b/DigitalLearningSolutions.Web/Controllers/LearningPortalController/SelfAssessment.cs
@@ -51,6 +51,7 @@ from assessmentQuestion in competency.AssessmentQuestions
         }
 
         [NoCaching]
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}")]
         public IActionResult SelfAssessment(int selfAssessmentId)
         {
@@ -76,6 +77,7 @@ public IActionResult SelfAssessment(int selfAssessmentId)
             return View("SelfAssessments/SelfAssessmentDescription", model);
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{competencyNumber:int}")]
         public IActionResult SelfAssessmentCompetency(int selfAssessmentId, int competencyNumber)
         {
@@ -145,6 +147,7 @@ public IActionResult SelfAssessmentCompetency(int selfAssessmentId, int competen
         }
 
         [HttpPost]
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{competencyNumber:int}")]
         public IActionResult SelfAssessmentCompetency(
             int selfAssessmentId,
@@ -187,9 +190,8 @@ public IActionResult SelfAssessmentCompetency(
             return SubmitSelfAssessment(assessment, selfAssessmentId, competencyNumber, competencyId, competencyGroupId, updatedAssessmentQuestions, delegateUserId, delegateId);
         }
 
-        [Route(
-            "/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{competencyNumber:int}/confirm"
-        )]
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
+        [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{competencyNumber:int}/confirm")]
         [HttpGet]
         public IActionResult ConfirmOverwriteSelfAssessment(
            int selfAssessmentId, int competencyNumber
@@ -224,6 +226,7 @@ public IActionResult ConfirmOverwriteSelfAssessment(
            "/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{competencyNumber:int}/confirm"
        )]
         [HttpPost]
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         public IActionResult ConfirmOverwriteSelfAssessment(int selfAssessmentId,
             int competencyNumber,
             int competencyId,
@@ -309,6 +312,7 @@ IActionResult SubmitSelfAssessment(CurrentSelfAssessment assessment, int selfAss
                 );
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route(
         "/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Proficiencies/{competencyNumber:int}/{resultId:int}/ViewNotes"
     )]
@@ -416,6 +420,8 @@ public IActionResult AddSelfAssessmentOverviewFilter(SearchSelfAssessmentOvervie
             );
             return RedirectToAction("FilteredSelfAssessmentGroups", model);
         }
+
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("LearningPortal/SelfAssessment/{selfAssessmentId}/{vocabulary}/{competencyGroupId}")]
         [Route("LearningPortal/SelfAssessment/{selfAssessmentId}/{vocabulary}")]
         public IActionResult SelfAssessmentOverview(int selfAssessmentId, string vocabulary, int? competencyGroupId = null, SearchSelfAssessmentOverviewViewModel searchModel = null)
@@ -485,6 +491,7 @@ public IActionResult SelfAssessmentOverview(int selfAssessmentId, string vocabul
             return View("SelfAssessments/SelfAssessmentOverview", model);
         }
         [HttpPost]
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [SetDlsSubApplication(nameof(DlsSubApplication.LearningPortal))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/CompleteBy")]
         public IActionResult SetSelfAssessmentCompleteByDate(int selfAssessmentId, EditCompleteByDateFormData formData)
@@ -521,6 +528,7 @@ public IActionResult SetSelfAssessmentCompleteByDate(int selfAssessmentId, EditC
             return RedirectToAction("Current");
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [SetDlsSubApplication(nameof(DlsSubApplication.LearningPortal))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/CompleteBy")]
         public IActionResult SetSelfAssessmentCompleteByDate(int selfAssessmentId, ReturnPageQuery returnPageQuery)
