CRDCDH-2099 PBAC - Display Submission Request Action buttons based on permissions

[Alejandro-Vega]

Overview

Update to support PBAC for Submission Request list view as well as the form.

Change Details (Specifics)

• Fixed the Submit button logic as the US mentions that Submission Request form owners are associated with the "create" permission, but aren't actually granted it. Therefore, logic has been updated to support having either the permission or being the form owner
• Verified changes in parent branch (no code changes required) for:
  • "Start a Submission Request" button only visible if user has "create" permissions
  • "Resume" button only visible if user has "create" permissions and submission is in "New", "In Progress", or "Inquired" status. (Otherwise "View")
  • "Review" button only visible if user has "review" permissions and submission is in "Submitted" or "In Review" status. (Otherwise "View")
  • The review related buttons within the form such as "Approve", "Reject" and "Request Additional Changes" are only visible if user has "review" permissions and submission is in "In Review" status.
• Removed redirect when user is unauthorized to view Submission Request, instead it will just log it and put them in "View Only". This should be handled by BE instead.

Note

For testing, you will have to manually add the permissions array property to your user in the DB.

Related Ticket(s)

CRDCDH-2099 (Task)
CRDCDH-2013 (User Story)

[amattu2]

Code changes LGTM, approving as-is. I annotated two questions, but they don't require action.

I'm going to label this as 'Do Not Merge', ideally we should merge the base branch first to keep the change-sets cleaner (once FE/BE are ready).

[amattu2]

Reapproving – additional changes look good.

Disregard my previous comment on holding the merge. It might make sense to just throw everything into the PBAC PR and do one final comprehensive review before merging.

If you agree, I'll let you merge this PR.