From 92d6680afeb0540ec70db3080e1be20b29fb0ee4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jordi=20Puiggen=C3=A9?= Date: Fri, 22 Nov 2019 13:14:33 +0100 Subject: [PATCH 1/3] User with "Analyst" role cannot submit analyses from worksheet --- CHANGES.rst | 1 + bika/lims/content/worksheet.py | 4 ++++ bika/lims/workflow/analysis/guards.py | 5 +++-- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/CHANGES.rst b/CHANGES.rst index dca13e2ddb..db82b53154 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -18,6 +18,7 @@ Changelog **Fixed** +- #1475 User with "Analyst" role cannot submit analyses from worksheet - #1474 Adding Control Reference to Worksheet causes print fail - #1473 Hidden settings of analysis services lost on Sample creation - #1472 Secondary samples - removal of analysis profile not possible diff --git a/bika/lims/content/worksheet.py b/bika/lims/content/worksheet.py index cb7468e7f5..2e2da5b9e0 100644 --- a/bika/lims/content/worksheet.py +++ b/bika/lims/content/worksheet.py @@ -207,6 +207,10 @@ def addAnalysis(self, analysis, position=None): if method and analysis.isMethodAllowed(method): analysis.setMethod(method) + # Assign the worksheet's analyst to the analysis + # https://github.com/senaite/senaite.core/issues/1409 + analysis.setAnalyst(self.getAnalyst()) + # Transition analysis to "assigned" actions_pool = ActionHandlerPool.get_instance() actions_pool.queue_pool() diff --git a/bika/lims/workflow/analysis/guards.py b/bika/lims/workflow/analysis/guards.py index 72947d6587..4ebebe285e 100644 --- a/bika/lims/workflow/analysis/guards.py +++ b/bika/lims/workflow/analysis/guards.py @@ -136,10 +136,11 @@ def guard_submit(analysis): if not analysis.bika_setup.getAllowToSubmitNotAssigned(): if not user_has_super_roles(): # Cannot submit if unassigned - if not analysis.getAnalyst(): + analyst = analysis.getAnalyst() + if not analyst: return False # Cannot submit if assigned analyst is not the current user - if analysis.getAnalyst() != api.get_current_user().getId(): + if analyst != api.get_current_user().getId(): return False # Cannot submit unless all dependencies are submitted or can be submitted From 99f669456e30e9c1d897c9b3908141c34064edbd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jordi=20Puiggen=C3=A9?= Date: Sat, 23 Nov 2019 10:41:36 +0100 Subject: [PATCH 2/3] Use api.security.get_user_id() --- bika/lims/workflow/analysis/guards.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/bika/lims/workflow/analysis/guards.py b/bika/lims/workflow/analysis/guards.py index 4ebebe285e..af7ad8db9b 100644 --- a/bika/lims/workflow/analysis/guards.py +++ b/bika/lims/workflow/analysis/guards.py @@ -18,14 +18,16 @@ # Copyright 2018-2019 by it's authors. # Some rights reserved, see README and LICENSE. +from plone.memoize.request import cache + from bika.lims import api from bika.lims import logger from bika.lims import workflow as wf +from bika.lims.api import security from bika.lims.interfaces import ISubmitted from bika.lims.interfaces import IVerified from bika.lims.interfaces import IWorksheet from bika.lims.interfaces.analysis import IRequestAnalysis -from plone.memoize.request import cache def is_worksheet_context(): @@ -140,7 +142,7 @@ def guard_submit(analysis): if not analyst: return False # Cannot submit if assigned analyst is not the current user - if analyst != api.get_current_user().getId(): + if analyst != security.get_user_uid(): return False # Cannot submit unless all dependencies are submitted or can be submitted From dd09530d9dbe464299017c9d7de3074df126609a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jordi=20Puiggen=C3=A9?= Date: Sat, 23 Nov 2019 10:42:20 +0100 Subject: [PATCH 3/3] typo --- bika/lims/workflow/analysis/guards.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bika/lims/workflow/analysis/guards.py b/bika/lims/workflow/analysis/guards.py index af7ad8db9b..d0f477f66b 100644 --- a/bika/lims/workflow/analysis/guards.py +++ b/bika/lims/workflow/analysis/guards.py @@ -142,7 +142,7 @@ def guard_submit(analysis): if not analyst: return False # Cannot submit if assigned analyst is not the current user - if analyst != security.get_user_uid(): + if analyst != security.get_user_id(): return False # Cannot submit unless all dependencies are submitted or can be submitted