diff options
Diffstat (limited to 'src/main/scala/xyz/driver/pdsuicommon/acl/ACL.scala')
-rw-r--r-- | src/main/scala/xyz/driver/pdsuicommon/acl/ACL.scala | 30 |
1 files changed, 8 insertions, 22 deletions
diff --git a/src/main/scala/xyz/driver/pdsuicommon/acl/ACL.scala b/src/main/scala/xyz/driver/pdsuicommon/acl/ACL.scala index f21c165..f2a0ef0 100644 --- a/src/main/scala/xyz/driver/pdsuicommon/acl/ACL.scala +++ b/src/main/scala/xyz/driver/pdsuicommon/acl/ACL.scala @@ -85,11 +85,7 @@ object ACL extends PhiLogging { extends BaseACL( label = "extracted data", create = Set(DocumentExtractor, RecordAdmin), - read = Set(DocumentExtractor, - RecordAdmin, - RoutesCurator, - TreatmentMatchingAdmin, - ResearchOncologist), + read = Set(DocumentExtractor, RecordAdmin, RoutesCurator, TreatmentMatchingAdmin, ResearchOncologist), update = Set(DocumentExtractor, RecordAdmin), delete = Set(DocumentExtractor, RecordAdmin) ) @@ -155,11 +151,7 @@ object ACL extends PhiLogging { extends BaseACL( label = "criterion", create = Set(CriteriaCurator, TrialAdmin), - read = Set(CriteriaCurator, - TrialAdmin, - RoutesCurator, - TreatmentMatchingAdmin, - ResearchOncologist), + read = Set(CriteriaCurator, TrialAdmin, RoutesCurator, TreatmentMatchingAdmin, ResearchOncologist), update = Set(CriteriaCurator, TrialAdmin), delete = Set(CriteriaCurator, TrialAdmin) ) @@ -252,32 +244,26 @@ object ACL extends PhiLogging { update: AclCheck = Forbid, delete: AclCheck = Forbid) { - def isCreateAllow()( - implicit requestContext: AuthenticatedRequestContext): Boolean = { + def isCreateAllow()(implicit requestContext: AuthenticatedRequestContext): Boolean = { check("create", create)(requestContext.executor.roles) } - def isReadAllow()( - implicit requestContext: AuthenticatedRequestContext): Boolean = { + def isReadAllow()(implicit requestContext: AuthenticatedRequestContext): Boolean = { check("read", read)(requestContext.executor.roles) } - def isUpdateAllow()( - implicit requestContext: AuthenticatedRequestContext): Boolean = { + def isUpdateAllow()(implicit requestContext: AuthenticatedRequestContext): Boolean = { check("update", update)(requestContext.executor.roles) } - def isDeleteAllow()( - implicit requestContext: AuthenticatedRequestContext): Boolean = { + def isDeleteAllow()(implicit requestContext: AuthenticatedRequestContext): Boolean = { check("delete", delete)(requestContext.executor.roles) } - private def check(action: String, isAllowed: AclCheck)( - executorRoles: Set[Role]): Boolean = { + private def check(action: String, isAllowed: AclCheck)(executorRoles: Set[Role]): Boolean = { loggedError( executorRoles.exists(isAllowed), - phi"${Unsafe(executorRoles.mkString(", "))} has no access to ${Unsafe( - action)} a ${Unsafe(label)}" + phi"${Unsafe(executorRoles.mkString(", "))} has no access to ${Unsafe(action)} a ${Unsafe(label)}" ) } } |