fix(FRONT-715): user without canManageCards can see other user cards …

…on members page (#389)

clients/banking/src/components/MembershipDetailArea.tsx

@@ -235,23 +235,41 @@ export const MembershipDetailArea = ({
                         editingAccountMembershipId,
                       }),
                     },
-                    {
-                      label: t("membershipDetail.cards"),
-                      url: Router.AccountMembersDetailsCardList({
-                        ...params,
-                        accountMembershipId: currentUserAccountMembershipId,
-                        editingAccountMembershipId,
-                      }),
-                    },
+                    ...match({ currentUserAccountMembership, accountMembership })
+                      .with(
+                        P.union(
+                          {
+                            currentUserAccountMembership: { canManageCards: true },
+                          },
+                          {
+                            accountMembership: { id: currentUserAccountMembershipId },
+                          },
+                        ),
+                        () => [
+                          {
+                            label: t("membershipDetail.cards"),
+                            url: Router.AccountMembersDetailsCardList({
+                              ...params,
+                              accountMembershipId: currentUserAccountMembershipId,
+                              editingAccountMembershipId,
+                            }),
+                          },
+                        ],
+                      )
+                      .otherwise(() => []),
                   ]}
                   otherLabel={t("common.tabs.other")}
                 />
 
                 <ListRightPanelContent large={large} style={styles.contents}>
-                  {match(route)
+                  {match({ route, currentUserAccountMembership, accountMembership })
                     .with(
-                      { name: "AccountMembersDetailsRoot" },
-                      ({ params: { showInvitationLink } }) => (
+                      { route: { name: "AccountMembersDetailsRoot" } },
+                      ({
+                        route: {
+                          params: { showInvitationLink },
+                        },
+                      }) => (
                         <MembershipDetailEditor
                           accountCountry={accountCountry}
                           editingAccountMembership={accountMembership}
@@ -267,7 +285,7 @@ export const MembershipDetailArea = ({
                         />
                       ),
                     )
-                    .with({ name: "AccountMembersDetailsRights" }, () => (
+                    .with({ route: { name: "AccountMembersDetailsRights" } }, () => (
                       <MembershipDetailRights
                         accountCountry={accountCountry}
                         editingAccountMembership={accountMembership}
@@ -283,13 +301,24 @@ export const MembershipDetailArea = ({
                       />
                     ))
                     .with(
-                      { name: "AccountMembersDetailsCardList" },
+                      P.union(
+                        {
+                          route: { name: "AccountMembersDetailsCardList" },
+                          currentUserAccountMembership: { canManageCards: true },
+                        },
+                        {
+                          route: { name: "AccountMembersDetailsCardList" },
+                          accountMembership: { id: currentUserAccountMembershipId },
+                        },
+                      ),
                       ({
-                        params: {
-                          accountMembershipId,
-                          editingAccountMembershipId,
-                          newCard: isCardWizardOpen,
-                          ...params
+                        route: {
+                          params: {
+                            accountMembershipId,
+                            editingAccountMembershipId,
+                            newCard: isCardWizardOpen,
+                            ...params
+                          },
                         },
                       }) => (
                         <View style={large ? styles.cardListLarge : styles.cardList}>

clients/banking/src/locales/de.json

@@ -156,7 +156,7 @@
   "card.settings.international.description": "Transaktionen außerhalb des Landes Ihres Wohnsitzes zulassen",
   "card.settings.nonMainCurrencyTransactions": "Nicht-EURO Transaktionen",
   "card.settings.nonMainCurrencyTransactions.description": "Transaktionen in anderen Währungen wie Dollar oder Yen erlauben",
-  "card.settings.notAllowed": "Sie dürfen Ihre Karten-Einstellungen nicht ändern",
+  "card.settings.notAllowed": "Sie dürfen Ihre Karteneinstellungen nicht ändern",
   "card.settings.spendingLimit": "Ausgabenlimit",
   "card.settings.unavailable": "Karteneinstellungen nicht verfügbar",
   "card.settings.withdrawal": "Abhebung",

