From 84edf92e51e1c0547e676908220b8dfaa9d6d228 Mon Sep 17 00:00:00 2001 From: Evgeniia Rassokhina Date: Tue, 18 Jun 2024 19:09:33 +0400 Subject: [PATCH] #1566 Update permissions for the data entry role --- app/model/users.js | 8 ++++++++ app/routes/project.js | 7 ++++--- assets/app/app/analysis/patternmatching/index.js | 4 ++-- assets/app/app/audiodata/recordings/recordings.js | 4 ++-- assets/app/app/audiodata/sites.js | 5 ++++- assets/app/services/a2permissions.js | 3 +++ 6 files changed, 23 insertions(+), 8 deletions(-) diff --git a/app/model/users.js b/app/model/users.js index 521184dcc..63e992828 100644 --- a/app/model/users.js +++ b/app/model/users.js @@ -265,6 +265,14 @@ var Users = { ]).nodeify(callback); }, + getProjectRole : async function(user_id, project_id) { + const q = `select r.name from roles r + join user_project_role upr on r.role_id = upr.role_id + where upr.user_id = ${user_id} and upr.project_id = ${project_id}` + console.log('qqqqq', q) + return dbpool.query(q).get(0).get('name'); + }, + findOwnedProjects: function(user_id, query) { return dbpool.query( "SELECT p.* \n"+ diff --git a/app/routes/project.js b/app/routes/project.js index 44164ba3d..f96297a0f 100644 --- a/app/routes/project.js +++ b/app/routes/project.js @@ -59,7 +59,7 @@ router.get('/:projecturl?/', function(req, res, next) { }).catch(next); } - model.projects.find({ url: project_url, publicTemplates: true}, function(err, rows) { + model.projects.find({ url: project_url, publicTemplates: true}, async function(err, rows) { if (err) return next(err); if (!rows.length) { console.log('\n\n---TEMP: /projects 62 string', rows) @@ -74,7 +74,7 @@ router.get('/:projecturl?/', function(req, res, next) { user: req.session.user }); } - + const userRole = await model.users.getProjectRole(req.session.user.id, project.project_id) model.users.getPermissions(req.session.user.id, project.project_id, function(err, rows) { var permissionsMap = rows.reduce(function(_, p) { _[p.name] = true; @@ -112,7 +112,7 @@ router.get('/:projecturl?/', function(req, res, next) { req.session.user.permissions[project.project_id] = rows; req.session.loggedIn = true - var perms = { + let perms = { authorized: true, public: !project.is_private, features:{ @@ -131,6 +131,7 @@ router.get('/:projecturl?/', function(req, res, next) { userImage: !!req.session.user && !!req.session.user.imageUrl ? req.session.user.imageUrl : '', userFullName: !!req.session.user && !!req.session.user.firstname ? req.session.user.firstname + ' ' + req.session.user.lastname : '', permissions: rows.map(function(perm) { return perm.name; }), + userRole: userRole ? userRole : 'Guest' }; req.project = { diff --git a/assets/app/app/analysis/patternmatching/index.js b/assets/app/app/analysis/patternmatching/index.js index 663bb5a79..4658eefef 100644 --- a/assets/app/app/analysis/patternmatching/index.js +++ b/assets/app/app/analysis/patternmatching/index.js @@ -241,7 +241,7 @@ angular.module('a2.analysis.patternmatching', [ if (a2UserPermit.isSuper()) { return $scope.openExportPopup(exportReport) } - if (!a2UserPermit.can('manage pattern matchings')) { + if (!a2UserPermit.can('manage pattern matchings') || (a2UserPermit.can('manage pattern matchings') && a2UserPermit.getUserRole() !== 'User')) { return notify.error('You do not have permission to export data'); } $scope.openExportPopup(exportReport) @@ -676,7 +676,7 @@ angular.module('a2.analysis.patternmatching', [ exportPmReport: function ($event) { $event.stopPropagation(); if (a2UserPermit.isSuper()) return this.setupExportUrl() - if ((a2UserPermit.all && !a2UserPermit.all.length) || !a2UserPermit.can('export report')) { + if (!a2UserPermit.can('manage pattern matchings') || (a2UserPermit.can('manage pattern matchings') && a2UserPermit.getUserRole() !== 'User')) { return notify.error('You do not have permission to export Pattern Matching data'); } else return this.setupExportUrl() }, diff --git a/assets/app/app/audiodata/recordings/recordings.js b/assets/app/app/audiodata/recordings/recordings.js index 8a9630a5c..e413cf43e 100644 --- a/assets/app/app/audiodata/recordings/recordings.js +++ b/assets/app/app/audiodata/recordings/recordings.js @@ -94,7 +94,7 @@ angular.module('a2.audiodata.recordings', [ }; this.exportPermit = function() { - return a2UserPermit.can('export report') + return a2UserPermit.can('manage project recordings') || a2UserPermit.getUserRole() === 'User' }; this.createPlaylist = function() { @@ -319,7 +319,7 @@ angular.module('a2.audiodata.recordings', [ if (a2UserPermit.isSuper()) { return this.openExportPopup(listParams) } - if ((a2UserPermit.all && !a2UserPermit.all.length) || !a2UserPermit.can('export report')) { + if (!a2UserPermit.can('manage project recordings') && a2UserPermit.getUserRole() !== 'User') { return notify.error('You do not have permission to export data'); } this.openExportPopup(listParams) diff --git a/assets/app/app/audiodata/sites.js b/assets/app/app/audiodata/sites.js index 8d6885e4e..932603b74 100644 --- a/assets/app/app/audiodata/sites.js +++ b/assets/app/app/audiodata/sites.js @@ -350,7 +350,10 @@ angular.module('a2.audiodata.sites', [ $scope.exportSites = function() { if (a2UserPermit.isSuper()) return $downloadResource(Project.getSitesExportUrl()); - if ((a2UserPermit.all && !a2UserPermit.all.length) || !a2UserPermit.can('export report')) { + if (a2UserPermit.getUserRole() === 'Data Entry') { + $downloadResource(Project.getSitesExportUrl()); + } + else if (!a2UserPermit.can('manage project sites')) { return notify.error('You do not have permission to export sites') } else $downloadResource(Project.getSitesExportUrl()); }; diff --git a/assets/app/services/a2permissions.js b/assets/app/services/a2permissions.js index dbdfacee7..2a8b836d9 100644 --- a/assets/app/services/a2permissions.js +++ b/assets/app/services/a2permissions.js @@ -28,6 +28,9 @@ angular.module('a2.permissions', [ getUserImage: function() { return permit.userImage; }, + getUserRole: function() { + return permit.userRole; + }, getUserFullName: function() { return permit.userFullName; },