IVYPORTAL-18054 Iframe task template: Missing permission check for Ca…

…se information (#1291)

* feature/IVYPORTAL-18054-Iframe-task-template-Missing-permission-check-for-Case-information-LE - Fix case not found

* feature/IVYPORTAL-18054-Iframe-task-template-Missing-permission-check-for-Case-information-LE - Fix case not have permission

* feature/IVYPORTAL-18054-Iframe-task-template-Missing-permission-check-for-Case-information-LE

AxonIvyPortal/portal/cms/cms.yaml

@@ -1,6 +1,6 @@
 ch.ivy.addon.portal.generic:
   CaseDetailsTemplate:
-    noCaseId: No case-Id specified
+    noCaseFound: Case not found or you don't have permission to view this case.
     requestTabTitle: Request
     statusTabTitle: Case Information
   OpenTaskTemplate:

AxonIvyPortal/portal/cms/cms_de.yaml

@@ -1,6 +1,6 @@
 ch.ivy.addon.portal.generic:
   CaseDetailsTemplate:
-    noCaseId: Keine Vorgangs-ID spezifiziert
+    noCaseFound: Vorgang nicht gefunden oder Sie haben keine Berechtigung, diesen Vorgang zu sehen.
     requestTabTitle: Anfrage
     statusTabTitle: Vorgangsinformationen
   OpenTaskTemplate:

AxonIvyPortal/portal/cms/cms_en.yaml

@@ -1,6 +1,6 @@
 ch.ivy.addon.portal.generic:
   CaseDetailsTemplate:
-    noCaseId: No case-Id specified
+    noCaseFound: Case not found or you don't have permission to view this case.
     requestTabTitle: Request
     statusTabTitle: Case Information
   OpenTaskTemplate:

AxonIvyPortal/portal/cms/cms_es.yaml

@@ -1,6 +1,6 @@
 ch.ivy.addon.portal.generic:
   CaseDetailsTemplate:
-    noCaseId: No hay ID de caso especificado
+    noCaseFound: Caso no encontrado o no tienes permiso para ver este caso.
     requestTabTitle: Solicitud
     statusTabTitle: Información del caso
   OpenTaskTemplate:

AxonIvyPortal/portal/cms/cms_fr.yaml

@@ -1,6 +1,6 @@
 ch.ivy.addon.portal.generic:
   CaseDetailsTemplate:
-    noCaseId: Aucun numéro de dossier n'a été indiqué
+    noCaseFound: Cas non trouvé ou vous n'avez pas la permission de voir ce cas.
     requestTabTitle: Demande
     statusTabTitle: Informations sur le dossier
   OpenTaskTemplate:

AxonIvyPortal/portal/src/ch/ivy/addon/portal/generic/bean/AbstractTaskTemplateBean.java

@@ -159,7 +159,7 @@ private int getFirstTerminatingStageIndex(List<IStage> stages) {
   }
 
   public void generateCaseDetailInFrame(ICase currentCase) {
-    setCaseDetailsLink(PortalNavigator.buildPortalCaseDetailInFrameUrl(currentCase.uuid()));
+    setCaseDetailsLink(PortalNavigator.buildPortalCaseDetailInFrameUrl(currentCase != null ? currentCase.uuid() : ""));
   }
 
   public Long getIntervalForPollingWhenOpenCaseDetails() {

AxonIvyPortal/portal/src/ch/ivy/addon/portalkit/bean/CaseWidgetBean.java

@@ -11,6 +11,7 @@
 import javax.faces.bean.ViewScoped;
 
 import org.apache.commons.collections4.CollectionUtils;
+
 import com.axonivy.portal.enums.SearchScopeCaseField;
 import com.axonivy.portal.service.GlobalSearchService;
 
@@ -25,6 +26,7 @@
 import ch.ivy.addon.portalkit.enums.SessionAttribute;
 import ch.ivy.addon.portalkit.enums.TaskSortField;
 import ch.ivy.addon.portalkit.exporter.Exporter;
+import ch.ivy.addon.portalkit.ivydata.service.impl.CaseService;
 import ch.ivy.addon.portalkit.service.CaseFilterService;
 import ch.ivy.addon.portalkit.support.HtmlParser;
 import ch.ivy.addon.portalkit.util.CaseUtils;
@@ -221,8 +223,15 @@ public String getGlobalSearchText(CaseLazyDataModel model) {
     }
     return result;
   }
-  
+
   public boolean isShowGlobalSearchScope() {
     return GlobalSearchService.getInstance().isShowGlobalSearchByCases();
   }
+
+  public boolean isCaseFound(ICase caze) {
+    if (caze != null) {
+      return CaseService.newInstance().isCaseAccessible(caze.uuid());
+    }
+    return false;
+  }
 }

AxonIvyPortal/portal/webContent/layouts/restricted/AbstractTaskTemplate.xhtml

@@ -160,14 +160,14 @@
             </h:panelGroup>
           </f:facet>
           <ui:insert name="caseDetails">
-            <h:outputText value="#{ivy.cms.co('/ch.ivy.addon.portal.generic/CaseDetailsTemplate/noCaseId')}"
-              rendered="#{caseWidgetBean.isHiddenCase(case)}" />
-            <h:panelGroup id="case-details-panel" layout="block" rendered="#{!caseWidgetBean.isHiddenCase(case)}"
+            <h:outputText value="#{ivy.cms.co('/ch.ivy.addon.portal.generic/CaseDetailsTemplate/noCaseFound')}"
+              rendered="#{caseWidgetBean.isHiddenCase(case) or !caseWidgetBean.isCaseFound(case)}" styleClass="no-case-found" />
+            <h:panelGroup id="case-details-panel" layout="block" rendered="#{!caseWidgetBean.isHiddenCase(case) and caseWidgetBean.isCaseFound(case)}"
               styleClass="case-default-widget-container case-details case-details-panel">
               <div class="ui-g js-iframe-container">
                 <div class="ui-g-12 u-padding-0">
                   <iframe id="i-frame-case-details" src="#{taskTemplateBean.caseDetailsLink}"
-                    onload="setupHeightForIFrame();" class="case-information-frame  js-iFrame-case-details"
+                    onload="setupHeightForIFrame();" class="case-information-frame js-iFrame-case-details"
                     scrolling="no" frameborder="0"
                     title="#{ivy.cms.co('/Dialogs/com/axonivy/portal/layouts/AbstractTaskTemplate/CaseDetailsIFrameTitle')}" />
                 </div>

AxonIvyPortal/portal/webContent/resources/css/module.css

@@ -716,6 +716,11 @@ span.case-details-document-add-link, span.task-details-document-add-link {
   align-self: center;
 }
 
+.no-case-found {
+  margin-left: 21px;
+  font-size: var(--large-font-size);
+}
+
 .case-detail-section-title-container {
   display: flex;
 }