clients/banking/src/locales/en.json

@@ -156,7 +156,7 @@
   "card.settings.international.description": "Allow transactions outside of your country of residence",
   "card.settings.nonMainCurrencyTransactions": "Non-euro transactions",
   "card.settings.nonMainCurrencyTransactions.description": "Allow transactions in other currencies, such as dollars or yen",
-  "card.settings.notAllowed": "You are not allowed to change your cards settings",
+  "card.settings.notAllowed": "You are not allowed to change your card settings",
   "card.settings.spendingLimit": "Spending limit",
   "card.settings.unavailable": "Cards settings not availlable",
   "card.settings.withdrawal": "Withdrawal",

clients/banking/src/locales/es.json

@@ -1,4 +1,5 @@
 {
+  "": "No tienes permiso para cambiar la configuración de tus tarjetas",
   "accountActivation.addMoney.description": "Para comprobar que la cuenta te pertenece, realiza un pago de cualquier importe a esta cuenta desde otra cuenta a tu nombre.",
   "accountActivation.addMoney.illustration.text": "Se mostrará tu IBAN en unos instantes. Si no, {projectName} contactará contigo para proceder a la activación de tu cuenta.",
   "accountActivation.addMoney.illustration.title": "Tu primera transferencia",
@@ -156,7 +157,7 @@
   "card.settings.international.description": "Permitir operaciones fuera de tu país de residencia",
   "card.settings.nonMainCurrencyTransactions": "Operaciones que no sean en euros",
   "card.settings.nonMainCurrencyTransactions.description": "Permitir operaciones en otras monedas, como el dólar o el yen",
-  "card.settings.notAllowed": "No tienes permiso para cambiar la configuración de tus tarjetas",
+  "card.settings.notAllowed": "No tienes permitido cambiar la configuración de tu tarjeta",
   "card.settings.spendingLimit": "Límite de gasto",
   "card.settings.unavailable": "Ajustes de tarjeta no disponibles",
   "card.settings.withdrawal": "Retirada",

clients/banking/src/locales/fr.json

@@ -156,7 +156,7 @@
   "card.settings.international.description": "Autoriser les transactions en dehors de votre pays de résidence",
   "card.settings.nonMainCurrencyTransactions": "Transactions hors euro",
   "card.settings.nonMainCurrencyTransactions.description": "Autoriser les transactions dans d'autres monnaies, telles que le dollar ou le yen",
-  "card.settings.notAllowed": "Vous n'êtes pas autorisé à modifier les paramètres de vos cartes",
+  "card.settings.notAllowed": "Vous n'êtes pas autorisé(e) à modifier les paramètres de votre carte",
   "card.settings.spendingLimit": "Limite de dépense",
   "card.settings.unavailable": "Paramètres de la carte non disponibles",
   "card.settings.withdrawal": "Retrait",

clients/banking/src/locales/it.json

@@ -156,7 +156,7 @@
   "card.settings.international.description": "Consente transazioni al di fuori del proprio paese di residenza",
   "card.settings.nonMainCurrencyTransactions": "Transazioni non in Euro",
   "card.settings.nonMainCurrencyTransactions.description": "Permette transazioni in altre valute, come dollaro o yen",
-  "card.settings.notAllowed": "Non sei autorizzato a modificare le impostazioni delle tue carte",
+  "card.settings.notAllowed": "Non sei autorizzato a modificare le impostazioni della tua carta",
   "card.settings.spendingLimit": "Limite di spesa",
   "card.settings.unavailable": "Impostazioni carta non disponibili",
   "card.settings.withdrawal": "Prelievo",

clients/banking/src/locales/nl.json

@@ -156,7 +156,7 @@
   "card.settings.international.description": "Transacties toestaan buiten het land waar je woont",
   "card.settings.nonMainCurrencyTransactions": "Niet-EUR transacties",
   "card.settings.nonMainCurrencyTransactions.description": "Transacties toestaan in andere valuta, zoals dollars of yen",
-  "card.settings.notAllowed": "Je bent niet toegestaan om de instellingen van je kaarten te wijzigen",
+  "card.settings.notAllowed": "Je hebt geen toestemming om je kaartinstellingen te wijzigen",
   "card.settings.spendingLimit": "Bestedingslimiet",
   "card.settings.unavailable": "Kaartinstellingen niet beschikbaar",
   "card.settings.withdrawal": "Opname",