@@ -549,6 +557,7 @@ public IActionResult SetSelfAssessmentCompleteByDate(int selfAssessmentId, Retur
             return View("Current/SetCompleteByDate", model);
         }
         [NoCaching]
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Supervisors")]
         public IActionResult ManageSupervisors(int selfAssessmentId)
         {
@@ -612,6 +621,7 @@ public IActionResult QuickAddSupervisor(int selfAssessmentId, int supervisorDele
             return RedirectToAction("ManageSupervisors", new { selfAssessmentId });
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         public IActionResult StartAddNewSupervisor(int selfAssessmentId)
         {
             TempData.Clear();
@@ -650,6 +660,7 @@ public IActionResult StartAddNewSupervisor(int selfAssessmentId)
             return RedirectToAction("AddNewSupervisor", new { selfAssessmentId });
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Supervisors/Add/{page=1:int}")]
         public IActionResult AddNewSupervisor(int selfAssessmentId,
             string? searchString = null,
@@ -799,6 +810,7 @@ public IActionResult SetSupervisorName(AddSupervisorViewModel model)
             return RedirectToAction("AddSupervisorSummary", new { model.SelfAssessmentID });
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Supervisors/Centre")]
         public IActionResult SelectSupervisorCentre(int selfAssessmentId)
         {
@@ -882,6 +894,7 @@ public IActionResult SelectSupervisorCentre(SupervisorCentresViewModel model)
             return RedirectToAction("AddNewSupervisor", new { model.SelfAssessmentID });
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route(
             "/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Supervisors/QuickAdd/{supervisorDelegateId}/Role"
         )]
@@ -989,6 +1002,7 @@ public IActionResult SetSupervisorRole(SetSupervisorRoleViewModel model)
             return RedirectToAction("ManageSupervisors", new { model.SelfAssessmentID });
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Supervisors/Add/Summary")]
         [ResponseCache(CacheProfileName = "Never")]
         public IActionResult AddSupervisorSummary(int selfAssessmentId)
@@ -1093,6 +1107,7 @@ public IActionResult SendSupervisorReminder(int selfAssessmentId, int supervisor
             return RedirectToAction("ManageSupervisors", new { selfAssessmentId });
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         public IActionResult StartRequestVerification(int selfAssessmentId)
         {
             TempData.Clear();
@@ -1120,6 +1135,7 @@ public IActionResult StartRequestVerification(int selfAssessmentId)
             return RedirectToAction("VerificationPickSupervisor", new { selfAssessmentId });
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/ConfirmationRequests")]
         public IActionResult ReviewConfirmationRequests(int selfAssessmentId)
         {
@@ -1144,6 +1160,7 @@ public IActionResult ReviewConfirmationRequests(int selfAssessmentId)
             return View("SelfAssessments/ReviewConfirmationRequests", model);
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/ConfirmationRequests/New/ChooseSupervisor")]
         [ResponseCache(CacheProfileName = "Never")]
         [TypeFilter(
@@ -1216,10 +1233,11 @@ public IActionResult VerificationPickSupervisor(VerificationPickSupervisorViewMo
             );
             return RedirectToAction("VerificationPickResults", new { sessionRequestVerification.SelfAssessmentID });
         }
+
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/ConfirmationRequests/New/PickResults")]
         [ResponseCache(CacheProfileName = "Never")]
-        [TypeFilter(
-            typeof(RedirectToErrorEmptySessionData),
+        [TypeFilter(typeof(RedirectToErrorEmptySessionData),
             Arguments = new object[] { nameof(MultiPageFormDataFeature.AddSelfAssessmentRequestVerification) }
         )]
