Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update frontend and backend to give proper permissions to users with the editRestricted role #537

Open
juhanikat opened this issue Nov 13, 2024 · 0 comments
Open

Update frontend and backend to give proper permissions to users with the editRestricted role #537

juhanikat opened this issue Nov 13, 2024 · 0 comments

Comments

@juhanikat
Copy link
Collaborator

The EditRestricted role doesn't have proper permissions to do things across the site. Also, some things are allowed in the frontend (an EditRestricted user can click an edit button, for example) but not in the backend (the route sends a 403 error).

Examples:

Users with the EditRestricted role should only be able to create or update localities which are in the same project with the user. Otherwise they should have reading rights only. Current behaviour: Users with the EditRestricted role can access the edit view in their own localities, but sending the PUT request to the backend fails because the role doesn't have permissions.

Users with the EditRestricted role should be able to create and update species. This is currently not possible.
Current behaviour: Users with the EditRestricted role can access the editing/creating new species view from the frontend, but sending the PUT request to the backend fails because the role doesn't have permissions.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@juhanikat