feat: technique proposals page use tags#1601
Conversation
…rived role, lint changes
…OfficeProject/user-office-core into technique_proposals_changes
…OfficeProject/user-office-core into technique_proposals_changes
| ); | ||
| } else { | ||
| const instrumentsByCallIds = | ||
| await this.dataSource.getInstrumentsByCallId(callIds); |
There was a problem hiding this comment.
This might be a stupid question, but surely if .getInstrumentsByCallId( is called instead of .getInstruments( then your new filter on tag won't apply. Wouldn't this contradict the idea of the PR to limit what these users can see?
There was a problem hiding this comment.
From what I can see, getInstrumentsByCallId is not called when populating the instrument filter on the technique proposals page. The call to fetch instruments doesn't contain a call id so it will take the path starting line 47, not line 54. Happy to corrected if I'm mistaken, though.
There was a problem hiding this comment.
I see you're right, but what about
.getInstrumentsMinimal({ callIds }) in useInstrumentsMinimalData.ts,
should that one also be using your filter?
Closes UserOfficeProject/issue-tracker#1554
Description
If the user is logged in as a derived User Officer role with tags assigned to it, they will only see calls and instruments, and in turn, proposals and techniques, that are associated with those tags on the technique proposals page. They will also only be able to assign proposals to instruments that have the same tags as their derived role. This allows for siloed User Officers, who can only see and edit technique proposals for their facility.
Motivation and Context
Another facility (Central Laser Facility) at STFC has expressed interest in using the technique proposals feature. A requirement is that ISIS and CLF User Officers should not be able to see entities (calls, instruments, proposals, etc) from the other facility. Currently, there is no way to limit what User Officers can see on the technique proposals page.
How Has This Been Tested
Added E2E tests
Fixes
Fix PR also fixes an issue where trying to create a derived role of certain roles would throw an error.
Changes
Tests included/Docs Updated?