Skip to content

Commit

Permalink
BHBC-1978: Data Administrator Permissions Are Incorrect (#838)
Browse files Browse the repository at this point in the history
  • Loading branch information
@KjartanE
KjartanE authored Nov 2, 2022
1 parent a4f1b99 commit a1d9c6a
Show file tree
Hide file tree
Showing 9 changed files with 38,190 additions and 60 deletions.
12,568 changes: 12,554 additions & 14 deletions api/package-lock.json
View file

Large diffs are not rendered by default.

18 changes: 8 additions & 10 deletions api/src/paths/draft.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import { RequestHandler } from 'express';
import { Operation } from 'express-openapi';
import { PROJECT_ROLE } from '../constants/roles';
import { SYSTEM_ROLE } from '../constants/roles';
import { getDBConnection } from '../database/db';
import { HTTP400 } from '../errors/http-error';
import { draftResponseObject } from '../openapi/schemas/draft';
Expand All @@ -11,13 +11,12 @@ import { getLogger } from '../utils/logger';
const defaultLog = getLogger('paths/draft');

export const PUT: Operation = [
authorizeRequestHandler((req) => {
authorizeRequestHandler(() => {
return {
and: [
{
validProjectRoles: [PROJECT_ROLE.PROJECT_LEAD],
projectId: Number(req.params.projectId),
discriminator: 'ProjectRole'
validSystemRoles: [SYSTEM_ROLE.SYSTEM_ADMIN, SYSTEM_ROLE.PROJECT_CREATOR, SYSTEM_ROLE.DATA_ADMINISTRATOR],
discriminator: 'SystemRole'
}
]
};
Expand All @@ -26,13 +25,12 @@ export const PUT: Operation = [
];

export const POST: Operation = [
authorizeRequestHandler((req) => {
authorizeRequestHandler(() => {
return {
and: [
{
validProjectRoles: [PROJECT_ROLE.PROJECT_LEAD],
projectId: Number(req.params.projectId),
discriminator: 'ProjectRole'
validSystemRoles: [SYSTEM_ROLE.SYSTEM_ADMIN, SYSTEM_ROLE.PROJECT_CREATOR, SYSTEM_ROLE.DATA_ADMINISTRATOR],
discriminator: 'SystemRole'
}
]
};
Expand Down Expand Up @@ -105,7 +103,7 @@ POST.apiDoc = {
};

PUT.apiDoc = {
description: 'Update a Draft.',
description: 'Update a Draft',
tags: ['draft'],
security: [
{
Expand Down
2 changes: 1 addition & 1 deletion api/src/paths/draft/{draftId}/delete.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ export const DELETE: Operation = [
return {
and: [
{
validSystemRoles: [SYSTEM_ROLE.SYSTEM_ADMIN, SYSTEM_ROLE.PROJECT_CREATOR],
validSystemRoles: [SYSTEM_ROLE.SYSTEM_ADMIN, SYSTEM_ROLE.PROJECT_CREATOR, SYSTEM_ROLE.DATA_ADMINISTRATOR],
discriminator: 'SystemRole'
}
]
Expand Down
2 changes: 1 addition & 1 deletion api/src/paths/draft/{draftId}/get.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ export const GET: Operation = [
return {
and: [
{
validSystemRoles: [SYSTEM_ROLE.SYSTEM_ADMIN, SYSTEM_ROLE.PROJECT_CREATOR],
validSystemRoles: [SYSTEM_ROLE.SYSTEM_ADMIN, SYSTEM_ROLE.PROJECT_CREATOR, SYSTEM_ROLE.DATA_ADMINISTRATOR],
discriminator: 'SystemRole'
}
]
Expand Down
2 changes: 1 addition & 1 deletion api/src/paths/project/create.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ export const POST: Operation = [
return {
and: [
{
validSystemRoles: [SYSTEM_ROLE.SYSTEM_ADMIN, SYSTEM_ROLE.PROJECT_CREATOR],
validSystemRoles: [SYSTEM_ROLE.SYSTEM_ADMIN, SYSTEM_ROLE.PROJECT_CREATOR, SYSTEM_ROLE.DATA_ADMINISTRATOR],
discriminator: 'SystemRole'
}
]
Expand Down
Loading

0 comments on commit a1d9c6a

Please sign in to comment.