Skip to content

Commit

Permalink
Merge pull request #957 from AtlasOfLivingAustralia/feature/issue956
Browse files Browse the repository at this point in the history
Fixed protocolCheck for projectParticipant role #956
  • Loading branch information
chrisala authored May 21, 2024
2 parents 051b805 + 3a2a2f5 commit 4f3466a
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 4 deletions.
9 changes: 6 additions & 3 deletions grails-app/services/au/org/ala/ecodata/ParatooService.groovy
Original file line number Diff line number Diff line change
Expand Up @@ -445,10 +445,13 @@ class ParatooService {

private boolean protocolCheck(String userId, String projectId, String protocolId, boolean read) {
List projects = userProjects(userId)

ParatooProject project = projects.find { it.id == projectId }
boolean protocol = project?.protocols?.find { it.externalIds.find { it.externalId == protocolId } }
int minimumAccess = read ? AccessLevel.projectParticipant.code : AccessLevel.editor.code
protocol && project.accessLevel.code >= minimumAccess
ActivityForm protocol = project?.protocols?.find { it.externalIds.find { it.externalId == protocolId } }
int minAccessLevel = AccessLevel.projectParticipant.code
// Note we don't need to include a check for ADMIN_ONLY_PROTOCOLS here as those protocol will have already be filtered
// out of the list of protocols attached to the project in findProjectProtocols if the user isn't an admin.
protocol && project.accessLevel.code >= minAccessLevel
}

Map findDataSet(String userId, String orgMintedUUID) {
Expand Down
32 changes: 31 additions & 1 deletion src/test/groovy/au/org/ala/ecodata/ParatooServiceSpec.groovy
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ class ParatooServiceSpec extends MongoSpec implements ServiceUnitTest<ParatooSer
projects[0].projectArea == DUMMY_POLYGON
projects[0].plots.size() == 1
projects[0].plots[0].siteId == 's2'
projects[0].protocols*.name == ["aParatooForm 1", "aParatooForm 2", "aParatooForm 3"]
projects[0].protocols*.name == ["Plot Selection", "aParatooForm 1", "aParatooForm 2", "aParatooForm 3"]

and:
1 * siteService.geometryAsGeoJson({ it.siteId == 's1' }) >> DUMMY_POLYGON
Expand Down Expand Up @@ -538,6 +538,10 @@ class ParatooServiceSpec extends MongoSpec implements ServiceUnitTest<ParatooSer
Service service = new Service(name: "S1", serviceId: '1', legacyId: 1, outputs: [new ServiceForm(externalId: "guid-2", formName: "aParatooForm", sectionName: null)])
service.save(failOnError: true, flush: true)

ActivityForm plotSelection = new ActivityForm(name:"Plot Selection", type:"EMSA", category:"Plot Selection and Layout", external:true)
plotSelection.externalIds = [new ExternalId(externalId: "plot-selection-guid", idType: ExternalId.IdType.MONITOR_PROTOCOL_GUID)]
plotSelection.save(failOnError:true, flush: true)

ActivityForm activityForm = new ActivityForm(name: "aParatooForm 1", type: 'EMSA', category: 'protocol category 1', external: true,
sections: [
new FormSection(name: "section 1", type: "section", template: [
Expand Down Expand Up @@ -1515,8 +1519,34 @@ class ParatooServiceSpec extends MongoSpec implements ServiceUnitTest<ParatooSer
ParatooService.buildUpdatedDataSetSummaryName("site", "2024-05-14T00:00:00Z", null, "Protocol 1", null, new ParatooProtocolConfig(usesPlotLayout: false)) == "Protocol 1 - 2024-05-14 10:00 ${am}"
ParatooService.buildUpdatedDataSetSummaryName(null, "2024-05-14T00:00:00Z", null, "Protocol 1", null, new ParatooProtocolConfig()) == "Protocol 1 - 2024-05-14 10:00 ${am}"
ParatooService.buildUpdatedDataSetSummaryName(null, null, null, "Protocol 1", new ParatooCollectionId(eventTime:DateUtil.parse("2024-05-14T00:00:00Z")), new ParatooProtocolConfig()) == "Protocol 1 - 2024-05-14 10:00 ${am}"
}

def "Users with either the project participant or editor role can read all protocols and write all expect Plot Selection"(AccessLevel accessLevel, String protocolId, boolean canRead, boolean canWrite) {
setup:
String userId = 'u2'
String projectId = 'p1' // created during setup

when:
UserPermission up = new UserPermission(userId: userId, accessLevel: accessLevel, entityId: projectId, entityType: Project.class.name)
up.save(flush:true, failOnError: true)
boolean actualCanRead = service.protocolReadCheck(userId, 'p1', protocolId)
boolean actualCanWrite = service.protocolWriteCheck(userId, 'p1', protocolId)

then:
actualCanRead == canRead
actualCanWrite == canWrite

where:
protocolId | accessLevel | canRead | canWrite
'plot-selection-guid' | AccessLevel.editor | false | false
'plot-selection-guid' | AccessLevel.admin | true | true
'guid-2' | AccessLevel.admin | true | true
'guid-2' | AccessLevel.caseManager | true | true
'guid-2' | AccessLevel.editor | true | true
'guid-2' | AccessLevel.projectParticipant | true | true
'guid-2' | AccessLevel.readOnly | false | false

'guid-10' | AccessLevel.admin | false | false // Note guid-10 doesn't exist/isn't attached to the project.
}

private Map getNormalDefinition() {
Expand Down

0 comments on commit 4f3466a

Please sign in to comment.