Merge 24.3 to 24.7

src/org/labkey/snd/SNDModule.java

@@ -42,11 +42,13 @@
 import org.labkey.snd.security.roles.SNDBasicSubmitterRole;
 import org.labkey.snd.security.roles.SNDDataAdminRole;
 import org.labkey.snd.security.roles.SNDDataReviewerRole;
+import org.labkey.snd.security.roles.SNDEditorRole;
 import org.labkey.snd.security.roles.SNDPackageEditorRole;
 import org.labkey.snd.security.roles.SNDPackageViewerRole;
 import org.labkey.snd.security.roles.SNDProjectEditorRole;
 import org.labkey.snd.security.roles.SNDProjectViewerRole;
 import org.labkey.snd.security.roles.SNDReaderRole;
+import org.labkey.snd.security.roles.SNDViewerRole;
 
 import java.util.Collection;
 import java.util.Collections;
@@ -97,6 +99,8 @@ protected void init()
         RoleManager.registerRole(new SNDPackageEditorRole(), true);
         RoleManager.registerRole(new SNDProjectViewerRole(), true);
         RoleManager.registerRole(new SNDProjectEditorRole(), true);
+        RoleManager.registerRole(new SNDViewerRole(), true);
+        RoleManager.registerRole(new SNDEditorRole(), true);
 
     }
 

src/org/labkey/snd/SNDUserSchema.java

@@ -29,7 +29,6 @@
 import org.labkey.api.query.SimpleUserSchema;
 import org.labkey.api.query.UserSchema;
 import org.labkey.api.security.User;
-import org.labkey.api.security.permissions.AdminPermission;
 import org.labkey.api.security.roles.Role;
 import org.labkey.snd.query.AttributeDataTable;
 import org.labkey.snd.query.CategoriesTable;
@@ -44,6 +43,7 @@
 import org.labkey.snd.query.PackagesTable;
 import org.labkey.snd.query.ProjectsTable;
 import org.labkey.snd.query.SuperPackagesTable;
+import org.labkey.snd.security.permissions.SNDViewerPermission;
 
 import java.util.Collections;
 import java.util.Map;
@@ -136,15 +136,19 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     @Override
                     public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     {
-                        return new EventsTable(schema, SNDSchema.getInstance().getTableInfoEvents(), cf).init();
+                        if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles()))
+                        {
+                            return new EventsTable(schema, SNDSchema.getInstance().getTableInfoEvents(), cf).init();
+                        }
+                        return null;
                     }
                 },
         EventNotes
                 {
                     @Override
                     public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     {
-                        if (schema.getContainer().hasPermission(schema.getUser(), AdminPermission.class, schema.getContextualRoles()))
+                        if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles()))
                         {
                             return new EventNotesTable(schema, SNDSchema.getInstance().getTableInfoEventNotes(), cf).init();
                         }
@@ -157,7 +161,7 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     @Override
                     public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     {
-                        if (schema.getContainer().hasPermission(schema.getUser(), AdminPermission.class, schema.getContextualRoles()))
+                        if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles()))
                         {
                             return new EventDataTable(schema, SNDSchema.getInstance().getTableInfoEventData(), cf).init();
                         }
@@ -170,7 +174,7 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     @Override
                     public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     {
-                        if (schema.getContainer().hasPermission(schema.getUser(), AdminPermission.class, schema.getContextualRoles()))
+                        if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles()))
                         {
                             return new AttributeDataTable(schema, cf);
                         }
@@ -183,7 +187,7 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     @Override
                     public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     {
-                        if (schema.getContainer().hasPermission(schema.getUser(), AdminPermission.class, schema.getContextualRoles()))
+                        if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles()))
                         {
                             return new PackageAttributeTable(schema, cf);
                         }
@@ -212,7 +216,7 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     @Override
                     public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf)
                     {
-                        if (schema.getContainer().hasPermission(schema.getUser(), AdminPermission.class, schema.getContextualRoles()))
+                        if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles()))
                         {
                             return new EventsCacheTable(schema, SNDSchema.getInstance().getTableInfoEventsCache(), cf).init();
                         }

src/org/labkey/snd/query/AttributeDataTable.java

@@ -44,14 +44,14 @@
 import org.labkey.api.query.ValidationException;
 import org.labkey.api.security.User;
 import org.labkey.api.security.UserPrincipal;
-import org.labkey.api.security.permissions.AdminPermission;
 import org.labkey.api.security.permissions.Permission;
 import org.labkey.api.settings.AppProps;
 import org.labkey.api.snd.SNDService;
 import org.labkey.api.util.UnexpectedException;
 import org.labkey.snd.SNDManager;
 import org.labkey.snd.SNDSchema;
 import org.labkey.snd.SNDUserSchema;
+import org.labkey.snd.security.permissions.SNDViewerPermission;
 
 import java.io.IOException;
 import java.util.ArrayList;
@@ -138,7 +138,7 @@ public SQLFragment getFromSQL(String alias)
     @Override
     public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class<? extends Permission> perm)
     {
-        return getContainer().hasPermission(user, AdminPermission.class, getUserSchema().getContextualRoles());
+        return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles());
     }
 
     @Override

src/org/labkey/snd/query/EventDataTable.java

@@ -37,12 +37,12 @@
 import org.labkey.api.query.SimpleUserSchema;
 import org.labkey.api.security.User;
 import org.labkey.api.security.UserPrincipal;
-import org.labkey.api.security.permissions.AdminPermission;
 import org.labkey.api.security.permissions.Permission;
 import org.labkey.api.settings.AppProps;
 import org.labkey.api.snd.SNDService;
 import org.labkey.snd.SNDManager;
 import org.labkey.snd.SNDUserSchema;
+import org.labkey.snd.security.permissions.SNDViewerPermission;
 
 import java.io.IOException;
 import java.sql.SQLException;
@@ -68,7 +68,7 @@ public EventDataTable(SNDUserSchema schema, TableInfo table, ContainerFilter cf)
     @Override
     public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class<? extends Permission> perm)
     {
-        return getContainer().hasPermission(user, AdminPermission.class, getUserSchema().getContextualRoles());
+        return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles());
     }
 
     @Override

src/org/labkey/snd/query/EventNotesTable.java

@@ -29,11 +29,11 @@
 import org.labkey.api.query.ValidationException;
 import org.labkey.api.security.User;
 import org.labkey.api.security.UserPrincipal;
-import org.labkey.api.security.permissions.AdminPermission;
 import org.labkey.api.security.permissions.Permission;
 import org.labkey.api.snd.SNDService;
 import org.labkey.snd.SNDManager;
 import org.labkey.snd.SNDUserSchema;
+import org.labkey.snd.security.permissions.SNDViewerPermission;
 
 import java.io.IOException;
 import java.util.List;
@@ -113,6 +113,6 @@ public int mergeRows(User user, Container container, DataIteratorBuilder rows, B
     @Override
     public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class<? extends Permission> perm)
     {
-        return getContainer().hasPermission(user, AdminPermission.class, getUserSchema().getContextualRoles());
+        return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles());
     }
 }

src/org/labkey/snd/query/EventsCacheTable.java

@@ -22,10 +22,10 @@
 import org.labkey.api.query.QueryUpdateService;
 import org.labkey.api.query.SimpleUserSchema;
 import org.labkey.api.security.UserPrincipal;
-import org.labkey.api.security.permissions.AdminPermission;
 import org.labkey.api.security.permissions.Permission;
 import org.labkey.snd.SNDUserSchema;
 import org.labkey.api.snd.PlainTextNarrativeDisplayColumn;
+import org.labkey.snd.security.permissions.SNDViewerPermission;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -56,7 +56,7 @@ public EventsCacheTable(SNDUserSchema schema, TableInfo table, ContainerFilter c
     @Override
     public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class<? extends Permission> perm)
     {
-        return getContainer().hasPermission(user, AdminPermission.class, getUserSchema().getContextualRoles());
+       return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles());
     }
 
     @Override

src/org/labkey/snd/query/EventsTable.java

@@ -16,6 +16,7 @@
 package org.labkey.snd.query;
 
 import org.apache.logging.log4j.Logger;
+import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 import org.labkey.api.data.Container;
 import org.labkey.api.data.ContainerFilter;
@@ -30,6 +31,8 @@
 import org.labkey.api.query.SimpleUserSchema.SimpleTable;
 import org.labkey.api.query.ValidationException;
 import org.labkey.api.security.User;
+import org.labkey.api.security.UserPrincipal;
+import org.labkey.api.security.permissions.Permission;
 import org.labkey.api.snd.Event;
 import org.labkey.api.snd.SNDService;
 import org.labkey.snd.NarrativeAuditProvider;
@@ -38,6 +41,7 @@
 import org.labkey.snd.SNDUserSchema;
 import org.labkey.snd.security.QCStateActionEnum;
 import org.labkey.snd.security.SNDSecurityManager;
+import org.labkey.snd.security.permissions.SNDViewerPermission;
 
 import java.io.IOException;
 import java.sql.SQLException;
@@ -209,4 +213,9 @@ protected Map<String, Object> deleteRow(User user, Container container, Map<Stri
             return result;
         }
     }
+    @Override
+    public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class<? extends Permission> perm)
+    {
+        return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles());
+    }
 }

src/org/labkey/snd/query/PackageAttributeTable.java

@@ -25,13 +25,13 @@
 import org.labkey.api.query.QueryUpdateService;
 import org.labkey.api.query.QueryUpdateServiceException;
 import org.labkey.api.security.UserPrincipal;
-import org.labkey.api.security.permissions.AdminPermission;
 import org.labkey.api.security.permissions.Permission;
 import org.labkey.api.snd.PackageDomainKind;
 import org.labkey.api.util.HtmlString;
 import org.labkey.snd.SNDManager;
 import org.labkey.snd.SNDSchema;
 import org.labkey.snd.SNDUserSchema;
+import org.labkey.snd.security.permissions.SNDViewerPermission;
 
 import java.sql.SQLException;
 import java.util.ArrayList;
@@ -251,7 +251,7 @@ public SQLFragment getFromSQL(String alias)
     @Override
     public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class<? extends Permission> perm)
     {
-        return getContainer().hasPermission(user, AdminPermission.class, getUserSchema().getContextualRoles());
+        return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles());
     }
 
 }

src/org/labkey/snd/security/permissions/SNDEditorPermission.java

@@ -0,0 +1,16 @@
+package org.labkey.snd.security.permissions;
+
+import org.labkey.api.security.permissions.AbstractPermission;
+
+
+/**
+ * Created by thawkins on 8/6/2024.
+ */
+public class SNDEditorPermission extends AbstractPermission
+{
+    public SNDEditorPermission()
+    {
+        super("SNDEditorPermission", "This is the base permission required to Edit SND Data.");
+    }
+
+}

src/org/labkey/snd/security/permissions/SNDViewerPermission.java

@@ -0,0 +1,16 @@
+package org.labkey.snd.security.permissions;
+
+import org.labkey.api.security.permissions.AbstractPermission;
+
+
+/**
+ * Created by thawkins on 8/6/2024.
+ */
+public class SNDViewerPermission extends AbstractPermission
+{
+    public SNDViewerPermission()
+    {
+        super("SNDViewerPermission", "This is the base permission required to view SND Data.");
+    }
+
+}

