You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Budget valuators are not able to comment or edit Valuation Investments when assigned as part of a Valuation Group
Type: Bug
Current Behavior
When sending Budget Investments to valuators, the valuator is correctly presented with the list of investments to valuate
When assigning Valuators individually this works correctly.
When assigning a valuation Group the list of investments is correctly displayed but when the valuator tries to Edit or Comment on an investment a 404 Error is returned
In this example none of those valuators are able to comment on the valuation even though they are members of the Valuation Group
Expected Behavior
Someone who is a member of a valuation group should be able to edit/comment on a budget investment assigned to them for valuation
Solution
I think the problem lies in the budget_investments_controller.rb file. The Method Restrict access to assigned items tests for an administrator or a valuator assignment but doesn't seem to cope with someone who is a member of a valuator group but not individually assigned as a valuator
def restrict_access_to_assigned_items
return if current_user.administrator? ||
Budget::ValuatorAssignment.exists?(investment_id: params[:id],
valuator_id: current_user.valuator.id)
raise ActionController::RoutingError, "Not Found"
end
I have coded a workaround which tests to see if current user is a member of an assigned valuation group. This seems to work for me, but I am not a coder (and especially not a rails coder) so I have no idea if this is the correct way to do things, or if this is masking an unresolved issue elsewhere.
def restrict_access_to_assigned_items
return if current_user.administrator? ||
Budget::ValuatorAssignment.exists?(investment_id: params[:id],
valuator_id: current_user.valuator.id)
# Find the valuator group assignment for the investment
valuator_group_assignment = Budget::ValuatorGroupAssignment.find_by(investment_id: params[:id])
# Check if the valuator group assignment exists
if valuator_group_assignment.present?
vg_id = valuator_group_assignment.valuator_group_id
# Find all valuators in the Valuator Group
valuators_in_group = Valuator.where(valuator_group_id: vg_id)
# Check if the current user is among the valuators in the group
return if valuators_in_group.exists?(user_id: current_user.id)
else
# If no specific assignment, check if the user belongs to any valuator group for the investment
valuator_groups_for_investment = Budget::ValuatorGroupAssignment.where(investment_id: params[:id])
user_valuator_groups = current_user.valuator.valuator_groups
return if (user_valuator_groups & valuator_groups_for_investment.map(&:valuator_group)).present?
end
The text was updated successfully, but these errors were encountered:
Budget valuators are not able to comment or edit Valuation Investments when assigned as part of a Valuation Group
Type: Bug
Current Behavior
When sending Budget Investments to valuators, the valuator is correctly presented with the list of investments to valuate
When assigning Valuators individually this works correctly.
When assigning a valuation Group the list of investments is correctly displayed but when the valuator tries to Edit or Comment on an investment a 404 Error is returned
In this example none of those valuators are able to comment on the valuation even though they are members of the Valuation Group
Expected Behavior
Someone who is a member of a valuation group should be able to edit/comment on a budget investment assigned to them for valuation
Solution
I think the problem lies in the budget_investments_controller.rb file. The Method Restrict access to assigned items tests for an administrator or a valuator assignment but doesn't seem to cope with someone who is a member of a valuator group but not individually assigned as a valuator
I have coded a workaround which tests to see if current user is a member of an assigned valuation group. This seems to work for me, but I am not a coder (and especially not a rails coder) so I have no idea if this is the correct way to do things, or if this is masking an unresolved issue elsewhere.
The text was updated successfully, but these errors were encountered: