Feat/devsu 2269 update access checks

app/components/AuthenticatedRoute/index.jsx

@@ -14,10 +14,10 @@ import { isAuthorized } from '@/services/management/auth';
  * @returns {Route} a route component which checks authorization on render or redirects to login
  */
 const AuthenticatedRoute = ({
-  component: Component, adminRequired, showNav, onToggleNav, ...rest
+  component: Component, managerRequired, showNav, onToggleNav, ...rest
 }) => {
   const { authorizationToken } = useSecurity();
-  const { adminAccess } = useResource();
+  const { managerAccess, adminAccess } = useResource();
   const authOk = isAuthorized(authorizationToken);
 
   const ChildComponent = useMemo(() => {
@@ -34,13 +34,13 @@ const AuthenticatedRoute = ({
       };
     }
 
-    if (!adminAccess && adminRequired) {
+    if (!managerAccess && managerRequired) {
       return () => (
         <Redirect to="/" />
       );
     }
     return Component;
-  }, [Component, adminAccess, adminRequired, authOk]);
+  }, [Component, adminAccess, managerAccess, managerRequired, authOk]);
 
   if (showNav) {
     onToggleNav(true);
@@ -57,7 +57,7 @@ const AuthenticatedRoute = ({
 };
 
 AuthenticatedRoute.propTypes = {
-  adminRequired: PropTypes.bool,
+  managerRequired: PropTypes.bool,
   // eslint-disable-next-line react/forbid-prop-types
   component: PropTypes.object.isRequired,
   // eslint-disable-next-line react/forbid-prop-types
@@ -67,7 +67,7 @@ AuthenticatedRoute.propTypes = {
 };
 
 AuthenticatedRoute.defaultProps = {
-  adminRequired: false,
+  managerRequired: false,
   location: null,
   onToggleNav: () => {},
   showNav: false,

app/components/Sidebar/__tests__/Sidebar.test.tsx

@@ -12,6 +12,13 @@ const permissions = {
   reportsAccess: true,
   adminAccess: true,
   reportSettingAccess: true,
+  managerAccess: false,
+  reportEditAccess: false,
+  unreviewedAccess: false,
+  nonproductionAccess: false,
+  allStates: [],
+  unreviewedStates: [],
+  nonproductionStates: [],
 };
 
 const theme = createTheme();

app/components/Sidebar/index.tsx

@@ -31,7 +31,7 @@ import './index.scss';
 const Sidebar = (): JSX.Element => {
   const { pathname } = useLocation();
   const { sidebarMaximized, setSidebarMaximized } = useContext(SidebarContext);
-  const { germlineAccess, reportsAccess, adminAccess } = useResource();
+  const { germlineAccess, reportsAccess, managerAccess, adminAccess } = useResource();
 
   const handleSidebarClose = useCallback(() => {
     setSidebarMaximized(false);
@@ -42,7 +42,7 @@ const Sidebar = (): JSX.Element => {
   const drawer = useMemo(() => {
     let adminSection = null;
 
-    if (adminAccess) {
+    if (managerAccess || adminAccess) {
       adminSection = (
         <>
           <ListItem
@@ -129,7 +129,7 @@ const Sidebar = (): JSX.Element => {
           </ListItem>
         </>
       );
-    } else if (!adminAccess && reportsAccess) {
+    } else if (!managerAccess && reportsAccess) {
       adminSection = (
         <ListItem
           className={`
@@ -233,7 +233,7 @@ const Sidebar = (): JSX.Element => {
         </List>
       </div>
     );
-  }, [adminAccess, germlineAccess, handleSidebarClose, pathname, reportsAccess, sidebarMaximized]);
+  }, [adminAccess, managerAccess, germlineAccess, handleSidebarClose, pathname, reportsAccess, sidebarMaximized]);
 
   let drawerProps: DrawerProps = {
     variant: 'temporary',

app/context/ResourceContext/index.tsx

@@ -5,8 +5,21 @@ import { checkAccess, ALL_ROLES } from '@/utils/checkAccess';
 import useSecurity from '@/hooks/useSecurity';
 import ResourceContextType from './types';
 
-const GERMLINE_ACCESS = ['admin', 'analyst', 'bioinformatician', 'projects', 'manager'];
+// TODO: determine whether bioinformaticians need nonprod or germline access;
+// determine whether report managers do
+// TODO: rename bioinformatician role?
+const GERMLINE_ACCESS = ['admin', 'manager', 'bioinformatician', 'germline access'];
+const UNREVIEWED_ACCESS = ['admin', 'manager', 'report manager', 'bioinformatician', 'unreviewed access'];
+const NONPRODUCTION_ACCESS = ['admin', 'manager', 'bioinformatician', 'non-production access'];
+
 const GERMLINE_BLOCK = ALL_ROLES;
+const UNREVIEWED_ACCESS_BLOCK = [];
+const NONPRODUCTION_ACCESS_BLOCK = [];
+
+const ALL_STATES = ['signedoff', 'nonproduction', 'uploaded', 'reviewed', 'completed', 'ready', 'active'];
+const UNREVIEWED_STATES = ['uploaded', 'ready', 'active']; // TODO decide if nonproduction should go in unreviewed as well
+const NONPRODUCTION_STATES = ['nonproduction'];
+
 const REPORTS_ACCESS = ['*'];
 const REPORTS_BLOCK = [];
 const ADMIN_ACCESS = ['admin'];
@@ -19,7 +32,10 @@ const useResources = (): ResourceContextType => {
   const [reportsAccess, setReportsAccess] = useState(false);
   const [reportEditAccess, setReportEditAccess] = useState(false);
   const [adminAccess, setAdminAccess] = useState(false);
+  const [managerAccess, setManagerAccess] = useState(false);
   const [reportSettingAccess, setReportSettingAccess] = useState(false);
+  const [unreviewedAccess, setUnreviewedAccess] = useState(false);
+  const [nonproductionAccess, setNonproductionAccess] = useState(false);
 
