Commit 759828f0 authored by HERBERT Ryan's avatar HERBERT Ryan
Browse files

VidjilAuth process_file permissions

can_process_file now takes an object_of_action and an id to better fit
the current permissions system
parent 3d880bb1
...@@ -94,7 +94,7 @@ def confirm(): ...@@ -94,7 +94,7 @@ def confirm():
&(db.patient.sample_set_id == db.sample_set_membership.sample_set_id) &(db.patient.sample_set_id == db.sample_set_membership.sample_set_id)
).select(db.patient.id).first().id ).select(db.patient.id).first().id
if (auth.can_modify_patient(patient_id) if (auth.can_modify_patient(patient_id)
& auth.can_process_file()): & auth.can_process_file('patient', patient_id)):
return dict(message=T('result confirm')) return dict(message=T('result confirm'))
else : else :
res = {"message": "acces denied"} res = {"message": "acces denied"}
...@@ -109,7 +109,7 @@ def delete(): ...@@ -109,7 +109,7 @@ def delete():
patient_id = db(db.patient.sample_set_id == db.sample_set_membership.sample_set_id).select(db.patient.id).first().id patient_id = db(db.patient.sample_set_id == db.sample_set_membership.sample_set_id).select(db.patient.id).first().id
if (auth.can_modify_patient(patient_id) if (auth.can_modify_patient(patient_id)
& auth.can_process_file()): & auth.can_process_file('patient', patient_id)):
config_id = db.results_file[request.vars["results_file_id"]].config_id config_id = db.results_file[request.vars["results_file_id"]].config_id
......
...@@ -266,7 +266,7 @@ class VidjilAuth(Auth): ...@@ -266,7 +266,7 @@ class VidjilAuth(Auth):
return self.get_permission(PermissionEnum.admin_group.value, 'auth_group', group_id, user = user)\ return self.get_permission(PermissionEnum.admin_group.value, 'auth_group', group_id, user = user)\
or self.is_admin(user) or self.is_admin(user)
def can_process_file(self, user = None): def can_process_file(self, object_of_action, id=0, user = None):
''' '''
Returns True if the current user can process results Returns True if the current user can process results
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment