user can now specify who to add to have read and write permissions to…

… a concept set -- further work needed to ensure concept sets are listed and that the permissions can be revoked by the user.
vinci-ohdsi · rkboyce · Feb 12, 2024 · Mar 21, 2023 · Mar 21, 2023 · Mar 23, 2023
commit 1de1752da6a031e41c5f81034f47f12b92966bf2
diff --git a/js/components/security/access/configure-access-modal.html b/js/components/security/access/configure-access-modal.html
@@ -3,32 +3,35 @@
 										 data: {
 										    classes: classes,
 										    isLoading: isLoading,
-										    roleName: roleName,
+										    readRoleName: readRoleName,
+		                                                                    writeRoleName: writeRoleName,
 										    columns: columns,
 										    writeAccessList: writeAccessList,
 		                                                                    readAccessList: readAccessList,
 										    grantAccess: grantAccess,
 										    revokeRoleAccess: revokeRoleAccess,
-										    roleOptions: roleOptions,
-										    roleSearch: roleSearch
+										    readRoleOptions: readRoleOptions,
+										    readRoleSearch: readRoleSearch,
+		                                                                    writeRoleOptions: writeRoleOptions,
+										    writeRoleSearch: writeRoleSearch
 										 }">
     <loading data-bind="css: classes('loading-panel'), visible: isLoading()" params="status: ko.i18n('common.configureAccessModal.loadingAccessList', 'Loading access list...')"></loading>
     <div data-bind="css: classes()">
         <div data-bind="if: !isLoading()">
             <div data-bind="css: classes('new-access')">
-                <label data-bind="css: classes('new-access-label'), text: ko.i18n('common.configureAccessModal.addWriteAccessToRole', 'Add write access to role:')"></label>
+                <label data-bind="css: classes('new-access-label'), text: ko.i18n('common.configureAccessModal.addWriteAccessToRole', 'Add WRITE access to role:')"></label>
                 <div class="input-group"
                      data-bind="css: classes({ element: 'new-access-btn-group', extra: ['new-access-btn-group'] })">
                     <input
                         class="form-control"
                         data-bind="
-                            textInput: roleSearch,
-                            value: roleName,
+                            textInput: writeRoleSearch,
+                            value: writeRoleName,
                             eventType: 'blur',
-                            ko_autocomplete: { source: roleOptions(), minLength: 0, maxShowItems: 10, scroll: true }"
+                            ko_autocomplete: { source: writeRoleOptions(), minLength: 0, maxShowItems: 10, scroll: true }"
                     >
                     <span class="input-group-btn">
-                        <button class="btn btn-primary" type="button" data-bind="click: grantAccess, attr: { disabled: !(roleName() && roleName().length) }, text: ko.i18n('common.add', 'Add')"></button>
+                        <button class="btn btn-primary" type="button" data-bind="click: grantAccess.bind($data,'WRITE'), attr: { disabled: !(writeRoleName() && writeRoleName().length) }, text: ko.i18n('common.add', 'Add')"></button>
                     </span>
                 </div>
                 <div data-bind="css: classes('access-list')">
@@ -43,6 +46,23 @@
                         "/>
                     </div>
                 </div>
+	    </div>
+	    <div data-bind="css: classes('new-access')">
+		<label data-bind="css: classes('new-access-label'), text: ko.i18n('common.configureAccessModal.addReadAccessToRole', 'Add READ access to role:')"></label>
+                <div class="input-group"
+                     data-bind="css: classes({ element: 'new-access-btn-group', extra: ['new-access-btn-group'] })">
+                    <input
+                        class="form-control"
+                        data-bind="
+                            textInput: readRoleSearch,
+                            value: readRoleName,
+                            eventType: 'blur',
+                            ko_autocomplete: { source: readRoleOptions(), minLength: 0, maxShowItems: 10, scroll: true }"
+                    >
+                    <span class="input-group-btn">
+                        <button class="btn btn-primary" type="button" data-bind="click: grantAccess.bind($data,'READ'), attr: { disabled: !(readRoleName() && readRoleName().length) }, text: ko.i18n('common.add', 'Add')"></button>
+                    </span>
+                </div>
 		<div data-bind="css: classes('access-list')">
                     <label data-bind="css: classes('access-list-label'), text: ko.i18n('common.configureAccessModal.rolesWithReadAccess', 'Roles with READ access:')"></label>
                     <div>
@@ -54,8 +74,8 @@
                             }
                         "/>
                     </div>
-                </div>
-            </div>
+		</div>
+	    </div>
         </div>
     </div>
 </atlas-modal>
diff --git a/js/components/security/access/configure-access-modal.js b/js/components/security/access/configure-access-modal.js
@@ -19,14 +19,20 @@ define([
 
 			this.isModalShown = params.isModalShown;
 			this.isLoading = ko.observable(false);
-		        this.readAccessList = ko.observable([]);
-		        this.writeAccessList = ko.observable([]);
-			this.roleName = ko.observable();
 
