From 5d9f42536f61a94c9b85c204459a0d2bb57293ca Mon Sep 17 00:00:00 2001
From: Dinuka De Silva <l.dinukadesilva@gmail.com>
Date: Tue, 19 Nov 2019 10:37:46 +0530
Subject: [PATCH] Disable write access temporary

---
 api/TallySheetApi.py    |   6 +-
 auth/AuthConstants.py   |   3 +-
 auth/RoleBasedAccess.py | 132 ++++++++++++++++++++--------------------
 3 files changed, 71 insertions(+), 70 deletions(-)

diff --git a/api/TallySheetApi.py b/api/TallySheetApi.py
index 404f490e..e7f73779 100644
--- a/api/TallySheetApi.py
+++ b/api/TallySheetApi.py
@@ -3,7 +3,7 @@
 from app import db
 from auth import authorize, DATA_EDITOR_ROLE, POLLING_DIVISION_REPORT_VERIFIER_ROLE, \
     ELECTORAL_DISTRICT_REPORT_VERIFIER_ROLE, NATIONAL_REPORT_VERIFIER_ROLE, EC_LEADERSHIP_ROLE
-from auth.AuthConstants import ALL_ROLES
+from auth.AuthConstants import ALL_ROLES, EC_LEADERSHIP_WRITE_ROLE
 from exception import NotFoundException, ForbiddenException
 from exception.messages import MESSAGE_CODE_TALLY_SHEET_CANNOT_LOCK_BEFORE_SUBMIT, \
     MESSAGE_CODE_TALLY_SHEET_SUBMIT_IS_NOT_SUPPORTED, MESSAGE_CODE_TALLY_SHEET_NOT_FOUND, \
@@ -167,7 +167,7 @@ def lock(tallySheetId, body):
 #     return TallySheetSchema().dump(tally_sheet).data, 201
 
 
-@authorize(required_roles=[EC_LEADERSHIP_ROLE])
+@authorize(required_roles=[EC_LEADERSHIP_WRITE_ROLE])
 def notify(tallySheetId):
     tally_sheet = TallySheet.get_by_id(tallySheetId=tallySheetId)
 
@@ -193,7 +193,7 @@ def notify(tallySheetId):
     return TallySheetSchema().dump(tally_sheet).data, 201
 
 
-@authorize(required_roles=[EC_LEADERSHIP_ROLE])
+@authorize(required_roles=[EC_LEADERSHIP_WRITE_ROLE])
 def release(tallySheetId):
     tally_sheet = TallySheet.get_by_id(tallySheetId=tallySheetId)
 
diff --git a/auth/AuthConstants.py b/auth/AuthConstants.py
index 912cbd19..ad38dc74 100644
--- a/auth/AuthConstants.py
+++ b/auth/AuthConstants.py
@@ -12,6 +12,7 @@
 NATIONAL_REPORT_VIEWER_ROLE = "nat_dis_rep_view"
 NATIONAL_REPORT_VERIFIER_ROLE = "nat_dis_rep_verf"
 EC_LEADERSHIP_ROLE = "ec_leadership"
+EC_LEADERSHIP_WRITE_ROLE = "ec_leadership_write"
 
 ACCESS_TYPE_READ = 'read'
 ACCESS_TYPE_LOCK = 'lock'
@@ -21,6 +22,6 @@
 
 ALL_ROLES = [DATA_EDITOR_ROLE, POLLING_DIVISION_REPORT_VERIFIER_ROLE, POLLING_DIVISION_REPORT_VIEWER_ROLE,
              ELECTORAL_DISTRICT_REPORT_VERIFIER_ROLE, ELECTORAL_DISTRICT_REPORT_VIEWER_ROLE,
-             NATIONAL_REPORT_VERIFIER_ROLE, NATIONAL_REPORT_VIEWER_ROLE, EC_LEADERSHIP_ROLE]
+             NATIONAL_REPORT_VERIFIER_ROLE, NATIONAL_REPORT_VIEWER_ROLE, EC_LEADERSHIP_ROLE, EC_LEADERSHIP_WRITE_ROLE]
 
