From 6100cf8665e737c83f85b6434a72f6a1f1cb844c Mon Sep 17 00:00:00 2001
From: Marcelo Arocha <marceloarocha@gmail.com>
Date: Thu, 4 Jan 2024 14:22:06 -0300
Subject: [PATCH] fix permission

---
 routes/patient.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/routes/patient.py b/routes/patient.py
index 0b56e935..a2c35d7d 100644
--- a/routes/patient.py
+++ b/routes/patient.py
@@ -206,13 +206,15 @@ def setPatientData(admissionNumber):
 
     updateWeight = False
 
-    if RoleEnum.READONLY.value in roles:
+    if RoleEnum.READONLY.value in roles and not (
+        RoleEnum.ADMIN.value in roles or RoleEnum.TRAINING.value in roles
+    ):
         return {
             "status": "error",
             "message": "Permissão inválida",
         }, status.HTTP_401_UNAUTHORIZED
 
-    if RoleEnum.SUPPORT.value not in roles:
+    if RoleEnum.SUPPORT.value not in roles and RoleEnum.READONLY.value not in roles:
         if "weight" in data.keys():
             weight = data.get("weight", None)