Closed michamos closed 1 month ago
A user reports that he can't edit his job post: https://cern.service-now.com/nav_to.do?uri=%2Fu_request_fulfillment.do%3Fsys_id%3D7d5c1665c3c082102fec1bddd40131d9%26sysparm_view%3Dtabs_new%26sysparm_domain%3Dnull%26sysparm_domain_scope%3Dnull. After investigating, it turns out that the check in https://github.com/inspirehep/inspirehep/blob/cd81c540c65175d3f9a6a45bdc847e8dcc945ea2/backend/inspirehep/submissions/views.py#L528-L533 is wrong. Email addresses can change, so we shouldn't require them to match. The ORCID check is sufficient.
Additionally, it might make sense to refactor this to align it with the similar permission check in https://github.com/inspirehep/inspirehep/blob/cd81c540c65175d3f9a6a45bdc847e8dcc945ea2/backend/inspirehep/records/marshmallow/jobs/ui.py#L25-L53 which determines whether the edit button gets displayed.
edit
@michamos with this change we have some cases that are failing for example:
https://github.com/inspirehep/inspirehep/blob/e273b52138ab6de99f37bf7197e441c2b527d791/backend/tests/integration/submissions/test_submissions_views.py#L1439-L1440
I guess these are wrong assumptions from the beginning, some of them are:
A user reports that he can't edit his job post: https://cern.service-now.com/nav_to.do?uri=%2Fu_request_fulfillment.do%3Fsys_id%3D7d5c1665c3c082102fec1bddd40131d9%26sysparm_view%3Dtabs_new%26sysparm_domain%3Dnull%26sysparm_domain_scope%3Dnull. After investigating, it turns out that the check in https://github.com/inspirehep/inspirehep/blob/cd81c540c65175d3f9a6a45bdc847e8dcc945ea2/backend/inspirehep/submissions/views.py#L528-L533 is wrong. Email addresses can change, so we shouldn't require them to match. The ORCID check is sufficient.
Additionally, it might make sense to refactor this to align it with the similar permission check in https://github.com/inspirehep/inspirehep/blob/cd81c540c65175d3f9a6a45bdc847e8dcc945ea2/backend/inspirehep/records/marshmallow/jobs/ui.py#L25-L53 which determines whether the
edit
button gets displayed.