diff --git a/src/org/labkey/snd/SNDUserSchema.java b/src/org/labkey/snd/SNDUserSchema.java index a8f318cb..b4c9e458 100644 --- a/src/org/labkey/snd/SNDUserSchema.java +++ b/src/org/labkey/snd/SNDUserSchema.java @@ -29,7 +29,6 @@ import org.labkey.api.query.SimpleUserSchema; import org.labkey.api.query.UserSchema; import org.labkey.api.security.User; -import org.labkey.api.security.permissions.AdminPermission; import org.labkey.api.security.roles.Role; import org.labkey.snd.query.AttributeDataTable; import org.labkey.snd.query.CategoriesTable; @@ -44,6 +43,7 @@ import org.labkey.snd.query.PackagesTable; import org.labkey.snd.query.ProjectsTable; import org.labkey.snd.query.SuperPackagesTable; +import org.labkey.snd.security.permissions.SNDViewerPermission; import java.util.Collections; import java.util.Map; @@ -136,7 +136,11 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) @Override public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) { - return new EventsTable(schema, SNDSchema.getInstance().getTableInfoEvents(), cf).init(); + if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles())) + { + return new EventsTable(schema, SNDSchema.getInstance().getTableInfoEvents(), cf).init(); + } + return null; } }, EventNotes @@ -144,7 +148,7 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) @Override public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) { - if (schema.getContainer().hasPermission(schema.getUser(), AdminPermission.class, schema.getContextualRoles())) + if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles())) { return new EventNotesTable(schema, SNDSchema.getInstance().getTableInfoEventNotes(), cf).init(); } @@ -157,7 +161,7 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) @Override public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) { - if (schema.getContainer().hasPermission(schema.getUser(), AdminPermission.class, schema.getContextualRoles())) + if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles())) { return new EventDataTable(schema, SNDSchema.getInstance().getTableInfoEventData(), cf).init(); } @@ -170,7 +174,7 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) @Override public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) { - if (schema.getContainer().hasPermission(schema.getUser(), AdminPermission.class, schema.getContextualRoles())) + if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles())) { return new AttributeDataTable(schema, cf); } @@ -183,7 +187,7 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) @Override public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) { - if (schema.getContainer().hasPermission(schema.getUser(), AdminPermission.class, schema.getContextualRoles())) + if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles())) { return new PackageAttributeTable(schema, cf); } @@ -212,7 +216,7 @@ public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) @Override public TableInfo createTable(SNDUserSchema schema, ContainerFilter cf) { - if (schema.getContainer().hasPermission(schema.getUser(), AdminPermission.class, schema.getContextualRoles())) + if (schema.getContainer().hasPermission(schema.getUser(), SNDViewerPermission.class, schema.getContextualRoles())) { return new EventsCacheTable(schema, SNDSchema.getInstance().getTableInfoEventsCache(), cf).init(); } diff --git a/src/org/labkey/snd/query/AttributeDataTable.java b/src/org/labkey/snd/query/AttributeDataTable.java index 1ff83491..0ff9e2c6 100644 --- a/src/org/labkey/snd/query/AttributeDataTable.java +++ b/src/org/labkey/snd/query/AttributeDataTable.java @@ -44,7 +44,6 @@ import org.labkey.api.query.ValidationException; import org.labkey.api.security.User; import org.labkey.api.security.UserPrincipal; -import org.labkey.api.security.permissions.AdminPermission; import org.labkey.api.security.permissions.Permission; import org.labkey.api.settings.AppProps; import org.labkey.api.snd.SNDService; @@ -52,6 +51,7 @@ import org.labkey.snd.SNDManager; import org.labkey.snd.SNDSchema; import org.labkey.snd.SNDUserSchema; +import org.labkey.snd.security.permissions.SNDViewerPermission; import java.io.IOException; import java.util.ArrayList; @@ -138,7 +138,7 @@ public SQLFragment getFromSQL(String