Merge pull request hms-dbmi-cellenics#489 from biomage-org/fix-explor…

…ers-work-auth Add workRequest permissions for explorers
biomage-org · Oct 5, 2023 · aebec9e · aebec9e
2 parents 6b9fb67 + 7240975
commit aebec9e
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 0 deletions.
diff --git a/src/api.v2/helpers/roles.js b/src/api.v2/helpers/roles.js
@@ -20,6 +20,7 @@ const allowedResources = {
     '/experiments/(?<experimentId>.*)/cellSets',
     '/experiments/(?<experimentId>.*)/clone',
     '/experiments/(?<experimentId>.*)/subset',
+    '/workRequest/(?<experimentId>.*)/.*',
   ],
   [VIEWER]: [
     '/experiments/(?<experimentId>.*)/clone',

diff --git a/tests/api.v2/helpers/roles.test.js b/tests/api.v2/helpers/roles.test.js
@@ -36,6 +36,16 @@ describe('tests for the roles logic', () => {
     });
   });
 
+  test(' isRoleAuthorized authorizes explorer to perform work requests', async () => {
+    [
+      `/workRequest/${fake.EXPERIMENT_ID}/010c3cd044ca5b61dffee5204a9ee893`,
+      `/workRequest/${fake.EXPERIMENT_ID}/02456e45d0bb165ed6961795ac438cd7`,
+    ].forEach((resource) => {
+      const isAuthorized = roles.isRoleAuthorized(roles.EXPLORER, resource, 'POST');
+      expect(isAuthorized).toEqual(true);
+    });
+  });
+
   test(' isRoleAuthorized authorizes admin & owner roles to everything', async () => {
     [roles.OWNER, roles.ADMIN].forEach((role) => {
       ['*', 'socket', '/experiments'].forEach((resource) => {