|
38 | 38 | from app.datamgmt.manage.manage_groups_db import get_group_with_members |
39 | 39 | from app.datamgmt.manage.manage_users_db import get_user |
40 | 40 | from app.datamgmt.manage.manage_users_db import get_users_list_restricted_from_case |
41 | | -from app.datamgmt.manage.manage_users_db import set_user_case_access |
| 41 | +from app.business.access_controls import set_user_case_access, ac_fast_check_user_has_case_access |
42 | 42 | from app.business.cases import cases_export_to_json |
43 | | -from app.iris_engine.access_control.utils import ac_fast_check_user_has_case_access |
44 | 43 | from app.iris_engine.access_control.utils import ac_set_case_access_for_users |
45 | 44 | from app.iris_engine.utils.tracker import track_activity |
46 | 45 | from app.models.models import CaseStatus |
@@ -243,21 +242,29 @@ def user_cac_set_case(caseid): |
243 | 242 |
|
244 | 243 | try: |
245 | 244 |
|
246 | | - success, logs = set_user_case_access(user.id, data.get('case_id'), data.get('access_level')) |
| 245 | + case_identifier = data.get('case_id') |
| 246 | + access_level = data.get('access_level') |
| 247 | + |
| 248 | + if user.id is None or type(user.id) is not int: |
| 249 | + return response_error('Invalid user id') |
| 250 | + if case_identifier is None or type(case_identifier) is not int: |
| 251 | + return response_error('Invalid case id') |
| 252 | + if access_level is None or type(access_level) is not int: |
| 253 | + return response_error('Invalid access level') |
| 254 | + if CaseAccessLevel.has_value(access_level) is False: |
| 255 | + return response_error('Invalid access level') |
| 256 | + |
| 257 | + set_user_case_access(user.id, case_identifier, access_level) |
247 | 258 | track_activity('case access set to {} for user {}'.format(data.get('access_level'), user.name), caseid) |
248 | 259 | add_obj_history_entry(case, 'access changed to {} for user {}'.format(data.get('access_level'), user.name)) |
249 | 260 |
|
250 | 261 | db.session.commit() |
| 262 | + return response_success(msg=f'Case access set to {access_level} for user {user.id}') |
251 | 263 |
|
252 | 264 | except Exception as e: |
253 | 265 | log.error(f'Error while setting case access for user: {e}') |
254 | 266 | log.error(traceback.format_exc()) |
255 | | - return response_error(msg=str(e)) |
256 | | - |
257 | | - if success: |
258 | | - return response_success(msg=logs) |
259 | | - |
260 | | - return response_error(msg=logs) |
| 267 | + return response_error(str(e)) |
261 | 268 |
|
262 | 269 |
|
263 | 270 | @case_rest_blueprint.route('/case/update-status', methods=['POST']) |
|
0 commit comments