add privileges.can_view_private_datasets to User.can_access_dataset()…

…; does not grant ability to manipulate/run processors
digitalmethodsinitiative · Feb 17, 2025 · 6b80bac · 6b80bac
1 parent b28b31f
commit 6b80bac
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/common/lib/config_definition.py b/common/lib/config_definition.py
@@ -139,7 +139,7 @@
     "privileges.admin.can_manipulate_all_datasets": {
         "type": UserInput.OPTION_TOGGLE,
         "default": False,
-        "help": "Can manipulate datasets",
+        "help": "Can manipulate all datasets",
         "tooltip": "Controls whether users can manipulate all datasets as if they were an owner, e.g. sharing it with "
                    "others, running processors, et cetera."
     },

diff --git a/common/lib/user.py b/common/lib/user.py
@@ -210,6 +210,10 @@ def can_access_dataset(self, dataset, role=None):
 
         elif self.is_admin:
             return True
+
+        elif self.config.get("privileges.can_view_private_datasets", user=self):
+            # Allowed to see dataset, but perhaps not run processors (need privileges.admin.can_manipulate_all_datasets or dataset ownership)
+            return True
 
         elif dataset.is_accessible_by(self, role=role):
             return True