Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions site/cds_rdm/generators.py
Original file line number Diff line number Diff line change
Expand Up @@ -160,14 +160,15 @@ def needs(self, record=None, **kwargs):
"""
from invenio_communities.generators import CommunityRoleNeed

ep_communities = current_app.config.get("CDS_COMMITTEE_APPROVAL_COMMUNITIES", {})
ep_communities = current_app.config.get(
"CDS_COMMITTEE_APPROVAL_COMMUNITIES", {}
)
if record is None:
return []

default_community_id = record.parent.get("communities", {}).get("default")
needs = []
if default_community_id in ep_communities:
needs.append(CommunityRoleNeed(default_community_id, "curator"))
needs.append(CommunityRoleNeed(default_community_id, "manager"))
needs.append(CommunityRoleNeed(default_community_id, "owner"))
return needs
Expand Down
8 changes: 4 additions & 4 deletions site/cds_rdm/requests/committee_approval_state.py
Original file line number Diff line number Diff line change
Expand Up @@ -87,13 +87,13 @@ def _get_open_request(record_id, parent_record=None):
return None


def _check_can_curate_for_community(community_id):
"""Return True if the current user is a curator, manager, or owner of the community."""
def _check_can_manage_community(community_id):
"""Return True if the current user is a manager or owner of the community."""
try:
identity = g.identity
return any(
CommunityRoleNeed(community_id, role) in identity.provides
for role in ("curator", "manager", "owner")
for role in ("manager", "owner")
)
except Exception:
return False
Expand Down Expand Up @@ -206,7 +206,7 @@ def get_committee_approval_state(record_ui, record=None):
pass

open_request = _get_open_request(record_id, parent_record)
can_submit = _check_can_curate_for_community(community_id)
can_submit = _check_can_manage_community(community_id)
approved_report_number = ea.get("reportnumber")
can_create_public = _check_can_create_public(can_submit, ea, record_id)

Expand Down
1 change: 1 addition & 0 deletions site/cds_rdm/requests/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ def submit_committee_approval(pid_value):
topic=record._record,
)
except PermissionDeniedError:
# The community role check (i.e. ensuring the user is a community manager/above) happens in the request submit action handler.
return jsonify({"message": "Permission denied"}), 403
except Exception as e:
return jsonify({"message": str(e)}), 400
Expand Down
Loading