@@ -435,7 +435,17 @@ async def is_user_permitted_to_map(project_id: int, user_id: int, db: Database):
435435 is_allowed_user = await ProjectService .is_user_in_the_allowed_list (
436436 project .id , user_id , db
437437 )
438- if not is_allowed_user :
438+
439+ allowed_roles = [
440+ TeamRoles .MAPPER .value ,
441+ TeamRoles .VALIDATOR .value ,
442+ TeamRoles .PROJECT_MANAGER .value ,
443+ ]
444+
445+ is_team_member = await TeamService .check_team_membership (
446+ project .id , allowed_roles , user_id , db
447+ )
448+ if not (is_allowed_user or is_team_member ):
439449 return False , MappingNotAllowed .USER_NOT_ON_ALLOWED_LIST
440450
441451 return True , "User allowed to map"
@@ -444,6 +454,7 @@ async def is_user_permitted_to_map(project_id: int, user_id: int, db: Database):
444454 async def has_validation_permission (
445455 project : Project , user_id : int , validation_permission : int , db : Database
446456 ):
457+
447458 allowed_roles = [TeamRoles .VALIDATOR .value , TeamRoles .PROJECT_MANAGER .value ]
448459 is_team_member = await TeamService .check_team_membership (
449460 project .id , allowed_roles , user_id , db
@@ -517,8 +528,11 @@ async def is_user_permitted_to_validate(
517528 is_allowed_user = await ProjectService .is_user_in_the_allowed_list (
518529 project_id , user_id , db
519530 )
520-
521- if not is_allowed_user :
531+ allowed_roles = [TeamRoles .VALIDATOR .value , TeamRoles .PROJECT_MANAGER .value ]
532+ is_team_member = await TeamService .check_team_membership (
533+ project .id , allowed_roles , user_id , db
534+ )
535+ if not (is_allowed_user or is_team_member ):
522536 return False , ValidatingNotAllowed .USER_NOT_ON_ALLOWED_LIST
523537
524538 return True , "User allowed to validate"
0 commit comments