bcgov · arcshiftsolutions · Oct 20, 2023 · Oct 20, 2023 · Oct 20, 2023
diff --git a/backend/src/components/roles.js b/backend/src/components/roles.js
@@ -25,7 +25,8 @@ const roles = {
     //Help functions created in auth module: isValidPenTeamRoleUserToken, isValidPenTeamRoleUser
     PenTeamRole: config.get('server:edx:teamRoles:pen'),
     //Help functions created in auth module: isValidSchoolMoveUserToken, isValidSchoolMoveUser
-    School: ['SCHOOL_ADMIN']
+    School: ['SCHOOL_ADMIN'],
+    EDX: [config.get('server:edx:roleAdmin')]
   },
   Admin: {
     //Help functions created in auth module: isValidGMPAdmin

diff --git a/backend/src/routes/auth.js b/backend/src/routes/auth.js
@@ -14,7 +14,7 @@ const {
   validationResult
 } = require('express-validator');
 
-const isValidStaffUserWithRoles = auth.isValidUserWithRoles('GMP & UMP & PenRequestBatch & StudentSearch & StaffAdministration & NominalRoll & NominalRollReadOnly & GUMPAnalytics & PenRequestBatchAnalytics & Exchange', [...roles.User.GMP, ...roles.User.UMP, ...roles.User.PenRequestBatch, ...roles.User.StudentSearch, ...roles.User.StaffAdministration, ...roles.User.NominalRoll , ...roles.User.NominalRollReadOnly, ...roles.User.GUMPAnalytics, ...roles.User.PenRequestBatchAnalytics, ...roles.User.Exchange]);
+const isValidStaffUserWithRoles = auth.isValidUserWithRoles('GMP & UMP & PenRequestBatch & StudentSearch & StaffAdministration & NominalRoll & NominalRollReadOnly & GUMPAnalytics & PenRequestBatchAnalytics & Exchange & EDX', [...roles.User.GMP, ...roles.User.UMP, ...roles.User.PenRequestBatch, ...roles.User.StudentSearch, ...roles.User.StaffAdministration, ...roles.User.NominalRoll , ...roles.User.NominalRollReadOnly, ...roles.User.GUMPAnalytics, ...roles.User.PenRequestBatchAnalytics, ...roles.User.Exchange, ...roles.User.EDX]);
 const isValidWebSocketUserWithRoles = auth.isValidUserWithRoles('GMP & UMP & PenRequestBatch & Exchange & School', [...roles.User.GMP, ...roles.User.UMP, ...roles.User.PenRequestBatch, ...roles.User.Exchange, ...roles.User.School]);
 
 const router = express.Router();

diff --git a/backend/src/routes/edx-router.js b/backend/src/routes/edx-router.js
diff --git a/frontend/src/components/institute/authority/Details.vue b/frontend/src/components/institute/authority/Details.vue
@@ -452,7 +452,7 @@
           </v-row>
           <div v-if="!editing">
             <v-row
-              v-if="!hasMailingAddress() && !editing"
+              v-if="canEditAuthorities() && !hasMailingAddress() && !editing"
               no-gutters
               class="d-flex justify-start"
             >

diff --git a/frontend/src/components/institute/district/Details.vue b/frontend/src/components/institute/district/Details.vue
@@ -301,7 +301,7 @@
           </v-row>
           <div v-if="!editing">
             <v-row
-              v-if="!hasMailingAddress() && !editing"
+              v-if="canEditDistrictDetails() && !hasMailingAddress() && !editing"
               no-gutters
               class="mt-2 d-flex justify-start"
             >

diff --git a/frontend/src/components/util/NavBar.vue b/frontend/src/components/util/NavBar.vue
@@ -170,7 +170,7 @@ export default {
   },
   computed: {
     ...mapState(appStore, ['config']),
-    ...mapState(authStore, ['isAuthorizedUser', 'ADVANCED_SEARCH_ROLE', 'VIEW_EDIT_PEN_REQUEST_BATCH_FILES_ROLE', 'EDIT_MACROS_ROLE', 'VIEW_GMP_REQUESTS_ROLE', 'VIEW_UMP_REQUESTS_ROLE', 'PROCESS_STUDENT_ROLE', 'VIEW_PEN_COORDINATOR_INFO_ROLE', 'NOMINAL_ROLL_ROLE', 'STAFF_ADMINISTRATION_ADMIN', 'HAS_STATS_ROLE', 'STUDENT_ANALYTICS_STUDENT_PROFILE', 'STUDENT_ANALYTICS_BATCH', 'EXCHANGE_ROLE', 'EXCHANGE_ACCESS_ROLE', 'PEN_TEAM_ROLE']),
+    ...mapState(authStore, ['isAuthorizedUser', 'ADVANCED_SEARCH_ROLE', 'VIEW_EDIT_PEN_REQUEST_BATCH_FILES_ROLE', 'EDIT_MACROS_ROLE', 'VIEW_GMP_REQUESTS_ROLE', 'VIEW_UMP_REQUESTS_ROLE', 'PROCESS_STUDENT_ROLE', 'VIEW_PEN_COORDINATOR_INFO_ROLE', 'NOMINAL_ROLL_ROLE', 'STAFF_ADMINISTRATION_ADMIN', 'HAS_STATS_ROLE', 'STUDENT_ANALYTICS_STUDENT_PROFILE', 'STUDENT_ANALYTICS_BATCH', 'EXCHANGE_ROLE', 'EXCHANGE_ACCESS_ROLE', 'PEN_TEAM_ROLE', 'INSTITUTIONS_ADMINISTRATION_ADMIN']),
     items() {
       return [
         {
@@ -254,22 +254,22 @@ export default {
         },
         {
           title: 'Institutions',
-          authorized: this.isAuthorizedUser,
+          authorized: this.INSTITUTIONS_ADMINISTRATION_ADMIN,
           items: [
             {
               title: 'Schools',
               link: 'instituteSchoolList',
-              authorized: this.isAuthorizedUser
+              authorized: this.INSTITUTIONS_ADMINISTRATION_ADMIN
             },
             {
               title: 'Districts',
               link: 'instituteDistrict',
-              authorized: this.isAuthorizedUser
+              authorized: this.INSTITUTIONS_ADMINISTRATION_ADMIN
             },
             {
               title: 'Authorities',
               link: 'instituteAuthoritiesList',
-              authorized: this.isAuthorizedUser
+              authorized: this.INSTITUTIONS_ADMINISTRATION_ADMIN
             }
           ],
         },

diff --git a/frontend/src/store/modules/auth.js b/frontend/src/store/modules/auth.js
@@ -69,7 +69,8 @@ export const authStore = defineStore('auth', {
     SCHOOL_ADMIN_ROLE: state => state.isValidSchoolAdmin,
     INDEPENDENT_SCHOOLS_ADMIN_ROLE: state => state.isValidSchoolIndependentAdmin,
     OFFSHORE_SCHOOLS_ADMIN_ROLE: state => state.isValidSchoolOffshoreAdmin,
-    INDEPENDENT_AUTHORITY_ADMIN_ROLE: state => state.isValidIndependentAuthorityAdmin
+    INDEPENDENT_AUTHORITY_ADMIN_ROLE: state => state.isValidIndependentAuthorityAdmin,
+    INSTITUTIONS_ADMINISTRATION_ADMIN: state => state.isValidSchoolAdmin || state.isValidDistrictAdmin || state.isValidSchoolIndependentAdmin || state.isValidSchoolOffshoreAdmin || state.isValidIndependentAuthorityAdmin,
   },
   actions: {
     //sets Json web token and determines whether user is authenticated