         public IActionResult VerificationPickResults(int selfAssessmentId)
@@ -1286,6 +1304,7 @@ public IActionResult VerificationPickResults(VerificationPickResultsViewModel mo
             return RedirectToAction("VerificationSummary", new { sessionRequestVerification.SelfAssessmentID });
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/ConfirmationRequests/New/Summary")]
         [ResponseCache(CacheProfileName = "Never")]
         [TypeFilter(
@@ -1414,6 +1433,7 @@ public IActionResult SubmitVerification()
             );
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{vocabulary}/Optional")]
         public IActionResult ManageOptionalCompetencies(int selfAssessmentId)
         {
@@ -1468,6 +1488,7 @@ ManageOptionalCompetenciesViewModel model
             return RedirectToAction("SelfAssessmentOverview", new { selfAssessmentId, vocabulary });
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{vocabulary}/RequestSignOff")]
         public IActionResult RequestSignOff(int selfAssessmentId)
         {
@@ -1484,6 +1505,7 @@ public IActionResult RequestSignOff(int selfAssessmentId)
         }
 
         [HttpPost]
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{vocabulary}/RequestSignOff")]
         public IActionResult RequestSignOff(int selfAssessmentId, string vocabulary, RequestSignOffViewModel model)
         {
@@ -1532,6 +1554,7 @@ string vocabulary
             return RedirectToAction("SelfAssessmentOverview", new { selfAssessmentId, vocabulary });
         }
 
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{vocabulary}/SignOffHistory")]
         public IActionResult SignOffHistory(int selfAssessmentId, string vocabulary)
         {
diff --git a/DigitalLearningSolutions.Web/Controllers/TrackingSystem/Delegates/ActivityDelegatesController.cs b/DigitalLearningSolutions.Web/Controllers/TrackingSystem/Delegates/ActivityDelegatesController.cs
@@ -503,6 +503,7 @@ public IActionResult RemoveDelegateSelfAssessment(DelegateSelfAssessmenteViewMod
         }
 
         [HttpGet]
+        [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]
         [Route("{selfAssessmentId:int}/EditCompleteByDate")]
         public IActionResult EditCompleteByDate(
             int delegateUserId,
diff --git a/DigitalLearningSolutions.Web/ServiceFilter/IsCentreAuthorizedSelfAssessment.cs b/DigitalLearningSolutions.Web/ServiceFilter/IsCentreAuthorizedSelfAssessment.cs
@@ -0,0 +1,42 @@
+﻿namespace DigitalLearningSolutions.Web.ServiceFilter
+{
+    using Microsoft.AspNetCore.Mvc;
+    using Microsoft.AspNetCore.Mvc.Filters;
+    using DigitalLearningSolutions.Web.Helpers;
+    using DigitalLearningSolutions.Web.Services;
+    using Microsoft.Extensions.Logging;
+
+    public class IsCentreAuthorizedSelfAssessment : IActionFilter
+    {
+        private readonly ISelfAssessmentService selfAssessmentService;
+        private readonly ILogger<IsCentreAuthorizedSelfAssessment> logger;
+
+        public IsCentreAuthorizedSelfAssessment(ISelfAssessmentService selfAssessmentService,
+            ILogger<IsCentreAuthorizedSelfAssessment> logger)
+        {
+            this.selfAssessmentService = selfAssessmentService;
+            this.logger = logger;
+        }
+
+        public void OnActionExecuted(ActionExecutedContext context) { }
+
+        public void OnActionExecuting(ActionExecutingContext context)
+        {
+            if (!(context.Controller is Controller controller))
+            {
+                return;
+            }
+            var centreId = controller.User.GetCentreIdKnownNotNull();
+            var selfAssessmentId = int.Parse(context.ActionArguments["selfAssessmentId"].ToString()!);
+
+            if (centreId > 0 && selfAssessmentId > 0)
+            {
+                if (!selfAssessmentService.IsCentreSelfAssessment(selfAssessmentId, centreId))
+                {
+                    logger.LogWarning($"Attempt to access restricted self assessment {selfAssessmentId} by user {controller.User.GetUserIdKnownNotNull()}");
