Skip to content

Commit

Permalink
Merge pull request #355 from fasrc/claire-peters-patch-1
Browse files Browse the repository at this point in the history 
cp_proj_permissions_hotfix
  • Loading branch information
@claire-peters
claire-peters authored Dec 13, 2024
2 parents cfc8ab5 + d77ebb7 commit c2fd988
Showing 1 changed file with 19 additions and 11 deletions.
30 changes: 19 additions & 11 deletions coldfront/core/project/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
from model_utils.models import TimeStampedModel
from simple_history.models import HistoricalRecords

from ifxuser.models import Organization
from ifxuser.models import Organization, OrgRelation
from coldfront.core.field_of_science.models import FieldOfScience
from coldfront.core.utils.common import import_from_settings

Expand Down Expand Up @@ -194,6 +194,24 @@ def user_permissions(self, user):

user_conditions = (models.Q(status__name='Active') & models.Q(user=user))
if not self.projectuser_set.filter(user_conditions).exists() and not self.pi.id == user.id:
# if the user is an approver in a project's department, give them user permissions
departments = Organization.objects.filter(
org_tree='Research Computing Storage Billing',
useraffiliation__role='approver',
useraffiliation__user=user,
)
for department in departments:
child_lab_ids = list(
OrgRelation.objects.filter(parent=department, child__rank="lab").values_list(
'child_id', flat=True
)
)
project_org_links = ProjectOrganization.objects.filter(
organization_id__in=child_lab_ids
).values_list("project_id")
proj_pool = Project.objects.filter(pk__in=project_org_links)
if self in proj_pool:
return [ProjectPermission.USER]
return []


Expand All @@ -216,16 +234,6 @@ def user_permissions(self, user):
if self.pi.id == user.id:
permissions.append(ProjectPermission.PI)

# if the user is an approver in a department connected to the project,
# give them user permissions
departments = Organization.objects.filter(
org_tree='Research Computing Storage Billing'
)
proj_departments = [d for d in departments if self in d.get_projects()]
for department in proj_departments:
if user in department.useraffiliation_set.filter(role='approver'):
permissions.append(ProjectPermission.USER)

return permissions

def has_perm(self, user, perm):
Expand Down

0 comments on commit c2fd988

Please sign in to comment.