alias) @Override public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class perm) { - return getContainer().hasPermission(user, AdminPermission.class, getUserSchema().getContextualRoles()); + return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles()); } @Override diff --git a/src/org/labkey/snd/query/EventDataTable.java b/src/org/labkey/snd/query/EventDataTable.java index c3f7f290..ae258ae8 100644 --- a/src/org/labkey/snd/query/EventDataTable.java +++ b/src/org/labkey/snd/query/EventDataTable.java @@ -37,12 +37,12 @@ import org.labkey.api.query.SimpleUserSchema; import org.labkey.api.security.User; import org.labkey.api.security.UserPrincipal; -import org.labkey.api.security.permissions.AdminPermission; import org.labkey.api.security.permissions.Permission; import org.labkey.api.settings.AppProps; import org.labkey.api.snd.SNDService; import org.labkey.snd.SNDManager; import org.labkey.snd.SNDUserSchema; +import org.labkey.snd.security.permissions.SNDViewerPermission; import java.io.IOException; import java.sql.SQLException; @@ -68,7 +68,7 @@ public EventDataTable(SNDUserSchema schema, TableInfo table, ContainerFilter cf) @Override public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class perm) { - return getContainer().hasPermission(user, AdminPermission.class, getUserSchema().getContextualRoles()); + return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles()); } @Override diff --git a/src/org/labkey/snd/query/EventNotesTable.java b/src/org/labkey/snd/query/EventNotesTable.java index f4da1635..8e097a45 100644 --- a/src/org/labkey/snd/query/EventNotesTable.java +++ b/src/org/labkey/snd/query/EventNotesTable.java @@ -29,11 +29,11 @@ import org.labkey.api.query.ValidationException; import org.labkey.api.security.User; import org.labkey.api.security.UserPrincipal; -import org.labkey.api.security.permissions.AdminPermission; import org.labkey.api.security.permissions.Permission; import org.labkey.api.snd.SNDService; import org.labkey.snd.SNDManager; import org.labkey.snd.SNDUserSchema; +import org.labkey.snd.security.permissions.SNDViewerPermission; import java.io.IOException; import java.util.List; @@ -113,6 +113,6 @@ public int mergeRows(User user, Container container, DataIteratorBuilder rows, B @Override public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class perm) { - return getContainer().hasPermission(user, AdminPermission.class, getUserSchema().getContextualRoles()); + return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles()); } } diff --git a/src/org/labkey/snd/query/EventsCacheTable.java b/src/org/labkey/snd/query/EventsCacheTable.java index 4b319ae5..c0ec01e7 100644 --- a/src/org/labkey/snd/query/EventsCacheTable.java +++ b/src/org/labkey/snd/query/EventsCacheTable.java @@ -22,10 +22,10 @@ import org.labkey.api.query.QueryUpdateService; import org.labkey.api.query.SimpleUserSchema; import org.labkey.api.security.UserPrincipal; -import org.labkey.api.security.permissions.AdminPermission; import org.labkey.api.security.permissions.Permission; import org.labkey.snd.SNDUserSchema; import org.labkey.api.snd.PlainTextNarrativeDisplayColumn; +import org.labkey.snd.security.permissions.SNDViewerPermission; import java.util.ArrayList; import java.util.List; @@ -56,7 +56,7 @@ public EventsCacheTable(SNDUserSchema schema, TableInfo table, ContainerFilter c @Override public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class perm) { - return getContainer().hasPermission(user, AdminPermission.class, getUserSchema().getContextualRoles()); + return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles()); } @Override diff --git a/src/org/labkey/snd/query/EventsTable.java b/src/org/labkey/snd/query/EventsTable.java index 0dbaf40d..5b511a67 100644 --- a/src/org/labkey/snd/query/EventsTable.java +++ b/src/org/labkey/snd/query/EventsTable.java @@ -16,6 +16,7 @@ package org.labkey.snd.query; import org.apache.logging.log4j.Logger; +import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; import org.labkey.api.data.Container; import org.labkey.api.data.ContainerFilter; @@ -30,6 +31,8 @@ import org.labkey.api.query.SimpleUserSchema.SimpleTable; import org.labkey.api.query.ValidationException; import