aces/biobank

view/edit permissions not working as expected

ridz1208 opened this issue · 1 comments

This issue was reported by Nicolas,

It seems that view permissions for specimens containers and pools are interdependent and cannot be administered separately. I think the permission system we have on is a bit dated and we should consider the following for a minor revamp.

  • all permissions should be enforced front-end and back-end especially ones affecting data in the DB (POST PUT PATCH)
  • its not necessary to separate view permissions for specimens containers and pools but if its possible we can keep that functionality
  • it is important to keep edit/create functionality controlled by separate permissions for specimens containers and pools

to be tacked after site/project cleanup