-			this.roleSuggestions = ko.observable([]);
-			this.roleOptions = ko.computed(() => this.roleSuggestions().map(r => r.name));
-			this.roleSearch = ko.observable();
-			this.roleSearch.subscribe(str => this.loadRoleSuggestions(str));
+		        this.writeRoleName = ko.observable();
+		        this.writeAccessList = ko.observable([]);		    
+			this.writeRoleSuggestions = ko.observable([]);
+			this.writeRoleOptions = ko.computed(() => this.writeRoleSuggestions().map(r => r.name));
+			this.writeRoleSearch = ko.observable();
+		        this.writeRoleSearch.subscribe(str => this.loadWriteRoleSuggestions(str));
+
+		        this.readAccessList = ko.observable([]);
+		        this.readRoleName = ko.observable();		    
+		        this.readRoleSuggestions = ko.observable([]);
+			this.readRoleOptions = ko.computed(() => this.readRoleSuggestions().map(r => r.name));
+			this.readRoleSearch = ko.observable();
+			this.readRoleSearch.subscribe(str => this.loadReadRoleSuggestions(str));
 
 			this.isOwnerFn = params.isOwnerFn;
 			this.grantAccessFn = params.grantAccessFn;
@@ -67,9 +73,14 @@ define([
 			this.writeAccessList(accessList);
 		}
 
-		async loadRoleSuggestions() {
-			const res = await this.loadRoleSuggestionsFn(this.roleSearch());
-			this.roleSuggestions(res);
+		async loadReadRoleSuggestions() {
+			const res = await this.loadRoleSuggestionsFn(this.readRoleSearch());
+			this.readRoleSuggestions(res);
+		}
+
+	    	async loadWriteRoleSuggestions() {
+			const res = await this.loadRoleSuggestionsFn(this.writeRoleSearch());
+			this.writeRoleSuggestions(res);
 		}
 
 		async loadAccessList() {
@@ -83,13 +94,20 @@ define([
 			this.isLoading(false);
 		}
 
-		async grantAccess() {
+		async grantAccess(perm_type) {
 			this.isLoading(true);
 			try {
-				const role = this.roleSuggestions().find(r => r.name === this.roleName());
-				await this.grantAccessFn(role.id);
-				await this._loadAccessList();
-				this.roleName('');
+			       if (perm_type == 'WRITE'){
+				   const role = this.writeRoleSuggestions().find(r => r.name === this.writeRoleName());
+			           await this.grantAccessFn(role.id,'WRITE');
+				   await this._loadWriteAccessList();
+				   this.writeRoleName('');
+  			       } else {
+				   const role = this.readRoleSuggestions().find(r => r.name === this.readRoleName());
+			   	   await this.grantAccessFn(role.id,'READ');
+				   await this._loadReadAccessList();
+				   this.readRoleName('');
+			       }
 			} catch (ex) {
 				console.log(ex);
 			}

diff --git a/js/services/Permission.js b/js/services/Permission.js
@@ -15,13 +15,22 @@ define(function (require, exports) {
 		return res.data;
 	}
 
-	function grantEntityAccess(entityType, entityId, roleId) {
-		return httpService.doPost(
+       function grantEntityAccess(entityType, entityId, roleId, perm_type) {
+	   if(perm_type == 'WRITE'){
+	   	return httpService.doPost(
 			config.webAPIRoot + `permission/access/${entityType}/${entityId}/role/${roleId}`,
 			{
 				accessType: 'WRITE'
 			}
 		);
+	   } else { // Only other option is READ
+	   	return httpService.doPost(
+			config.webAPIRoot + `permission/access/${entityType}/${entityId}/role/${roleId}`,
+			{
+				accessType: 'READ'
+			}
+		);
+	   }
 	}
 
 	function revokeEntityAccess(entityType, entityId, roleId) {
@@ -47,8 +56,8 @@ define(function (require, exports) {
  		        return loadEntityAccessList(entityTypeGetter(), entityIdGetter(), role);
 		};
 
-		component.grantAccess = (roleId) => {
-			return grantEntityAccess(entityTypeGetter(), entityIdGetter(), roleId);
+	        component.grantAccess = (roleId, perm_type='WRITE') => {
+		        return grantEntityAccess(entityTypeGetter(), entityIdGetter(), roleId, perm_type);
 		};
 
 		component.revokeAccess = (roleId) => {