From 006ac2e259e65f68584fc1eeaf271f2fabe1452d Mon Sep 17 00:00:00 2001
From: chasegawa <chasegawa@unicon.net>
Date: Tue, 18 Oct 2022 16:38:40 -0700
Subject: [PATCH] SHIBUI-2394

Updated user check for which groups they can approve for to include ALL the groups a user belongs to
---
 .../admin/ui/security/service/UserService.java       | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java
index d4cf2f653..7a20cac04 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java
@@ -26,6 +26,7 @@
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.List;
@@ -145,8 +146,17 @@ public Group getCurrentUserGroup() {
         }
     }
 
+    /**
+     * @return a list of ALL groups that the user can approve for (checks ALL the users groups)
+     */
     public List<String> getGroupsCurrentUserCanApprove() {
-        return getCurrentUserGroup().getApproveForList();
+        HashSet<String> fullSet = new HashSet<>();
+        for (Group g : getCurrentUser().getUserGroups()) {
+            fullSet.addAll(g.getApproveForList());
+        }
+        ArrayList<String> result = new ArrayList<>();
+        result.addAll(fullSet);
+        return result;
     }
 
     public Set<String> getUserRoles(String username) {