src/org/labkey/snd/security/roles/SNDEditorRole.java

@@ -0,0 +1,23 @@
+package org.labkey.snd.security.roles;
+
+import org.labkey.api.security.roles.AbstractModuleScopedRole;
+import org.labkey.snd.SNDModule;
+import org.labkey.snd.security.permissions.SNDEditorPermission;
+import org.labkey.snd.security.permissions.SNDViewerPermission;
+
+/**
+ * Created by thawkins on 8/6/2024.
+ */
+public class SNDEditorRole extends AbstractModuleScopedRole
+{
+    public SNDEditorRole()
+    {
+        super("SND Data Editors", "Users with this role are permitted to Edit SND data.",
+                SNDModule.class,
+                SNDViewerPermission.class,
+                SNDEditorPermission.class
+        );
+
+
+    }
+}

src/org/labkey/snd/security/roles/SNDViewerRole.java

@@ -0,0 +1,21 @@
+package org.labkey.snd.security.roles;
+
+import org.labkey.api.security.roles.AbstractModuleScopedRole;
+import org.labkey.snd.SNDModule;
+import org.labkey.snd.security.permissions.SNDViewerPermission;
+
+/**
+ * Created by thawkins on 8/6/2024.
+ */
+public class SNDViewerRole extends AbstractModuleScopedRole
+{
+    public SNDViewerRole()
+    {
+        super("SND Data Viewers", "Users with this role are permitted to view SND data.",
+                SNDModule.class,
+                SNDViewerPermission.class
+        );
+
+
+    }
+}

webapp/snd/test/data.js

@@ -560,7 +560,8 @@
                 name: 'Valid Save Event with super package and trigger unit type conversion',
                 roles: ['org.labkey.api.security.roles.ReaderRole',
                     'org.labkey.api.security.roles.EditorRole',
-                    'org.labkey.snd.security.roles.SNDBasicSubmitterRole'],
+                    'org.labkey.snd.security.roles.SNDBasicSubmitterRole',
+                    'org.labkey.snd.security.roles.SNDEditorRole'],
                 jsonData: {
                     eventId: 1800001,
                     subjectId: "2",
@@ -1677,7 +1678,8 @@
                 name: 'Failed Insert Event: Wrong permissions. Reader inserting Completed event.',
                 roles: ['org.labkey.api.security.roles.ReaderRole',
                     'org.labkey.api.security.roles.EditorRole',
-                    'org.labkey.snd.security.roles.SNDReaderRole'],
+                    'org.labkey.snd.security.roles.SNDReaderRole',
+                    'org.labkey.snd.security.roles.SNDEditorRole'],
                 jsonData: {
                     eventId: 1800007,
                     subjectId: "25",
@@ -1714,7 +1716,8 @@
                 name: 'Failed Update Event: Wrong permission. Basic submitter updating to rejected',
                 roles: ['org.labkey.api.security.roles.ReaderRole',
                     'org.labkey.api.security.roles.EditorRole',
-                    'org.labkey.snd.security.roles.SNDBasicSubmitterRole'],
+                    'org.labkey.snd.security.roles.SNDBasicSubmitterRole',
+                    'org.labkey.snd.security.roles.SNDEditorRole'],
                 jsonData: {
                     eventId: 1800008,
                     subjectId: "25",
@@ -1751,7 +1754,8 @@
                 name: 'Failed Insert Event: Wrong permission. Reviewer inserting In Progress data.',
                 roles: ['org.labkey.api.security.roles.ReaderRole',
                     'org.labkey.api.security.roles.EditorRole',
-                    'org.labkey.snd.security.roles.SNDDataReviewerRole'],
+                    'org.labkey.snd.security.roles.SNDDataReviewerRole',
+                    'org.labkey.snd.security.roles.SNDEditorRole'],
                 jsonData: {
                     eventId: 1800008,
                     subjectId: "25",

webapp/snd/test/tests.js

@@ -692,7 +692,8 @@
             name: 'Delete Event: Correct permission. Data admin role.',
             roles: ['org.labkey.api.security.roles.ReaderRole',
                 'org.labkey.api.security.roles.EditorRole',
-                'org.labkey.snd.security.roles.SNDDataAdminRole'],
+                'org.labkey.snd.security.roles.SNDDataAdminRole',
+                'org.labkey.snd.security.roles.SNDViewerRole'],
             run : function()
             {
                 return{