org.labkey.api.security.User; +import org.labkey.api.security.UserPrincipal; +import org.labkey.api.security.permissions.Permission; import org.labkey.api.snd.Event; import org.labkey.api.snd.SNDService; import org.labkey.snd.NarrativeAuditProvider; @@ -38,6 +41,7 @@ import org.labkey.snd.SNDUserSchema; import org.labkey.snd.security.QCStateActionEnum; import org.labkey.snd.security.SNDSecurityManager; +import org.labkey.snd.security.permissions.SNDViewerPermission; import java.io.IOException; import java.sql.SQLException; @@ -209,4 +213,9 @@ protected Map deleteRow(User user, Container container, Map perm) + { + return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles()); + } } diff --git a/src/org/labkey/snd/query/PackageAttributeTable.java b/src/org/labkey/snd/query/PackageAttributeTable.java index 91344567..06311efe 100644 --- a/src/org/labkey/snd/query/PackageAttributeTable.java +++ b/src/org/labkey/snd/query/PackageAttributeTable.java @@ -25,13 +25,13 @@ import org.labkey.api.query.QueryUpdateService; import org.labkey.api.query.QueryUpdateServiceException; import org.labkey.api.security.UserPrincipal; -import org.labkey.api.security.permissions.AdminPermission; import org.labkey.api.security.permissions.Permission; import org.labkey.api.snd.PackageDomainKind; import org.labkey.api.util.HtmlString; import org.labkey.snd.SNDManager; import org.labkey.snd.SNDSchema; import org.labkey.snd.SNDUserSchema; +import org.labkey.snd.security.permissions.SNDViewerPermission; import java.sql.SQLException; import java.util.ArrayList; @@ -251,7 +251,7 @@ public SQLFragment getFromSQL(String alias) @Override public boolean hasPermission(@NotNull UserPrincipal user, @NotNull Class perm) { - return getContainer().hasPermission(user, AdminPermission.class, getUserSchema().getContextualRoles()); + return getContainer().hasPermission(user, SNDViewerPermission.class, getUserSchema().getContextualRoles()); } } diff --git a/webapp/snd/test/data.js b/webapp/snd/test/data.js index d91a6743..1746c34a 100644 --- a/webapp/snd/test/data.js +++ b/webapp/snd/test/data.js @@ -560,7 +560,8 @@ name: 'Valid Save Event with super package and trigger unit type conversion', roles: ['org.labkey.api.security.roles.ReaderRole', 'org.labkey.api.security.roles.EditorRole', - 'org.labkey.snd.security.roles.SNDBasicSubmitterRole'], + 'org.labkey.snd.security.roles.SNDBasicSubmitterRole', + 'org.labkey.snd.security.roles.SNDEditorRole'], jsonData: { eventId: 1800001, subjectId: "2", @@ -1677,7 +1678,8 @@ name: 'Failed Insert Event: Wrong permissions. Reader inserting Completed event.', roles: ['org.labkey.api.security.roles.ReaderRole', 'org.labkey.api.security.roles.EditorRole', - 'org.labkey.snd.security.roles.SNDReaderRole'], + 'org.labkey.snd.security.roles.SNDReaderRole', + 'org.labkey.snd.security.roles.SNDEditorRole'], jsonData: { eventId: 1800007, subjectId: "25", @@ -1714,7 +1716,8 @@ name: 'Failed Update Event: Wrong permission. Basic submitter updating to rejected', roles: ['org.labkey.api.security.roles.ReaderRole', 'org.labkey.api.security.roles.EditorRole', - 'org.labkey.snd.security.roles.SNDBasicSubmitterRole'], + 'org.labkey.snd.security.roles.SNDBasicSubmitterRole', + 'org.labkey.snd.security.roles.SNDEditorRole'], jsonData: { eventId: 1800008, subjectId: "25", @@ -1751,7 +1754,8 @@ name: 'Failed Insert Event: Wrong permission. Reviewer inserting In Progress data.', roles: ['org.labkey.api.security.roles.ReaderRole', 'org.labkey.api.security.roles.EditorRole', - 'org.labkey.snd.security.roles.SNDDataReviewerRole'], + 'org.labkey.snd.security.roles.SNDDataReviewerRole', + 'org.labkey.snd.security.roles.SNDEditorRole'], jsonData: { eventId: 1800008, subjectId: "25", diff --git a/webapp/snd/test/tests.js b/webapp/snd/test/tests.js index e5fa1ecf..5c136620 100644 --- a/webapp/snd/test/tests.js +++ b/webapp/snd/test/tests.js @@ -692,7 +692,8 @@ name: 'Delete Event: Correct permission. Data admin role.', roles: ['org.labkey.api.security.roles.ReaderRole', 'org.labkey.api.security.roles.EditorRole', - 'org.labkey.snd.security.roles.SNDDataAdminRole'], + 'org.labkey.snd.security.roles.SNDDataAdminRole', + 'org.labkey.snd.security.roles.SNDViewerRole'], run : function() { return{