diff --git a/backend/services/project_service.py b/backend/services/project_service.py index a1d8b6c5f6..b7db3c6402 100644 --- a/backend/services/project_service.py +++ b/backend/services/project_service.py @@ -435,7 +435,17 @@ async def is_user_permitted_to_map(project_id: int, user_id: int, db: Database): is_allowed_user = await ProjectService.is_user_in_the_allowed_list( project.id, user_id, db ) - if not is_allowed_user: + + allowed_roles = [ + TeamRoles.MAPPER.value, + TeamRoles.VALIDATOR.value, + TeamRoles.PROJECT_MANAGER.value, + ] + + is_team_member = await TeamService.check_team_membership( + project.id, allowed_roles, user_id, db + ) + if not (is_allowed_user or is_team_member): return False, MappingNotAllowed.USER_NOT_ON_ALLOWED_LIST return True, "User allowed to map" @@ -444,6 +454,7 @@ async def is_user_permitted_to_map(project_id: int, user_id: int, db: Database): async def has_validation_permission( project: Project, user_id: int, validation_permission: int, db: Database ): + allowed_roles = [TeamRoles.VALIDATOR.value, TeamRoles.PROJECT_MANAGER.value] is_team_member = await TeamService.check_team_membership( project.id, allowed_roles, user_id, db @@ -517,8 +528,11 @@ async def is_user_permitted_to_validate( is_allowed_user = await ProjectService.is_user_in_the_allowed_list( project_id, user_id, db ) - - if not is_allowed_user: + allowed_roles = [TeamRoles.VALIDATOR.value, TeamRoles.PROJECT_MANAGER.value] + is_team_member = await TeamService.check_team_membership( + project.id, allowed_roles, user_id, db + ) + if not (is_allowed_user or is_team_member): return False, ValidatingNotAllowed.USER_NOT_ON_ALLOWED_LIST return True, "User allowed to validate"