$ .../phoenix/ceda_security.py
if user is None or user.get("login_id") in role_mappings["suspended_users"]:
# the user is not logged or is suspended so we return False
return False
if processid in role_mappings.get("restricted_to_ceda_users", []):
# the process is available to all CEDA users
return True
>>> ADD THIS BIT
if user.get("login_id") in role_mappings["restricted_by_user_id"].get(process_id, []):
# the process is available to this specific user
return True
>>> END OF NEW BIT
users_roles = _get_user_roles(request, user.get("login_id"))
for role in users_roles:
if role in restricted_procs.get(processid, []):
return True
>>> LATER, UPDATE THIS
def _get_process_role_mappings(...)
- to include returning "restricted_by_user_id"
And: