-
Notifications
You must be signed in to change notification settings - Fork 175
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Statistics/Behavioural] Detailed View and Double Data Entry - Site permission fix #6861
[Statistics/Behavioural] Detailed View and Double Data Entry - Site permission fix #6861
Conversation
…ds per projects permissions restriction in the Detailed View
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's working well for Data Entry Statistics, but the breakdown per participant for Double Data Entry Statistics displays entries for sites my user doesn't have access to (user can only access Pumpernickel/Montreal and can see Pumpernickel/Ottawa). If the user clicks on the link, it can also access the profile (whereas this profile is not accessible with the Access profile Search tool), which I think is another permission issue on the Candidate module level.
…ular center and/or project.
Hi @laemtl , thanks for catching this. Could you please check if the new commit fix the stats? Thank you. |
@racostas Awesome, that fixes it, thank you! |
@laemtl can you create a ticket describing how to reproduce the candidate accessing with URL hacking (ie. which module) so that it can be fixed? |
…ermission fix (aces#6861) Code refactorization of the functions _hasAccess and _checkCriteria. Adds per projects permissions restrictions. A user with permission data_entry should be now able to access the 'breakdown per participant' only for the sites and projects it have access to. Resolves aces#6659
…ermission fix (aces#6861) Code refactorization of the functions _hasAccess and _checkCriteria. Adds per projects permissions restrictions. A user with permission data_entry should be now able to access the 'breakdown per participant' only for the sites and projects it have access to. Resolves aces#6659
…ermission fix (aces#6861) Code refactorization of the functions _hasAccess and _checkCriteria. Adds per projects permissions restrictions. A user with permission data_entry should be now able to access the 'breakdown per participant' only for the sites and projects it have access to. Resolves aces#6659
…ermission fix (aces#6861) Code refactorization of the functions _hasAccess and _checkCriteria. Adds per projects permissions restrictions. A user with permission data_entry should be now able to access the 'breakdown per participant' only for the sites and projects it have access to. Resolves aces#6659
…ermission fix (aces#6861) Code refactorization of the functions _hasAccess and _checkCriteria. Adds per projects permissions restrictions. A user with permission data_entry should be now able to access the 'breakdown per participant' only for the sites and projects it have access to. Resolves aces#6659
Brief summary of changes
Code refactorization of the functions
_hasAccess
and_checkCriteria
.Adds per projects permissions restrictions.
Testing instructions (if applicable)
A user with permission
data_entry
should be now able to access the 'breakdown per participant' only for the sites and projects it have access to.Link(s) to related issue(s)