chore: fix authorizer during update action for sets related resources

src/Ushahidi/Modules/V5/Policies/CategoryPolicy.php

@@ -45,7 +45,10 @@ public function delete(User $user, EloquentCategory $category)
 
     public function update(User $user, EloquentCategory $category)
     {
-        $accessedCategory = new StaticCategory($category->toArray());
+        $accessedCategory = new StaticCategory($category->getOriginal());
+
+        $accessedCategory->setState($category->getDirty());
+
         return $this->authorizer->setUser($user)->isAllowed($accessedCategory, 'update');
     }
 }

src/Ushahidi/Modules/V5/Policies/SetPolicy.php

@@ -55,7 +55,10 @@ public function update(User $user, Set $set)
         $this->authorizer->setUser($user);
 
         // we convert to a form entity to be able to continue using the old authorizers and classes.
-        $set_entity = new OhanzeeSet($set->toArray());
+        $set_entity = new OhanzeeSet($set->getOriginal());
+
+        $set_entity->setState($set->getDirty());
+
         return $this->authorizer->isAllowed($set_entity, 'update');
     }
 }

src/Ushahidi/Modules/V5/Repository/Category/EloquentCategoryRepository.php

@@ -35,61 +35,63 @@ private function setSearchCondition(Builder $builder, ?SearchData $search_fields
             return $builder;
         }
 
-        $keyword = $search_fields->getFilter('keyword');
-        $tag = $search_fields->getFilter('tag');
-        $type = $search_fields->getFilter('type');
-
-        if (isset($keyword)) {
-            $builder->where('tag', 'LIKE', "%" . $keyword . "%");
-        }
-
-        if (isset($tag)) {
-            $builder->where('tag', 'LIKE', "%" . $keyword . "%");
-        }
-
-        if (isset($type)) {
-            $builder->where('type', '=', $type);
-        }
-
         $parent_id = $search_fields->getFilter('parent_id');
         $is_parent = $search_fields->getFilter('is_parent');
 
         if (isset($parent_id)) {
-            $builder->where('parent_id', '=', $parent_id);
+            $builder->where('parent_id', $parent_id);
         } elseif ($is_parent === false) {
             $builder->whereNull('parent_id');
         }
 
+        $builder->where(function (Builder $builder) use ($search_fields) {
+            $keyword = $search_fields->getFilter('keyword');
+            $tag = $search_fields->getFilter('tag');
+            $type = $search_fields->getFilter('type');
+
+            if (isset($keyword)) {
+                $builder->where('tag', 'LIKE', "%" . $keyword . "%");
+            }
+
+            if (isset($tag)) {
+                $builder->orWhere('tag', 'LIKE', "%" . $keyword . "%");
+            }
+
+            if (isset($type)) {
+                $builder->orWhere('type', '=', $type);
+            }
+        });
+
         $is_admin = $search_fields->getFilter('is_admin');
         if ($is_admin === false) {
             $builder->where(function (Builder $builder) use ($search_fields) {
                 // Default always get categories with null roles or has everyone
                 $builder->whereNull('role');
 
                 // This query isn't working as expected
-                $builder->orWhere('role', 'like', "%\everyone\%");
+                $builder->orWhere('role', 'like', '%everyone%');
 
                 $role = $search_fields->getFilter('role');
-                $user_id = $search_fields->getFilter('user_id');
+                if (isset($role) && !is_null($role)) {
+                    $builder->orWhere('role', 'like', "%" . $role . "%");
+                }
 
-                // If it's a logged in user and not an admin
+                // If it's a logged in user
+                $user_id = $search_fields->getFilter('user_id');
                 if (isset($user_id) && !is_null($user_id)) {
                     // Where the user is the owner of the category
                     $builder->orWhere(function (Builder $query) use ($user_id) {
                         //TODO: Fix this query in future release
-                        $query->where('role', 'LIKE', "%me%")
-                            ->where('user_id', '=', $user_id);
+                        $query->where('role', 'like', '%me%')
+                            ->where('user_id', $user_id);
                     });
                 }
 
-                if (isset($role) && !is_null($role)) {
-                    $builder->orWhere(function (Builder $query) use ($role) {
-                        $query->where('role', 'LIKE', "%" . $role . "%");
-                    });
-                }
             });
         }
 
+        // var_dump($builder->toSql());
+        // exit;
         return $builder;
     }
 

tests/Integration/v5/tags.v5.feature

@@ -120,7 +120,7 @@ Feature: Testing the Categories API
         Then the response is JSON
         And the response has a "errors.failed_validations" property
         And the "errors.failed_validations.0.field" property equals "role"
-        And the "errors.failed_validations.0.error_messages.0" property equals "The child category role must be the same as the parent role." 
+        And the "errors.failed_validations.0.error_messages.0" property equals "The child category role must be the same as the parent role."
         Then the guzzle status code should be 422
     Scenario: Creating a tag with a duplicate slug is not possible
         Given that I want to make a new "Category"
@@ -368,23 +368,23 @@ Feature: Testing the Categories API
         And that the api_url is "api/v5"
         When I request "/categories"
         Then the response is JSON
-        And the "results" property count is "19"
+        And the "results" property count is "14"
         Then the guzzle status code should be 200
     Scenario: Listing All Tags available to regular users
         Given that I want to get all "Categories"
         And that the oauth token is "testbasicuser"
         And that the api_url is "api/v5"
         When I request "/categories"
         Then the response is JSON
-        And the "results" property count is "9"
+        And the "results" property count is "7"
         Then the guzzle status code should be 200
-        
+
     Scenario: Listing All Tags available to non-users
         Given that I want to get all "Categories"
         And that the api_url is "api/v5"
         When I request "/categories"
         Then the response is JSON
-        And the "results" property count is "7"
+        And the "results" property count is "5"
         Then the guzzle status code should be 200
 #
 #    @resetFixture
@@ -557,7 +557,7 @@ Feature: Testing the Categories API
         Then the response is JSON
         And the response has a "errors.failed_validations" property
         And the "errors.failed_validations.0.field" property equals "role"
-        And the "errors.failed_validations.0.error_messages.0" property equals "The child category role must be the same as the parent role."       
+        And the "errors.failed_validations.0.error_messages.0" property equals "The child category role must be the same as the parent role."
         Then the guzzle status code should be 422
 
     Scenario: Creating a new child with no role for a tag with role=["admin"]
@@ -581,7 +581,7 @@ Feature: Testing the Categories API
         Then the response is JSON
         And the response has a "errors.failed_validations" property
         And the "errors.failed_validations.0.field" property equals "role"
-        And the "errors.failed_validations.0.error_messages.0" property equals "The child category role must be the same as the parent role."       
+        And the "errors.failed_validations.0.error_messages.0" property equals "The child category role must be the same as the parent role."
         Then the guzzle status code should be 422
 
     @resetFixture