Remove role check for M2M tokens

sharathkumaranbu · sharathkumaranbu · commit cee65ee27939 · 2018-10-18T00:06:41.000+05:30
diff --git a/src/services/SubmissionService.js b/src/services/SubmissionService.js
@@ -90,7 +90,7 @@ function * getSubmission (authUser, submissionId) {
   }
 
   logger.info('Check User access before returning the submission')
-  if (_.intersection(authUser.roles, ['Administrator']).length === 0) {
+  if (_.intersection(authUser.roles, ['Administrator']).length === 0 && !authUser.scopes) {
     yield helper.checkGetAccess(authUser, submissionRecord)
   }
 
@@ -205,7 +205,7 @@ function * createSubmission (authUser, files, entity) {
   }
 
   logger.info('Check User access before creating the submission')
-  if (_.intersection(authUser.roles, ['Administrator']).length === 0) {
+  if (_.intersection(authUser.roles, ['Administrator']).length === 0 && !authUser.scopes) {
     yield helper.checkCreateAccess(authUser, item)
   }
 

Original file line number	Diff line number	Diff line change
`@@ -90,7 +90,7 @@ function * getSubmission (authUser, submissionId) {`
`90`	`90`	`}`
`91`	`91`
`92`	`92`	`logger.info('Check User access before returning the submission')`
`93`		`- if (_.intersection(authUser.roles, ['Administrator']).length === 0) {`
	`93`	`+ if (_.intersection(authUser.roles, ['Administrator']).length === 0 && !authUser.scopes) {`
`94`	`94`	`yield helper.checkGetAccess(authUser, submissionRecord)`
`95`	`95`	`}`
`96`	`96`
`@@ -205,7 +205,7 @@ function * createSubmission (authUser, files, entity) {`
`205`	`205`	`}`
`206`	`206`
`207`	`207`	`logger.info('Check User access before creating the submission')`
`208`		`- if (_.intersection(authUser.roles, ['Administrator']).length === 0) {`
	`208`	`+ if (_.intersection(authUser.roles, ['Administrator']).length === 0 && !authUser.scopes) {`
`209`	`209`	`yield helper.checkCreateAccess(authUser, item)`
`210`	`210`	`}`
`211`	`211`