CRDCDH-2098 PBAC - Data Submission Button Visibility

[Alejandro-Vega]

Overview

Implemented PBAC to Data Submission related buttons.

Change Details (Specifics)

• Updated Download API Token in the Navigation to only display if the user has "Create" permission

• Updated “Create a Data Submission” button to only display if the user has "Create" permission

• The following buttons below are only visible if they have the required permissions as well as some role specific requirements such as:

  • Submitter role - apply to their own data submissions
  • Fed Lead role - apply to the data submission with their assigned study
  • Data Commons Personnel role - apply to the data submission with their assigned data commons
  • Admin - apply to any Data Submission
  • User - None

• Only displayed the following buttons if user has “Create” permission or is collaborator as well as role requirements described above

  • “Upload”
  • “Submit”
  • “Withdraw”
  • “Cancel”

• Only displayed the "Validate" button if the user has "Validate" permission or is collaborator and submission has been Submitted, as well as role requirements described above

• Only displayed the following buttons if the user has "Review" permission or is collaborator and submission has been Submitted, as well as role requirements described above

  • "Validate"
  • “Cross Validate”
  • “Release”
  • “Reject”

• Only displayed the "Admin Submit" button if the user has "Admin Submit" permission and it is available, as well as role requirements described above

• Only displayed the "Confirm" button if the user has "Confirm" permission, submission has been Released, as well as role requirements described above

  • “Complete”
  • “Reject”

• Revised existing tests to match new PBAC

• Uncomment role-specific tests from ticket

Related Ticket(s)

CRDCDH-2098 (Task)
CRDCDH-2023 (US)

[amattu2]

Code changes LGTM. I annotated two super minor things (memo dependencies), and one question that doesn't necessarily require action.

I'm going to label this as Do Not Merge until we just get confirmation that there is a data_submission:validate permission. I'm not sure if this story is outdated or not.

[amattu2]

LGTM.

[amattu2]

@Alejandro-Vega I don't think the data_submission:validate permission actually exists, but I don't want to make any changes until we know for sure.

Would you prefer to merge this, and just make another PR to remove this permission if we need to, or wait for confirmation? If the former, feel free to go ahead and merge it. I'm fine either way

[Alejandro-Vega]

@Alejandro-Vega I don't think the data_submission:validate permission actually exists, but I don't want to make any changes until we know for sure.

Would you prefer to merge this, and just make another PR to remove this permission if we need to, or wait for confirmation? If the former, feel free to go ahead and merge it. I'm fine either way

We can hold off until we get confirmation unless this branch ever becomes a blocker then I'd say we go ahead and merge and fix later. As of now, I think it won't hurt to wait.

[Alejandro-Vega]

PR has been updated to remove any mention of the "data_submission:validate" permission in ee86b10.