+                    context.Result = new RedirectToActionResult("AccessDenied", "LearningSolutions", new { code = 403 });
+                }
+            }
+        }
+    }
+}
diff --git a/DigitalLearningSolutions.Web/ServiceFilter/VerifyDelegateUserCanAccessSelfAssessment.cs b/DigitalLearningSolutions.Web/ServiceFilter/VerifyDelegateUserCanAccessSelfAssessment.cs
@@ -31,8 +31,9 @@ public void OnActionExecuting(ActionExecutingContext context)
 
             var selfAssessmentId = int.Parse(context.RouteData.Values["selfAssessmentId"].ToString()!);
             var delegateUserId = controller.User.GetUserIdKnownNotNull();
+            var centreId = controller.User.GetCentreIdKnownNotNull();
             var canAccessSelfAssessment =
-                selfAssessmentService.CanDelegateAccessSelfAssessment(delegateUserId, selfAssessmentId);
+                selfAssessmentService.CanDelegateAccessSelfAssessment(delegateUserId, selfAssessmentId, centreId);
 
             if (!canAccessSelfAssessment)
             {
diff --git a/DigitalLearningSolutions.Web/Services/SelfAssessmentService.cs b/DigitalLearningSolutions.Web/Services/SelfAssessmentService.cs
diff --git a/DigitalLearningSolutions.Web/Startup.cs b/DigitalLearningSolutions.Web/Startup.cs

Original file line number	Diff line number	Diff line change
`@@ -170,6 +170,7 @@ int GetSelfAssessmentActivityDelegatesExportCount(string searchString, string so`
`170`	`170`	`IEnumerable<Accessor> GetAccessor(int selfAssessmentId, int delegateUserID);`
`171`	`171`	`ActivitySummaryCompetencySelfAssesment? GetActivitySummaryCompetencySelfAssesment(int CandidateAssessmentSupervisorVerificationsId);`
`172`	`172`	`bool IsUnsupervisedSelfAssessment(int selfAssessmentId);`
	`173`	`+ bool IsCentreSelfAssessment(int selfAssessmentId, int centreId);`
`173`	`174`	`}`
`174`	`175`
`175`	`176`	`public partial class SelfAssessmentDataService : ISelfAssessmentDataService`
`@@ -719,5 +720,14 @@ public bool IsUnsupervisedSelfAssessment(int selfAssessmentId)`
`719`	`720`	`);`
`720`	`721`	`return ResultCount > 0;`
`721`	`722`	`}`
	`723`	`+`
	`724`	`+ public bool IsCentreSelfAssessment(int selfAssessmentId, int centreId)`
	`725`	`+ {`
	`726`	`+ var ResultCount = connection.ExecuteScalar<int>(`
	`727`	`+ @"SELECT count(*) FROM CentreSelfAssessments WHERE SelfAssessmentID = @selfAssessmentId and CentreID = @centreId",`
	`728`	`+ new { selfAssessmentId, centreId }`
	`729`	`+ );`
	`730`	`+ return ResultCount > 0;`
	`731`	`+ }`
`722`	`732`	`}`
`723`	`733`	`}`
Original file line number	Diff line number	Diff line change
`@@ -13,5 +13,6 @@ public class CandidateAssessment`
`13`	`13`	`public DateTime? CompletedDate { get; set; }`
`14`	`14`
`15`	`15`	`public DateTime? RemovedDate { get; set; }`
	`16`	`+ public int CentreId { get; set; }`
`16`	`17`	`}`
`17`	`18`	`}`
Original file line number	Diff line number	Diff line change
`@@ -51,6 +51,7 @@ from assessmentQuestion in competency.AssessmentQuestions`
`51`	`51`	`}`
`52`	`52`
`53`	`53`	`[NoCaching]`
	`54`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`54`	`55`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}")]`
`55`	`56`	`public IActionResult SelfAssessment(int selfAssessmentId)`
`56`	`57`	`{`
`@@ -76,6 +77,7 @@ public IActionResult SelfAssessment(int selfAssessmentId)`
`76`	`77`	`return View("SelfAssessments/SelfAssessmentDescription", model);`
`77`	`78`	`}`
`78`	`79`
	`80`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`79`	`81`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{competencyNumber:int}")]`
`80`	`82`	`public IActionResult SelfAssessmentCompetency(int selfAssessmentId, int competencyNumber)`
`81`	`83`	`{`
`@@ -145,6 +147,7 @@ public IActionResult SelfAssessmentCompetency(int selfAssessmentId, int competen`
`145`	`147`	`}`
`146`	`148`
`147`	`149`	`[HttpPost]`