 JWT_TOKEN_HEADER_KEY = "X-Jwt-Assertion"
diff --git a/auth/RoleBasedAccess.py b/auth/RoleBasedAccess.py
index fbb8d2dc..86b4400f 100644
--- a/auth/RoleBasedAccess.py
+++ b/auth/RoleBasedAccess.py
@@ -78,76 +78,76 @@
 }
 
 role_to_write_allowed_tallysheet_types = {
-    DATA_EDITOR_ROLE: [
-        TallySheetCodeEnum.PRE_41,
-        TallySheetCodeEnum.CE_201,
-        TallySheetCodeEnum.CE_201_PV,
-        TallySheetCodeEnum.PRE_34_CO
-    ]
+    # DATA_EDITOR_ROLE: [
+    #     TallySheetCodeEnum.PRE_41,
+    #     TallySheetCodeEnum.CE_201,
+    #     TallySheetCodeEnum.CE_201_PV,
+    #     TallySheetCodeEnum.PRE_34_CO
+    # ]
 }
 
 role_to_lock_allowed_tallysheet_types = {
-    DATA_EDITOR_ROLE: [
-        TallySheetCodeEnum.PRE_41,
-        TallySheetCodeEnum.CE_201,
-        TallySheetCodeEnum.CE_201_PV,
-        TallySheetCodeEnum.PRE_34_CO
-    ],
-    POLLING_DIVISION_REPORT_VERIFIER_ROLE: [
-        TallySheetCodeEnum.PRE_30_PD,
-        TallySheetCodeEnum.PRE_34_I_RO,
-        TallySheetCodeEnum.PRE_34_PD
-    ],
-    ELECTORAL_DISTRICT_REPORT_VERIFIER_ROLE: [
-        TallySheetCodeEnum.PRE_30_PD,
-        TallySheetCodeEnum.PRE_30_ED,
-        TallySheetCodeEnum.PRE_34_I_RO,
-        TallySheetCodeEnum.PRE_34_II_RO,
-        TallySheetCodeEnum.PRE_34,
-        TallySheetCodeEnum.PRE_34_PD,
-        TallySheetCodeEnum.PRE_34_ED
-    ],
-    NATIONAL_REPORT_VERIFIER_ROLE: [
-        TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS,
-        TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS_BY_ELECTORAL_DISTRICTS,
-        TallySheetCodeEnum.PRE_34_AI
-    ]
+    # DATA_EDITOR_ROLE: [
+    #     TallySheetCodeEnum.PRE_41,
+    #     TallySheetCodeEnum.CE_201,
+    #     TallySheetCodeEnum.CE_201_PV,
+    #     TallySheetCodeEnum.PRE_34_CO
+    # ],
+    # POLLING_DIVISION_REPORT_VERIFIER_ROLE: [
+    #     TallySheetCodeEnum.PRE_30_PD,
+    #     TallySheetCodeEnum.PRE_34_I_RO,
+    #     TallySheetCodeEnum.PRE_34_PD
+    # ],
+    # ELECTORAL_DISTRICT_REPORT_VERIFIER_ROLE: [
+    #     TallySheetCodeEnum.PRE_30_PD,
+    #     TallySheetCodeEnum.PRE_30_ED,
+    #     TallySheetCodeEnum.PRE_34_I_RO,
+    #     TallySheetCodeEnum.PRE_34_II_RO,
+    #     TallySheetCodeEnum.PRE_34,
+    #     TallySheetCodeEnum.PRE_34_PD,
+    #     TallySheetCodeEnum.PRE_34_ED
+    # ],
+    # NATIONAL_REPORT_VERIFIER_ROLE: [
+    #     TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS,
+    #     TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS_BY_ELECTORAL_DISTRICTS,
+    #     TallySheetCodeEnum.PRE_34_AI
+    # ]
 }
 
 role_to_unlock_allowed_tallysheet_types = {
-    POLLING_DIVISION_REPORT_VERIFIER_ROLE: [
-        TallySheetCodeEnum.PRE_41,
-        TallySheetCodeEnum.CE_201,
-        TallySheetCodeEnum.CE_201_PV,
-        TallySheetCodeEnum.PRE_34_CO
-    ],
-    ELECTORAL_DISTRICT_REPORT_VERIFIER_ROLE: [
-        TallySheetCodeEnum.PRE_41,
-        TallySheetCodeEnum.CE_201_PV,
-        TallySheetCodeEnum.PRE_34_CO,
-    ],
-    NATIONAL_REPORT_VERIFIER_ROLE: [
-        TallySheetCodeEnum.PRE_30_PD,
-        TallySheetCodeEnum.PRE_30_ED,
-        TallySheetCodeEnum.PRE_34_I_RO,
-        TallySheetCodeEnum.PRE_34_II_RO,
-        TallySheetCodeEnum.PRE_34,
-        # TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS,
-        # TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS_BY_ELECTORAL_DISTRICTS,
-        TallySheetCodeEnum.PRE_34_PD,
-        TallySheetCodeEnum.PRE_34_ED,
-        TallySheetCodeEnum.PRE_34_AI
-    ],
-    EC_LEADERSHIP_ROLE: [
-        TallySheetCodeEnum.PRE_30_PD,
-        TallySheetCodeEnum.PRE_30_ED,
-        TallySheetCodeEnum.PRE_34_I_RO,
-        TallySheetCodeEnum.PRE_34_II_RO,
-        TallySheetCodeEnum.PRE_34,
-        TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS,
-        TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS_BY_ELECTORAL_DISTRICTS,
-        TallySheetCodeEnum.PRE_34_PD,
-        TallySheetCodeEnum.PRE_34_ED,
-        TallySheetCodeEnum.PRE_34_AI
-    ]
+    # POLLING_DIVISION_REPORT_VERIFIER_ROLE: [
+    #     TallySheetCodeEnum.PRE_41,
+    #     TallySheetCodeEnum.CE_201,
+    #     TallySheetCodeEnum.CE_201_PV,
+    #     TallySheetCodeEnum.PRE_34_CO
+    # ],
+    # ELECTORAL_DISTRICT_REPORT_VERIFIER_ROLE: [
+    #     TallySheetCodeEnum.PRE_41,
+    #     TallySheetCodeEnum.CE_201_PV,
+    #     TallySheetCodeEnum.PRE_34_CO,
+    # ],
+    # NATIONAL_REPORT_VERIFIER_ROLE: [
+    #     TallySheetCodeEnum.PRE_30_PD,
+    #     TallySheetCodeEnum.PRE_30_ED,
+    #     TallySheetCodeEnum.PRE_34_I_RO,
+    #     TallySheetCodeEnum.PRE_34_II_RO,
+    #     TallySheetCodeEnum.PRE_34,
+    #     # TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS,
+    #     # TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS_BY_ELECTORAL_DISTRICTS,
+    #     TallySheetCodeEnum.PRE_34_PD,
+    #     TallySheetCodeEnum.PRE_34_ED,
+    #     TallySheetCodeEnum.PRE_34_AI
+    # ],
+    # EC_LEADERSHIP_ROLE: [
+    #     TallySheetCodeEnum.PRE_30_PD,
+    #     TallySheetCodeEnum.PRE_30_ED,
+    #     TallySheetCodeEnum.PRE_34_I_RO,
+    #     TallySheetCodeEnum.PRE_34_II_RO,
+    #     TallySheetCodeEnum.PRE_34,
+    #     TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS,
+    #     TallySheetCodeEnum.PRE_ALL_ISLAND_RESULTS_BY_ELECTORAL_DISTRICTS,
+    #     TallySheetCodeEnum.PRE_34_PD,
+    #     TallySheetCodeEnum.PRE_34_ED,
+    #     TallySheetCodeEnum.PRE_34_AI
+    # ]
 }