Skip to content

Commit

Permalink
Extend Basic Submitter capabilities (#154)
Browse files Browse the repository at this point in the history 
* Allow SND basic submitters to read, update, insert, and delete completed data

* Commented out test in SND testing framework: 'Get Event: Invalid permission. Basic submitter reading completed data.'

* Changed comment style to make file easier to read

* ditto on the delete record test
  • Loading branch information
@spamhurts
spamhurts authored Nov 30, 2023
1 parent 93e9a20 commit 8787999
Show file tree
Hide file tree
Showing 2 changed files with 58 additions and 42 deletions.
10 changes: 9 additions & 1 deletion src/org/labkey/snd/security/roles/SNDBasicSubmitterRole.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,10 @@
import org.labkey.api.security.roles.AbstractModuleScopedRole;
import org.labkey.api.snd.Category;
import org.labkey.snd.SNDModule;
import org.labkey.snd.security.permissions.SNDCompletedDeletePermission;
import org.labkey.snd.security.permissions.SNDCompletedInsertPermission;
import org.labkey.snd.security.permissions.SNDCompletedReadPermission;
import org.labkey.snd.security.permissions.SNDCompletedUpdatePermission;
import org.labkey.snd.security.permissions.SNDInProgressDeletePermission;
import org.labkey.snd.security.permissions.SNDInProgressInsertPermission;
import org.labkey.snd.security.permissions.SNDInProgressReadPermission;
Expand All @@ -42,7 +46,11 @@ public SNDBasicSubmitterRole()
SNDInProgressUpdatePermission.class, SNDInProgressDeletePermission.class,
SNDReviewRequiredReadPermission.class, SNDReviewRequiredInsertPermission.class,
SNDReviewRequiredUpdatePermission.class, SNDReviewRequiredDeletePermission.class,
SNDRejectedReadPermission.class, SNDRejectedDeletePermission.class);
SNDRejectedReadPermission.class, SNDRejectedDeletePermission.class,
// allow basic submitters to read, update, insert, and delete completed data
// This is needed uptil SNPRC releases the new QC workflow
SNDCompletedInsertPermission.class, SNDCompletedDeletePermission.class,
SNDCompletedReadPermission.class, SNDCompletedUpdatePermission.class);
}

@Override
Expand Down
90 changes: 49 additions & 41 deletions webapp/snd/test/tests.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -591,24 +591,27 @@
}
}
}
},{

name: 'Get Event: Invalid permission. Basic submitter reading completed data.',
roles: ['org.labkey.api.security.roles.ReaderRole',
'org.labkey.api.security.roles.EditorRole',
'org.labkey.snd.security.roles.SNDBasicSubmitterRole'],
run : function()
{
return{
request:{
url:LABKEY.SND_TEST_URLS.GET_EVENT_URL,
jsonData:{"eventId": "1800002"}
},
expectedFailure : 'You do not have permission to Read event data for QC state Completed for these super packages.'
}
}
},{

},
//{
// // This test is commented out because it is not currently valid:
// // allow basic submitters to read, update, insert, and delete completed data
// // This is needed uptil SNPRC releases the new QC workflow
// name: 'Get Event: Invalid permission. Basic submitter reading completed data.',
// roles: ['org.labkey.api.security.roles.ReaderRole',
// 'org.labkey.api.security.roles.EditorRole',
// 'org.labkey.snd.security.roles.SNDBasicSubmitterRole'],
// run : function()
// {
// return{
// request:{
// url:LABKEY.SND_TEST_URLS.GET_EVENT_URL,
// jsonData:{"eventId": "1800002"}
// },
// expectedFailure : 'You do not have permission to Read event data for QC state Completed for these super packages.'
// }
// }
// },
{
name: 'Get Event: Valid permission. Data reviewer reading completed data.',
roles: ['org.labkey.api.security.roles.ReaderRole',
'org.labkey.api.security.roles.EditorRole',
Expand Down Expand Up @@ -657,29 +660,34 @@
}
}
}
}, {

name: 'Delete Event: Invalid permission. Basic submitter role cannot delete completed data.',
roles: ['org.labkey.api.security.roles.ReaderRole',
'org.labkey.api.security.roles.EditorRole',
'org.labkey.snd.security.roles.SNDBasicSubmitterRole'],
run : function()
{
return{
request:{
url:LABKEY.SND_TEST_URLS.DELETE_EVENT_URL,
jsonData: {
schemaName: 'snd',
queryName: 'Events',
rows: [{
EventId: 1800002
}]
}
},
expectedFailure : 'You do not have permission to Delete event data for QC state Completed for these super packages.'
}
}
},{
},
// // This test is commented out because it is not currently valid:
// // allow basic submitters to read, update, insert, and delete completed data
// // This is needed uptil SNPRC releases the new QC workflow
// {
//
// name: 'Delete Event: Invalid permission. Basic submitter role cannot delete completed data.',
// roles: ['org.labkey.api.security.roles.ReaderRole',
// 'org.labkey.api.security.roles.EditorRole',
// 'org.labkey.snd.security.roles.SNDBasicSubmitterRole'],
// run : function()
// {
// return{
// request:{
// url:LABKEY.SND_TEST_URLS.DELETE_EVENT_URL,
// jsonData: {
// schemaName: 'snd',
// queryName: 'Events',
// rows: [{
// EventId: 1800002
// }]
// }
// },
// expectedFailure : 'You do not have permission to Delete event data for QC state Completed for these super packages.'
// }
// }
// },
{

name: 'Delete Event: Correct permission. Data admin role.',
roles: ['org.labkey.api.security.roles.ReaderRole',
Expand Down

0 comments on commit 8787999

Please sign in to comment.