   // Check user group first to see which resources they can access
   useEffect(() => {
@@ -36,28 +52,51 @@ const useResources = (): ResourceContextType => {
         setAdminAccess(true);
       }
 
-      if (checkAccess(groups, [...ADMIN_ACCESS, 'manager', 'Report Manager'], ADMIN_BLOCK)) {
+      if (checkAccess(groups, [...ADMIN_ACCESS, 'manager'], ADMIN_BLOCK)) {
+        setManagerAccess(true);
+      }
+
+      if (checkAccess(groups, [...ADMIN_ACCESS, 'manager', 'report manager'], ADMIN_BLOCK)) {
         setReportSettingAccess(true);
         setReportEditAccess(true);
       }
+      if (checkAccess(groups, UNREVIEWED_ACCESS, UNREVIEWED_ACCESS_BLOCK)) {
+        setUnreviewedAccess(true);
+      }
+      if (checkAccess(groups, NONPRODUCTION_ACCESS, NONPRODUCTION_ACCESS_BLOCK)) {
+        setNonproductionAccess(true);
+      }
+
     }
   }, [groups]);
 
   return {
     germlineAccess,
     reportsAccess,
     adminAccess,
+    managerAccess,
     reportSettingAccess,
     reportEditAccess,
+    unreviewedAccess,
+    nonproductionAccess,
+    allStates: ALL_STATES,
+    unreviewedStates: UNREVIEWED_STATES,
+    nonproductionStates: NONPRODUCTION_STATES,
   };
 };
 
 const ResourceContext = createContext<ResourceContextType>({
   germlineAccess: false,
   reportsAccess: false,
   adminAccess: false,
+  managerAccess: false,
   reportSettingAccess: false,
   reportEditAccess: false,
+  unreviewedAccess: false,
+  nonproductionAccess: false,
+  allStates: ALL_STATES,
+  unreviewedStates: UNREVIEWED_STATES,
+  nonproductionStates: NONPRODUCTION_STATES,
 });
 
 type ResourceContextProviderProps = {
@@ -66,21 +105,36 @@ type ResourceContextProviderProps = {
 
 const ResourceContextProvider = ({ children }: ResourceContextProviderProps): JSX.Element => {
   const {
-    germlineAccess, reportsAccess, adminAccess, reportSettingAccess, reportEditAccess,
+    germlineAccess, reportsAccess, adminAccess, managerAccess, reportSettingAccess, reportEditAccess, unreviewedAccess, nonproductionAccess,
+    allStates,
+    unreviewedStates,
+    nonproductionStates,
   } = useResources();
 
   const providerValue = useMemo(() => ({
     germlineAccess,
     reportsAccess,
     adminAccess,
+    managerAccess,
     reportSettingAccess,
     reportEditAccess,
+    unreviewedAccess,
+    nonproductionAccess,
+    allStates,
+    unreviewedStates,
+    nonproductionStates,
   }), [
     germlineAccess,
     reportsAccess,
     adminAccess,
+    managerAccess,
     reportSettingAccess,
     reportEditAccess,
+    unreviewedAccess,
+    nonproductionAccess,
+    allStates,
+    unreviewedStates,
+    nonproductionStates,
   ]);
 
   return (

app/context/ResourceContext/types.d.ts

@@ -2,8 +2,14 @@ type ResourceContextType = {
   germlineAccess: boolean;
   reportsAccess: boolean;
   adminAccess: boolean;
+  managerAccess: boolean;
   reportSettingAccess: boolean;
   reportEditAccess: boolean;
+  unreviewedAccess: boolean;
+  nonproductionAccess: boolean;
+  allStates: string[];
+  unreviewedStates: string[];
+  nonproductionStates: string[];
 };
 
 export default ResourceContextType;

app/utils/checkAccess.ts

@@ -1,21 +1,9 @@
 const ALL_ROLES = [
   'admin',
-  'Analyst',
-  'BioApps',
-  'Bioinformatician',
-  'Biopsies',
-  'Biospecimen Core',
-  'Clinician',
-  'Collaborator',
-  'Demo',
-  'External Analyst',
-  'LIMS',
+  'bioinformatician',
   'manager',
   'non-production access',
-  'Pipelines',
-  'Projects',
-  'Report Manager',
-  'Research',
+  'report manager',
 ];
 
 /*

app/views/AdminView/components/Groups/columnDefs.ts

@@ -8,7 +8,7 @@ const columnDefs = [
   },
   {
     headerName: 'Owner',
-    valueGetter: ({ data }) => `${data.owner.firstName} ${data.owner.lastName}`,
+    valueGetter: ({ data }) => `${data?.owner?.firstName ?? data.owner.username} ${data.owner.lastName ?? ''}`,
     hide: false,
   },
   {