Merge pull request #24 from aquality-automation/feature/Local_Manager_can_see_Local_Permissions_page

Fix Permissions for CRUD Local Permissions

Author: VladislavKostyukevich

CHANGELOG.md

@@ -1,6 +1,11 @@
 # CHANGELOG
 
-## 0.3.2 (unreleased)
+## 0.3.3 (unreleased)
+
+Bugfixes:
+  - Local Manager can see Local Permissions page -> [View Issue](https://github.com/aquality-automation/aquality-tracking-ui/issues/22)
+
+## 0.3.2 (2019-09-10)
 
 Features:
 

src/main/java/main/controllers/Project/ProjectUserController.java

@@ -22,7 +22,7 @@ public ProjectUserController(UserDto user) {
 
     @Override
     public ProjectUserDto create(ProjectUserDto template) throws AqualityException {
-        if(baseUser.isAdmin() || baseUser.getProjectUser(template.getProject_id()).isAdmin()){
+        if(isEditorSession(template)){
             return projectUserDao.create(template);
         }else{
             throw new AqualityPermissionsException("Account is not allowed to create Project User", baseUser);
@@ -40,7 +40,7 @@ public List<ProjectUserDto> get(ProjectUserDto template) throws AqualityExceptio
 
     @Override
     public boolean delete(ProjectUserDto template) throws AqualityException {
-        if(baseUser.isAdmin() || baseUser.getProjectUser(template.getProject_id()).isAdmin()){
+        if(isEditorSession(template)){
             return projectUserDao.delete(template);
         }else{
             throw new AqualityPermissionsException("Account is not allowed to delete Project User", baseUser);
@@ -59,4 +59,10 @@ private List<ProjectUserDto> fillProjectUsers(List<ProjectUserDto> projectUsers)
         }
         return projectUsers;
     }
+
+    private boolean isEditorSession(ProjectUserDto template){
+        return baseUser.isAdmin() || baseUser.isManager()
+                || baseUser.getProjectUser(template.getProject_id()).isAdmin()
+                || baseUser.getProjectUser(template.getProject_id()).isManager();
+    }
 }