	`150`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`148`	`151`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{competencyNumber:int}")]`
`149`	`152`	`public IActionResult SelfAssessmentCompetency(`
`150`	`153`	`int selfAssessmentId,`
`@@ -187,9 +190,8 @@ public IActionResult SelfAssessmentCompetency(`
`187`	`190`	`return SubmitSelfAssessment(assessment, selfAssessmentId, competencyNumber, competencyId, competencyGroupId, updatedAssessmentQuestions, delegateUserId, delegateId);`
`188`	`191`	`}`
`189`	`192`
`190`		`- [Route(`
`191`		`- "/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{competencyNumber:int}/confirm"`
`192`		`- )]`
	`193`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
	`194`	`+ [Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{competencyNumber:int}/confirm")]`
`193`	`195`	`[HttpGet]`
`194`	`196`	`public IActionResult ConfirmOverwriteSelfAssessment(`
`195`	`197`	`int selfAssessmentId, int competencyNumber`
`@@ -224,6 +226,7 @@ public IActionResult ConfirmOverwriteSelfAssessment(`
`224`	`226`	`"/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{competencyNumber:int}/confirm"`
`225`	`227`	`)]`
`226`	`228`	`[HttpPost]`
	`229`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`227`	`230`	`public IActionResult ConfirmOverwriteSelfAssessment(int selfAssessmentId,`
`228`	`231`	`int competencyNumber,`
`229`	`232`	`int competencyId,`
`@@ -309,6 +312,7 @@ IActionResult SubmitSelfAssessment(CurrentSelfAssessment assessment, int selfAss`
`309`	`312`	`);`
`310`	`313`	`}`
`311`	`314`
	`315`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`312`	`316`	`[Route(`
`313`	`317`	`"/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Proficiencies/{competencyNumber:int}/{resultId:int}/ViewNotes"`
`314`	`318`	`)]`
`@@ -416,6 +420,8 @@ public IActionResult AddSelfAssessmentOverviewFilter(SearchSelfAssessmentOvervie`
`416`	`420`	`);`
`417`	`421`	`return RedirectToAction("FilteredSelfAssessmentGroups", model);`
`418`	`422`	`}`
	`423`	`+`
	`424`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`419`	`425`	`[Route("LearningPortal/SelfAssessment/{selfAssessmentId}/{vocabulary}/{competencyGroupId}")]`
`420`	`426`	`[Route("LearningPortal/SelfAssessment/{selfAssessmentId}/{vocabulary}")]`
`421`	`427`	`public IActionResult SelfAssessmentOverview(int selfAssessmentId, string vocabulary, int? competencyGroupId = null, SearchSelfAssessmentOverviewViewModel searchModel = null)`
`@@ -485,6 +491,7 @@ public IActionResult SelfAssessmentOverview(int selfAssessmentId, string vocabul`
`485`	`491`	`return View("SelfAssessments/SelfAssessmentOverview", model);`
`486`	`492`	`}`
`487`	`493`	`[HttpPost]`
	`494`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`488`	`495`	`[SetDlsSubApplication(nameof(DlsSubApplication.LearningPortal))]`
`489`	`496`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/CompleteBy")]`
`490`	`497`	`public IActionResult SetSelfAssessmentCompleteByDate(int selfAssessmentId, EditCompleteByDateFormData formData)`
`@@ -521,6 +528,7 @@ public IActionResult SetSelfAssessmentCompleteByDate(int selfAssessmentId, EditC`
`521`	`528`	`return RedirectToAction("Current");`
`522`	`529`	`}`
`523`	`530`
	`531`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`524`	`532`	`[SetDlsSubApplication(nameof(DlsSubApplication.LearningPortal))]`
`525`	`533`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/CompleteBy")]`
`526`	`534`	`public IActionResult SetSelfAssessmentCompleteByDate(int selfAssessmentId, ReturnPageQuery returnPageQuery)`
`@@ -549,6 +557,7 @@ public IActionResult SetSelfAssessmentCompleteByDate(int selfAssessmentId, Retur`
`549`	`557`	`return View("Current/SetCompleteByDate", model);`
`550`	`558`	`}`
`551`	`559`	`[NoCaching]`
	`560`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`552`	`561`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Supervisors")]`
`553`	`562`	`public IActionResult ManageSupervisors(int selfAssessmentId)`
`554`	`563`	`{`
