Merge remote-tracking branch 'upstream/master' into pr-osparc-long-running-tasks-refactor-6

Author: Andrei Neagu

services/static-webserver/client/source/class/osparc/data/Permissions.js

@@ -324,11 +324,11 @@ qx.Class.define("osparc.data.Permissions", {
     },
 
     isProductOwner: function() {
-      return this.getRole() === "product_owner";
+      return ["admin", "product_owner"].includes(this.getRole());
     },
 
     isAdmin: function() {
-      return this.getRole() === "admin";
+      return ["admin"].includes(this.getRole());
     },
   }
 });

services/static-webserver/client/source/class/osparc/navigation/UserMenu.js

@@ -51,19 +51,19 @@ qx.Class.define("osparc.navigation.UserMenu", {
           control.addListener("execute", () => osparc.desktop.account.MyAccountWindow.openWindow(), this);
           this.add(control);
           break;
-        case "admin-center":
-          control = new qx.ui.menu.Button(this.tr("Admin Center"));
-          control.addListener("execute", () => osparc.admin.AdminCenterWindow.openWindow(), this);
+        case "tester-center":
+          control = new qx.ui.menu.Button(this.tr("Tester Center"));
+          control.addListener("execute", () => osparc.tester.TesterCenterWindow.openWindow(), this);
           this.add(control);
           break;
         case "po-center":
           control = new qx.ui.menu.Button(this.tr("PO Center"));
           control.addListener("execute", () => osparc.po.POCenterWindow.openWindow(), this);
           this.add(control);
           break;
-        case "tester-center":
-          control = new qx.ui.menu.Button(this.tr("Tester Center"));
-          control.addListener("execute", () => osparc.tester.TesterCenterWindow.openWindow(), this);
+        case "admin-center":
+          control = new qx.ui.menu.Button(this.tr("Admin Center"));
+          control.addListener("execute", () => osparc.admin.AdminCenterWindow.openWindow(), this);
           this.add(control);
           break;
         case "billing-center":
@@ -144,14 +144,14 @@ qx.Class.define("osparc.navigation.UserMenu", {
         this.getChildControl("log-in");
       } else {
         this.getChildControl("user-center");
-        if (osparc.data.Permissions.getInstance().isAdmin()) {
-          this.getChildControl("admin-center");
+        if (osparc.data.Permissions.getInstance().isTester()) {
+          this.getChildControl("tester-center");
         }
         if (osparc.data.Permissions.getInstance().isProductOwner()) {
           this.getChildControl("po-center");
         }
-        if (osparc.data.Permissions.getInstance().isTester()) {
-          this.getChildControl("tester-center");
+        if (osparc.data.Permissions.getInstance().isAdmin()) {
+          this.getChildControl("admin-center");
         }
         if (osparc.desktop.credits.Utils.areWalletsEnabled()) {
           this.getChildControl("billing-center");
@@ -196,14 +196,14 @@ qx.Class.define("osparc.navigation.UserMenu", {
         this.getChildControl("log-in");
       } else {
         this.getChildControl("user-center");
-        if (osparc.data.Permissions.getInstance().isAdmin()) {
-          this.getChildControl("admin-center");
+        if (osparc.data.Permissions.getInstance().isTester()) {
+          this.getChildControl("tester-center");
         }
         if (osparc.data.Permissions.getInstance().isProductOwner()) {
           this.getChildControl("po-center");
         }
-        if (osparc.data.Permissions.getInstance().isTester()) {
-          this.getChildControl("tester-center");
+        if (osparc.data.Permissions.getInstance().isAdmin()) {
+          this.getChildControl("admin-center");
         }
         if (osparc.desktop.credits.Utils.areWalletsEnabled()) {
           this.getChildControl("billing-center");

services/static-webserver/client/source/class/osparc/po/UsersPending.js

@@ -340,7 +340,7 @@ qx.Class.define("osparc.po.UsersPending", {
     __createRejectButton: function(email) {
       const button = new osparc.ui.form.FetchButton("Reject");
       button.addListener("execute", () => {
-        const msg = `Are you sure you want to reject ${email}.<br>The operation cannot be reverted"`;
+        const msg = `Are you sure you want to reject ${email}.<br>The operation cannot be reverted`;
         const win = new osparc.ui.window.Confirmation(msg).set({
           caption: "Reject User",
           confirmText: "Reject",

services/web/server/src/simcore_service_webserver/security/_authz_access_roles.py

@@ -120,7 +120,7 @@ class PermissionDict(TypedDict, total=False):
             "resource-usage.write",
             "storage.files.sync",
         ],
-        inherits=[UserRole.TESTER],
+        inherits=[UserRole.PRODUCT_OWNER],
     ),
 }
 

services/web/server/tests/unit/with_dbs/03/invitations/test_products_rest_invitations.py

@@ -34,7 +34,7 @@
         (UserRole.USER, status.HTTP_403_FORBIDDEN),
         (UserRole.TESTER, status.HTTP_403_FORBIDDEN),
         (UserRole.PRODUCT_OWNER, status.HTTP_200_OK),
-        (UserRole.ADMIN, status.HTTP_403_FORBIDDEN),
+        (UserRole.ADMIN, status.HTTP_200_OK),
     ],
 )
 async def test_role_access_to_generate_invitation(

services/web/server/tests/unit/with_dbs/03/invitations/test_users_accounts_rest_registration.py

@@ -95,9 +95,10 @@ async def mock_send_message(msg):
         *(
             (role, status.HTTP_403_FORBIDDEN)
             for role in UserRole
-            if role not in {UserRole.PRODUCT_OWNER, UserRole.ANONYMOUS}
+            if role not in {UserRole.PRODUCT_OWNER, UserRole.ADMIN, UserRole.ANONYMOUS}
         ),
         (UserRole.PRODUCT_OWNER, status.HTTP_200_OK),
+        (UserRole.ADMIN, status.HTTP_200_OK),
     ],
 )
 async def test_access_rights_on_search_users_only_product_owners_can_access(

services/web/server/tests/unit/with_dbs/04/products/test_products_rest.py

@@ -51,7 +51,7 @@ async def test_get_product_price_when_undefined(
         (UserRole.USER, status.HTTP_403_FORBIDDEN),
         (UserRole.TESTER, status.HTTP_403_FORBIDDEN),
         (UserRole.PRODUCT_OWNER, status.HTTP_200_OK),
-        (UserRole.ADMIN, status.HTTP_403_FORBIDDEN),
+        (UserRole.ADMIN, status.HTTP_200_OK),
     ],
 )
 async def test_get_product_access_rights(