fixes test and minor code improvements

src/Altinn.App.Core/Features/Signing/SigningDelegationService.cs

@@ -15,7 +15,7 @@ internal sealed class SigningDelegationService(
     ILogger<SigningDelegationService> logger
 ) : ISigningDelegationService
 {
-    public async Task<(List<SigneeContext>, bool success)> RevokeSigneeRights(
+    public async Task<(List<SigneeContext>, bool success)> DelegateSigneeRights(
         string taskId,
         string instanceId,
         Party delegatorParty,
@@ -28,12 +28,18 @@ ILogger<SigningDelegationService> logger
         var instanceGuid = instanceId.Split("/")[1];
         var appResourceId = AppResourceId.FromAppIdentifier(appIdentifier);
         bool success = true;
+
         foreach (SigneeContext signeeContext in signeeContexts)
         {
-            if (signeeContext.SigneeState.IsAccessDelegated is true)
+            SigneeState state = signeeContext.SigneeState;
+
+            try
             {
-                try
+                if (state.IsAccessDelegated is false)
                 {
+                    logger.LogInformation(
+                        $"Delegating signee rights to {signeeContext.Party.PartyUuid} from {delegatorParty.PartyUuid} for {appResourceId.Value}"
+                    );
                     DelegationRequest delegationRequest = new()
                     {
                         ResourceId = appResourceId.Value,
@@ -74,23 +80,24 @@ ILogger<SigningDelegationService> logger
                             },
                         ],
                     };
-                    DelegationResponse? response = await accessManagementClient.RevokeRights(delegationRequest, ct);
-                    signeeContext.SigneeState.IsAccessDelegated = false;
-                    telemetry?.RecordDelegationRevoke(DelegationResult.Success);
-                }
-                catch (Exception ex)
-                {
-                    logger.LogError(ex, "Failed to revoke signee rights");
-                    signeeContext.SigneeState.DelegationFailedReason = "Failed to revoke signee rights: " + ex.Message;
-                    telemetry?.RecordDelegationRevoke(DelegationResult.Error);
-                    success = false;
+                    DelegationResponse? response = await accessManagementClient.DelegateRights(delegationRequest, ct);
+                    state.IsAccessDelegated = true;
+                    telemetry?.RecordDelegation(DelegationResult.Success);
                 }
             }
+            catch (Exception ex)
+            {
+                logger.LogError(ex, "Failed to delegate signee rights");
+                state.DelegationFailedReason = "Failed to delegate signee rights: " + ex.Message;
+                telemetry?.RecordDelegation(DelegationResult.Error);
+                success = false;
+            }
         }
+
         return (signeeContexts, success);
     }
 
-    public async Task<(List<SigneeContext>, bool success)> DelegateSigneeRights(
+    public async Task<(List<SigneeContext>, bool success)> RevokeSigneeRights(
         string taskId,
         string instanceId,
         Party delegatorParty,
@@ -103,18 +110,12 @@ ILogger<SigningDelegationService> logger
         var instanceGuid = instanceId.Split("/")[1];
         var appResourceId = AppResourceId.FromAppIdentifier(appIdentifier);
         bool success = true;
-
         foreach (SigneeContext signeeContext in signeeContexts)
         {
-            SigneeState state = signeeContext.SigneeState;
-
-            try
+            if (signeeContext.SigneeState.IsAccessDelegated is true)
             {
-                if (state.IsAccessDelegated is false)
+                try
                 {
-                    logger.LogInformation(
-                        $"Delegating signee rights to {signeeContext.Party.PartyUuid} from {delegatorParty.PartyUuid} for {appResourceId.Value}"
-                    );
                     DelegationRequest delegationRequest = new()
                     {
                         ResourceId = appResourceId.Value,
@@ -155,20 +156,19 @@ ILogger<SigningDelegationService> logger
                             },
                         ],
                     };
-                    DelegationResponse? response = await accessManagementClient.DelegateRights(delegationRequest, ct);
-                    state.IsAccessDelegated = true;
-                    telemetry?.RecordDelegation(DelegationResult.Success);
+                    DelegationResponse? response = await accessManagementClient.RevokeRights(delegationRequest, ct);
+                    signeeContext.SigneeState.IsAccessDelegated = false;
+                    telemetry?.RecordDelegationRevoke(DelegationResult.Success);
+                }
+                catch (Exception ex)
+                {
+                    logger.LogError(ex, "Failed to revoke signee rights");
+                    signeeContext.SigneeState.DelegationFailedReason = "Failed to revoke signee rights: " + ex.Message;
+                    telemetry?.RecordDelegationRevoke(DelegationResult.Error);
+                    success = false;
                 }
-            }
-            catch (Exception ex)
-            {
-                logger.LogError(ex, "Failed to delegate signee rights");
-                state.DelegationFailedReason = "Failed to delegate signee rights: " + ex.Message;
-                telemetry?.RecordDelegation(DelegationResult.Error);
-                success = false;
             }
         }
-
         return (signeeContexts, success);
     }
 }

src/Altinn.App.Core/Features/Signing/SigningService.cs

@@ -359,9 +359,11 @@ private async Task<SigneeContext> GenerateSigneeContext(
         CancellationToken ct
     )
     {
-        var orgNumber = signeeParty.OnBehalfOfOrganisation?.OrganisationNumber;
+        var socialSecurityNumber = signeeParty.SocialSecurityNumber;
         Party party = await altinnPartyClient.LookupParty(
-            new PartyLookup { Ssn = orgNumber is null ? signeeParty.SocialSecurityNumber : null, OrgNo = orgNumber }
+            socialSecurityNumber is not null
+                ? new PartyLookup { Ssn = socialSecurityNumber }
+                : new PartyLookup { OrgNo = signeeParty.OnBehalfOfOrganisation?.OrganisationNumber }
         );
 
         Models.Notifications? notifications = signeeParty.Notifications;

test/Altinn.App.Core.Tests/Features/Signing/SigningServiceTests.cs

@@ -108,14 +108,19 @@ public async Task GetSigneeContexts()
                     OrgNumber = org.OrgNumber,
                     Organization = new Organization { OrgNumber = org.OrgNumber, Name = org.Name },
                 },
+                OnBehalfOfOrganisation = new SigneeContextOrganisation
+                {
+                    Name = org.Name,
+                    OrganisationNumber = org.OrgNumber,
+                },
             },
         };
 
         var signDocumentWithMatchingSignatureContext = new SignDocument
         {
             SigneeInfo = new Platform.Storage.Interface.Models.Signee
             {
-                OrganisationNumber = signeeState.First().Party.OrgNumber,
+                OrganisationNumber = signeeState.First().OnBehalfOfOrganisation?.OrganisationNumber,
             },
         };
 
@@ -140,8 +145,16 @@ public async Task GetSigneeContexts()
             .ReturnsAsync(new ReadOnlyMemory<byte>(ToBytes(signDocumentWithoutMatchingSignatureContext)));
 
         _altinnPartyClient
-            .Setup(x => x.LookupParty(Match.Create<PartyLookup>(p => p.Ssn == person.SSN)))
-            .ReturnsAsync(new Party { SSN = person.SSN, Person = person });
+            .Setup(x => x.LookupParty(Match.Create<PartyLookup>(p => p.Ssn == person.SSN || p.OrgNo == org.OrgNumber)))
+            .ReturnsAsync(
+                new Party
+                {
+                    SSN = person.SSN,
+                    Person = person,
+                    OrgNumber = org.OrgNumber,
+                    Organization = org,
+                }
+            );
 
         // Act
         List<SigneeContext> result = await _signingService.GetSigneeContexts(