`@@ -612,6 +621,7 @@ public IActionResult QuickAddSupervisor(int selfAssessmentId, int supervisorDele`
`612`	`621`	`return RedirectToAction("ManageSupervisors", new { selfAssessmentId });`
`613`	`622`	`}`
`614`	`623`
	`624`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`615`	`625`	`public IActionResult StartAddNewSupervisor(int selfAssessmentId)`
`616`	`626`	`{`
`617`	`627`	`TempData.Clear();`
`@@ -650,6 +660,7 @@ public IActionResult StartAddNewSupervisor(int selfAssessmentId)`
`650`	`660`	`return RedirectToAction("AddNewSupervisor", new { selfAssessmentId });`
`651`	`661`	`}`
`652`	`662`
	`663`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`653`	`664`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Supervisors/Add/{page=1:int}")]`
`654`	`665`	`public IActionResult AddNewSupervisor(int selfAssessmentId,`
`655`	`666`	`string? searchString = null,`
`@@ -799,6 +810,7 @@ public IActionResult SetSupervisorName(AddSupervisorViewModel model)`
`799`	`810`	`return RedirectToAction("AddSupervisorSummary", new { model.SelfAssessmentID });`
`800`	`811`	`}`
`801`	`812`
	`813`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`802`	`814`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Supervisors/Centre")]`
`803`	`815`	`public IActionResult SelectSupervisorCentre(int selfAssessmentId)`
`804`	`816`	`{`
`@@ -882,6 +894,7 @@ public IActionResult SelectSupervisorCentre(SupervisorCentresViewModel model)`
`882`	`894`	`return RedirectToAction("AddNewSupervisor", new { model.SelfAssessmentID });`
`883`	`895`	`}`
`884`	`896`
	`897`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`885`	`898`	`[Route(`
`886`	`899`	`"/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Supervisors/QuickAdd/{supervisorDelegateId}/Role"`
`887`	`900`	`)]`
`@@ -989,6 +1002,7 @@ public IActionResult SetSupervisorRole(SetSupervisorRoleViewModel model)`
`989`	`1002`	`return RedirectToAction("ManageSupervisors", new { model.SelfAssessmentID });`
`990`	`1003`	`}`
`991`	`1004`
	`1005`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`992`	`1006`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/Supervisors/Add/Summary")]`
`993`	`1007`	`[ResponseCache(CacheProfileName = "Never")]`
`994`	`1008`	`public IActionResult AddSupervisorSummary(int selfAssessmentId)`
`@@ -1093,6 +1107,7 @@ public IActionResult SendSupervisorReminder(int selfAssessmentId, int supervisor`
`1093`	`1107`	`return RedirectToAction("ManageSupervisors", new { selfAssessmentId });`
`1094`	`1108`	`}`
`1095`	`1109`
	`1110`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`1096`	`1111`	`public IActionResult StartRequestVerification(int selfAssessmentId)`
`1097`	`1112`	`{`
`1098`	`1113`	`TempData.Clear();`
`@@ -1120,6 +1135,7 @@ public IActionResult StartRequestVerification(int selfAssessmentId)`
`1120`	`1135`	`return RedirectToAction("VerificationPickSupervisor", new { selfAssessmentId });`
`1121`	`1136`	`}`
`1122`	`1137`
	`1138`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`1123`	`1139`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/ConfirmationRequests")]`
`1124`	`1140`	`public IActionResult ReviewConfirmationRequests(int selfAssessmentId)`
`1125`	`1141`	`{`
`@@ -1144,6 +1160,7 @@ public IActionResult ReviewConfirmationRequests(int selfAssessmentId)`
`1144`	`1160`	`return View("SelfAssessments/ReviewConfirmationRequests", model);`
`1145`	`1161`	`}`
`1146`	`1162`
	`1163`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`1147`	`1164`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/ConfirmationRequests/New/ChooseSupervisor")]`
`1148`	`1165`	`[ResponseCache(CacheProfileName = "Never")]`
`1149`	`1166`	`[TypeFilter(`
`@@ -1216,10 +1233,11 @@ public IActionResult VerificationPickSupervisor(VerificationPickSupervisorViewMo`
`1216`	`1233`	`);`
`1217`	`1234`	`return RedirectToAction("VerificationPickResults", new { sessionRequestVerification.SelfAssessmentID });`
`1218`	`1235`	`}`
	`1236`	`+`
