Skip to content

Commit 74ca82b

Browse files
author
Vikas Agarwal
committed
More permissions update
1 parent 9b4ca10 commit 74ca82b

File tree

2 files changed

+13
-7
lines changed

2 files changed

+13
-7
lines changed

src/routes/projectReports/LookRun.js

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -38,18 +38,23 @@ LookApi.prototype.findProjectRegSubmissions = function (projectId) {
3838
return this.runQueryWithFilter(queryId, view, fields, filters);
3939
};
4040

41-
LookApi.prototype.findProjectBudget = function (connectProjectId, isManager, isAdmin) {
41+
LookApi.prototype.findProjectBudget = function (connectProjectId, permissions) {
4242
const queryId = config.lookerConfig.QUERIES.BUDGET;
43+
const { isManager, isAdmin, isCopilot, isCustomer } = permissions;
4344

4445
const fields = [
4546
'project_stream.tc_connect_project_id',
46-
'project_stream.total_invoiced_amount',
47-
'project_stream.remaining_invoiced_budget',
4847
];
4948

5049
// Manager roles have access to more fields.
5150
if (isManager || isAdmin) {
52-
fields.push('project_stream.total_actual_challenge_fee', 'project_stream.total_actual_member_payment');
51+
fields.push('project_stream.total_actual_challenge_fee');
52+
}
53+
if (isManager || isAdmin || isCopilot) {
54+
fields.push('project_stream.total_actual_member_payment');
55+
}
56+
if (isManager || isAdmin || isCustomer) {
57+
fields.push('project_stream.total_invoiced_amount', 'project_stream.remaining_invoiced_budget');
5358
}
5459
const view = 'project_stream';
5560
const filters = { 'project_stream.tc_connect_project_id': connectProjectId };

src/routes/projectReports/getReport.js

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,11 +3,10 @@ import config from 'config';
33
import _ from 'lodash';
44

55
import { middleware as tcMiddleware } from 'tc-core-library-js';
6-
import models from '../../models';
76
import LookApi from './LookRun';
87
import mock from './mock';
98
import util from '../../util';
10-
import { PROJECT_MEMBER_MANAGER_ROLES, USER_ROLE } from '../../constants';
9+
import { PROJECT_MEMBER_MANAGER_ROLES, USER_ROLE, PROJECT_MEMBER_ROLE } from '../../constants';
1110

1211
const permissions = tcMiddleware.permissions;
1312

@@ -32,14 +31,16 @@ module.exports = [
3231
const member = _.find(members, m => m.userId === req.authUser.userId);
3332
const isManager = member && PROJECT_MEMBER_MANAGER_ROLES.indexOf(member.role) > -1;
3433
const isAdmin = util.hasRoles(req, [USER_ROLE.CONNECT_ADMIN, USER_ROLE.TOPCODER_ADMIN]);
34+
const isCopilot = member && member.role === PROJECT_MEMBER_ROLE.COPILOT;
35+
const isCustomer = member && member.role === PROJECT_MEMBER_ROLE.CUSTOMER;
3536
// pick the report based on its name
3637
let result = {};
3738
switch (reportName) {
3839
case 'summary':
3940
result = await lookApi.findProjectRegSubmissions(projectId);
4041
break;
4142
case 'projectBudget':
42-
result = await lookApi.findProjectBudget(projectId, isManager, isAdmin);
43+
result = await lookApi.findProjectBudget(projectId, { isManager, isAdmin, isCopilot, isCustomer });
4344
break;
4445
default:
4546
return res.status(404).send('Report not found');

0 commit comments

Comments
 (0)