Merge pull request #297 from dinukadesilva/comment-role-based-access

Comment all usage of `has_role_based_access`
ECLK · Nov 2, 2019 · 5262641 · 5262641
2 parents fc06f0d + ae78f39
commit 5262641
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 19 deletions.
diff --git a/api/TallySheetApi.py b/api/TallySheetApi.py
@@ -27,9 +27,9 @@ def getAll(electionId=None, areaId=None, tallySheetCode=None):
     result = get_paginated_query(result).all()
 
     # filter based on roles
-    filtered_results = [tally_sheet for tally_sheet in result if has_role_based_access(tally_sheet, ACCESS_TYPE_READ)]
+    # filtered_results = [tally_sheet for tally_sheet in result if has_role_based_access(tally_sheet, ACCESS_TYPE_READ)]
 
-    return TallySheetSchema(many=True).dump(filtered_results).data
+    return TallySheetSchema(many=True).dump(result).data
 
 
 @authorize(required_roles=ALL_ROLES)
@@ -45,8 +45,9 @@ def get_by_id(tallySheetId):
     return TallySheetSchema().dump(tally_sheet).data
 
 
-@authorize(required_roles=[POLLING_DIVISION_REPORT_VERIFIER_ROLE, ELECTORAL_DISTRICT_REPORT_VERIFIER_ROLE,
-                           NATIONAL_REPORT_VERIFIER_ROLE])
+@authorize(
+    required_roles=[DATA_EDITOR_ROLE, POLLING_DIVISION_REPORT_VERIFIER_ROLE, ELECTORAL_DISTRICT_REPORT_VERIFIER_ROLE,
+                    NATIONAL_REPORT_VERIFIER_ROLE])
 def unlock(tallySheetId):
     tally_sheet = TallySheet.get_by_id(tallySheetId=tallySheetId)
 

diff --git a/orm/entities/Submission/TallySheet/__init__.py b/orm/entities/Submission/TallySheet/__init__.py
@@ -54,19 +54,19 @@ def set_locked_version(self, tallySheetVersion: TallySheetVersion):
         #     )
 
         if tallySheetVersion is None:
-            if not has_role_based_access(self, ACCESS_TYPE_UNLOCK):
-                raise ForbiddenException(
-                    message="User doesn't have access to tally sheet.",
-                    code=MESSAGE_CODE_TALLY_SHEET_NOT_AUTHORIZED_TO_UNLOCK
-                )
+            # if not has_role_based_access(self, ACCESS_TYPE_UNLOCK):
+            #     raise ForbiddenException(
+            #         message="User doesn't have access to tally sheet.",
+            #         code=MESSAGE_CODE_TALLY_SHEET_NOT_AUTHORIZED_TO_UNLOCK
+            #     )
 
             self.submission.set_locked_version(submissionVersion=None)
         else:
-            if not has_role_based_access(self, ACCESS_TYPE_LOCK):
-                raise ForbiddenException(
-                    message="User doesn't have access to tally sheet.",
-                    code=MESSAGE_CODE_TALLY_SHEET_NOT_AUTHORIZED_TO_LOCK
-                )
+            # if not has_role_based_access(self, ACCESS_TYPE_LOCK):
+            #     raise ForbiddenException(
+            #         message="User doesn't have access to tally sheet.",
+            #         code=MESSAGE_CODE_TALLY_SHEET_NOT_AUTHORIZED_TO_LOCK
+            #     )
 
             self.submission.set_locked_version(submissionVersion=tallySheetVersion.submissionVersion)
 
@@ -139,11 +139,11 @@ def get_by_id(tallySheetId, tallySheetCode=None):
 
     result = query.one_or_none()
 
-    if not has_role_based_access(result, ACCESS_TYPE_READ):
-        raise ForbiddenException(
-            message="User doesn't have access to tally sheet.",
-            code=MESSAGE_CODE_TALLY_SHEET_NOT_AUTHORIZED_TO_VIEW
-        )
+    # if not has_role_based_access(result, ACCESS_TYPE_READ):
+    #     raise ForbiddenException(
+    #         message="User doesn't have access to tally sheet.",
+    #         code=MESSAGE_CODE_TALLY_SHEET_NOT_AUTHORIZED_TO_VIEW
+    #     )
 
     return result