	`1237`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`1219`	`1238`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/ConfirmationRequests/New/PickResults")]`
`1220`	`1239`	`[ResponseCache(CacheProfileName = "Never")]`
`1221`		`- [TypeFilter(`
`1222`		`- typeof(RedirectToErrorEmptySessionData),`
	`1240`	`+ [TypeFilter(typeof(RedirectToErrorEmptySessionData),`
`1223`	`1241`	`Arguments = new object[] { nameof(MultiPageFormDataFeature.AddSelfAssessmentRequestVerification) }`
`1224`	`1242`	`)]`
`1225`	`1243`	`public IActionResult VerificationPickResults(int selfAssessmentId)`
`@@ -1286,6 +1304,7 @@ public IActionResult VerificationPickResults(VerificationPickResultsViewModel mo`
`1286`	`1304`	`return RedirectToAction("VerificationSummary", new { sessionRequestVerification.SelfAssessmentID });`
`1287`	`1305`	`}`
`1288`	`1306`
	`1307`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`1289`	`1308`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/ConfirmationRequests/New/Summary")]`
`1290`	`1309`	`[ResponseCache(CacheProfileName = "Never")]`
`1291`	`1310`	`[TypeFilter(`
`@@ -1414,6 +1433,7 @@ public IActionResult SubmitVerification()`
`1414`	`1433`	`);`
`1415`	`1434`	`}`
`1416`	`1435`
	`1436`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`1417`	`1437`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{vocabulary}/Optional")]`
`1418`	`1438`	`public IActionResult ManageOptionalCompetencies(int selfAssessmentId)`
`1419`	`1439`	`{`
`@@ -1468,6 +1488,7 @@ ManageOptionalCompetenciesViewModel model`
`1468`	`1488`	`return RedirectToAction("SelfAssessmentOverview", new { selfAssessmentId, vocabulary });`
`1469`	`1489`	`}`
`1470`	`1490`
	`1491`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`1471`	`1492`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{vocabulary}/RequestSignOff")]`
`1472`	`1493`	`public IActionResult RequestSignOff(int selfAssessmentId)`
`1473`	`1494`	`{`
`@@ -1484,6 +1505,7 @@ public IActionResult RequestSignOff(int selfAssessmentId)`
`1484`	`1505`	`}`
`1485`	`1506`
`1486`	`1507`	`[HttpPost]`
	`1508`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`1487`	`1509`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{vocabulary}/RequestSignOff")]`
`1488`	`1510`	`public IActionResult RequestSignOff(int selfAssessmentId, string vocabulary, RequestSignOffViewModel model)`
`1489`	`1511`	`{`
`@@ -1532,6 +1554,7 @@ string vocabulary`
`1532`	`1554`	`return RedirectToAction("SelfAssessmentOverview", new { selfAssessmentId, vocabulary });`
`1533`	`1555`	`}`
`1534`	`1556`
	`1557`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`1535`	`1558`	`[Route("/LearningPortal/SelfAssessment/{selfAssessmentId:int}/{vocabulary}/SignOffHistory")]`
`1536`	`1559`	`public IActionResult SignOffHistory(int selfAssessmentId, string vocabulary)`
`1537`	`1560`	`{`
Original file line number	Diff line number	Diff line change
`@@ -503,6 +503,7 @@ public IActionResult RemoveDelegateSelfAssessment(DelegateSelfAssessmenteViewMod`
`503`	`503`	`}`
`504`	`504`
`505`	`505`	`[HttpGet]`
	`506`	`+ [ServiceFilter(typeof(IsCentreAuthorizedSelfAssessment))]`
`506`	`507`	`[Route("{selfAssessmentId:int}/EditCompleteByDate")]`
`507`	`508`	`public IActionResult EditCompleteByDate(`
`508`	`509`	`int delegateUserId,`
Original file line number	Diff line number	Diff line change
`@@ -31,8 +31,9 @@ public void OnActionExecuting(ActionExecutingContext context)`
`31`	`31`
`32`	`32`	`var selfAssessmentId = int.Parse(context.RouteData.Values["selfAssessmentId"].ToString()!);`
`33`	`33`	`var delegateUserId = controller.User.GetUserIdKnownNotNull();`
	`34`	`+ var centreId = controller.User.GetCentreIdKnownNotNull();`
`34`	`35`	`var canAccessSelfAssessment =`
`35`		`- selfAssessmentService.CanDelegateAccessSelfAssessment(delegateUserId, selfAssessmentId);`
	`36`	`+ selfAssessmentService.CanDelegateAccessSelfAssessment(delegateUserId, selfAssessmentId, centreId);`
`36`	`37`
`37`	`38`	`if (!canAccessSelfAssessment)`
`38`	`39`	`{`