Closed nrshapiro closed 2 years ago
It was reporting current as the JV103 content set was marked as current, presumably meaning that JV103 users can see all current IJP documents. I have now changed it to False and I believe it is behaving as you would expect.
We had a user report that was perplexing. https://github.com/Psychoanalytic-Electronic-Publishing/Support/issues/312
I spoofed her, and see that the server gets the following information from PaDS.
Spoofed Session: 6acea512-4682-4d9e-991d-173fa239a1cd
pads_user_info, status_code = get_authserver_session_userinfo("6acea512-4682-4d9e-991d-173fa239a1cd", client_id, addl_log_info=" (complete session_record)")
As you can see, it reports that she has PEPCurrent access.
But when the server asks permission to read the document,
https://pads.pep-web.org/PEPSecure/api/v1/Permits?SessionId=6acea512-4682-4d9e-991d-173fa239a1cd&DocId=PSAR.108.0291A&DocYear=2021&ReasonForCheck=DocumentView
it says that she doesn't have permission for that document (which she shouldn't), but still claims she has current access:
DocId = 'PSAR.108.0291A' HasArchiveAccess = True HasCurrentAccess = True Permit = False ReasonId = 200 ReasonStr = 'Your subscription gives you access to All NonEmbargoed (Archive), IJP JV103, IJP Open, but access to this document is denied because 2021 is in the embargoed years (3).... SessionId = '6acea512-4682-4d9e-991d-173fa239a1cd'
@SophieMBennett