@rss/common - npm Package Compare versions

Comparing version 0.0.53 to 0.0.54

dist/constant/core/roles.constant.js

@@ -18,3 +18,4 @@ 'use strict';
   GROUP_MANAGER: 'GROUP_MANAGER',
-  SLIP_RESISTANT_EHS_ADMIN: 'SLIP_RESISTANT_EHS_ADMIN'
+  SLIP_RESISTANT_EHS_ADMIN: 'SLIP_RESISTANT_EHS_ADMIN',
+  SAFETY_COORDINATOR: 'Safety Coordinator'
 };

dist/helper/permission.helper.js

@@ -5,2 +5,3 @@ 'use strict';
 
+var READONLY_INVENTORY_ROLES = require('../constant/chemical/readonly-roles-inventory.constant');
 var ROLES = require('../constant/core/roles.constant');
@@ -26,2 +27,15 @@ var TEMPLATE_TYPE = require('../constant/procedure/template-type.constant');
 
+module.exports.hasRoleWithReadAccessToInventory = function (inventory, user) {
+  var inventoryGroupIds = inventory.groups.map(function (group) {
+    return group.id;
+  });
+  return !module.exports.isMemberOrColleagueOfInventory(inventory, user) && user.roles.filter(function (role) {
+    return READONLY_INVENTORY_ROLES.includes(role.role);
+  }).reduce(function (acc, curr) {
+    return acc.concat(curr.groupIds);
+  }, []).some(function (groupId) {
+    return inventoryGroupIds.includes(groupId);
+  });
+};
+
 module.exports.isMemberOfInventory = function (inventory, user) {
@@ -77,2 +91,6 @@ return module.exports.hasManageAccessToInventory(inventory, user) || user.groups.some(function (group) {
 
+module.exports.hasReadAccessToInventory = function (inventory, user) {
+  return module.exports.isMemberOrColleagueOfInventory(inventory, user) || module.exports.hasRoleWithReadAccessToInventory(inventory, user);
+};
+
 module.exports.hasReadAccessToContainer = function (container, user) {
@@ -79,0 +97,0 @@ return module.exports.hasWriteAccessToContainer(container, user) || !container.isPrivate && user.inventories.reduce(function (acc, inventory) {

index.js

@@ -28,2 +28,3 @@ // constant - core
 exports.RECONCILE_STATUS = require('./dist/constant/chemical/reconcile-status.constant');
+exports.READONLY_INVENTORY_ROLES = require('./dist/constant/chemical/readonly-roles-inventory.constant');
 exports.SEARCH_FILTERS = require('./dist/constant/chemical/search-filter.constant');
@@ -30,0 +31,0 @@ exports.SOLVENTS = require('./dist/constant/chemical/solvents.constant');

package.json

 {
   "name": "@rss/common",
-  "version": "0.0.53",
+  "version": "0.0.54",
   "description": "common constant, classes, & helper",
@@ -5,0 +5,0 @@ "author": "Risk & Safety Solution",

src/constant/core/roles.constant.js

@@ -17,2 +17,3 @@ module.exports = {
   SLIP_RESISTANT_EHS_ADMIN: 'SLIP_RESISTANT_EHS_ADMIN',
+  SAFETY_COORDINATOR: 'Safety Coordinator',
 };

src/helper/permission.helper.js

@@ -0,1 +1,2 @@
+const READONLY_INVENTORY_ROLES = require('../constant/chemical/readonly-roles-inventory.constant');
 const ROLES = require('../constant/core/roles.constant');
@@ -22,2 +23,13 @@ const TEMPLATE_TYPE = require('../constant/procedure/template-type.constant');
 
+module.exports.hasRoleWithReadAccessToInventory = (inventory, user) => {
+  const inventoryGroupIds = inventory.groups.map((group) => group.id);
+  return (
+    !module.exports.isMemberOrColleagueOfInventory(inventory, user) &&
+    user.roles
+      .filter((role) => READONLY_INVENTORY_ROLES.includes(role.role))
+      .reduce((acc, curr) => acc.concat(curr.groupIds), [])
+      .some((groupId) => inventoryGroupIds.includes(groupId))
+  );
+};
+
 module.exports.isMemberOfInventory = (inventory, user) =>
@@ -58,2 +70,6 @@ module.exports.hasManageAccessToInventory(inventory, user) ||
 
+module.exports.hasReadAccessToInventory = (inventory, user) =>
+  module.exports.isMemberOrColleagueOfInventory(inventory, user) ||
+  module.exports.hasRoleWithReadAccessToInventory(inventory, user);
+
 module.exports.hasReadAccessToContainer = (container, user) =>
@@ -60,0 +76,0 @@ module.exports.hasWriteAccessToContainer(container, user) ||

src/helper/permission.helper.spec.js

@@ -157,6 +157,20 @@ const ROLES = require('../constant/core/roles.constant');
     email: 'chem_admin@ucdavis.edu',
-    roles: [{ role: ROLES.CHEM_ADMIN, campusCode: '03' }],
+    roles: [
+      { role: ROLES.CHEM_ADMIN, campusCode: '03' },
+      { role: 'Safety Coordinator', campusCode: '03', groupIds: ['a21307f6-c584-46af-aa30-bffa956f6bff'] },
+    ],
     groups: [],
   };
 
+  const readOnlyUser = {
+    userId: 'sc',
+    firstName: 'safety',
+    lastName: 'co',
+    tenantCode: 'UC',
+    campusCode: '03',
+    email: 'safety_co@ucdavis.edu',
+    roles: [{ role: 'Safety Coordinator', campusCode: '03', groupIds: ['a21307f6-c584-46af-aa30-bffa956f6bff'] }],
+    groups: [],
+  };
+
   it('should have read access to container if member of group', () => {
@@ -309,2 +323,14 @@ const container = {
 
+  it('should return true if has read only role to inventory', () => {
+    expect(Helper.hasRoleWithReadAccessToInventory(inventory, readOnlyUser)).toBeTruthy();
+  });
+
+  it('should return false if does not have read only role to inventory', () => {
+    expect(Helper.hasRoleWithReadAccessToInventory(inventory, admin)).toBeFalsy();
+  });
+
+  it('should return true if has Read access to inventory', () => {
+    expect(Helper.hasRoleWithReadAccessToInventory(inventory, readOnlyUser)).toBeTruthy();
+  });
+
   it('should return true if has role', () => {
@@ -311,0 +337,0 @@ expect(Helper.hasRole(hannah, ROLES.RESPONSIBLE_PERSON)).toBeTruthy();

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

756759

increased by0.38%

Number of package files

234

increased by0.86%

Lines of code

12548

increased by0.47%

No dependency changes