diff --git a/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs b/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs index f0a455941..a6ea6138d 100644 --- a/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs +++ b/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs @@ -67,6 +67,13 @@ namespace IRaCIS.Core.API policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString(),((int)UserTypeEnum.SPM).ToString(), ((int)UserTypeEnum.CPM).ToString()); }); + options.AddPolicy(IRaCISPolicy.PM_APM_SPM_CPM_SMM_CMM, policyBuilder => + { + policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString(), ((int)UserTypeEnum.SPM).ToString(), + ((int)UserTypeEnum.CPM).ToString(), ((int)UserTypeEnum.SMM).ToString(), ((int)UserTypeEnum.CMM).ToString()); + }); + + }); diff --git a/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs b/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs index 50610ea64..994cbbc9f 100644 --- a/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs +++ b/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs @@ -33,6 +33,8 @@ namespace IRaCIS.Core.Application.Auth public const string PM_APM_SPM_CPM = "PM_APM_SPM_CPM"; + public const string PM_APM_SPM_CPM_SMM_CMM = "PM_APM_SPM_CPM_SMM_CMM"; + public const string PM_APM_CRC_QC = "PM_APM_CRC_QC"; diff --git a/IRaCIS.Core.Application/Service/ImageAndDoc/_MapConfig.cs b/IRaCIS.Core.Application/Service/ImageAndDoc/_MapConfig.cs index 66b395a1f..0ff43ef0a 100644 --- a/IRaCIS.Core.Application/Service/ImageAndDoc/_MapConfig.cs +++ b/IRaCIS.Core.Application/Service/ImageAndDoc/_MapConfig.cs @@ -58,7 +58,7 @@ namespace IRaCIS.Core.Application.Service CreateMap() .ForMember(o => o.UploadedTime, t => t.MapFrom(u => u.CreateTime)) .ForMember(o => o.Uploader, t => t.MapFrom(u => u.Uploader.LastName + " / " + u.Uploader.FirstName)) - .ForMember(o => o.StudyId, t => t.MapFrom(u => u.Id) + .ForMember(o => o.StudyId, t => t.MapFrom(u => u.Id)); diff --git a/IRaCIS.Core.Application/Service/WorkLoad/EnrollService.cs b/IRaCIS.Core.Application/Service/WorkLoad/EnrollService.cs index a4d8abe43..e75265361 100644 --- a/IRaCIS.Core.Application/Service/WorkLoad/EnrollService.cs +++ b/IRaCIS.Core.Application/Service/WorkLoad/EnrollService.cs @@ -134,7 +134,7 @@ namespace IRaCIS.Application.Services [HttpPost("{trialId:guid}")] [TypeFilter(typeof(TrialResourceFilter))] - [Authorize(Policy = IRaCISPolicy.PM_APM_SPM_CPM)] + [Authorize(Policy = IRaCISPolicy.PM_APM_SPM_CPM_SMM_CMM)] public async Task SelectReviewers(Guid trialId, Guid[] doctorIdArray) { var trial = await _trialRepository.FirstOrDefaultAsync(t => t.Id == trialId); @@ -185,7 +185,7 @@ namespace IRaCIS.Application.Services [HttpPost("{trialId:guid}/{commitState:int}")] [TypeFilter(typeof(TrialResourceFilter))] - [Authorize(Policy = IRaCISPolicy.PM_APM_SPM_CPM)] + [Authorize(Policy = IRaCISPolicy.PM_APM_SPM_CPM_SMM_CMM)] public async Task SubmitReviewer(Guid trialId, Guid[] doctorIdArray, int commitState) { @@ -265,7 +265,7 @@ namespace IRaCIS.Application.Services [HttpPost("{trialId:guid}/{auditState:int}")] [TypeFilter(typeof(TrialResourceFilter))] - [Authorize(Policy = IRaCISPolicy.PM_APM_SPM_CPM)] + [Authorize(Policy = IRaCISPolicy.PM_APM_SPM_CPM_SMM_CMM)] public async Task ApproveReviewer(Guid trialId, Guid[] doctorIdArray, int auditState) { @@ -351,7 +351,7 @@ namespace IRaCIS.Application.Services [HttpPost] [TypeFilter(typeof(TrialResourceFilter))] - [Authorize(Policy = IRaCISPolicy.PM_APM_SPM_CPM)] + [Authorize(Policy = IRaCISPolicy.PM_APM_SPM_CPM_SMM_CMM)] [UnitOfWork] public async Task ConfirmReviewer(ConfirmReviewerCommand confirmReviewerCommand, [FromServices] IRepository _trialUserRepository,