Commit 0533862c authored by Ivo Fokkema's avatar Ivo Fokkema

Use a setting for determining who gets to delete an individual, instead of...

Use a setting for determining who gets to delete an individual, instead of having LEVEL_CURATOR set in different places.
parent e663978a
......@@ -164,6 +164,7 @@ $_SETT = array(
array(
// Checking for LEVEL_COLLABORATOR assumes lovd_isAuthorized()
// has already been called for gene-specific overviews.
'delete_individual' => (LOVD_plus? LEVEL_ADMIN : LEVEL_CURATOR),
'delete_variant' => (LOVD_plus? LEVEL_ADMIN : LEVEL_CURATOR),
// The see_nonpublic_data setting currently also defines the visibility
// of the status, created* and edited* fields.
......
......@@ -4,7 +4,7 @@
* LEIDEN OPEN VARIATION DATABASE (LOVD)
*
* Created : 2011-02-16
* Modified : 2019-08-27
* Modified : 2019-10-01
* For LOVD : 3.0-22
*
* Copyright : 2004-2019 Leiden University Medical Center; http://www.LUMC.nl/
......@@ -121,7 +121,7 @@ if (PATH_COUNT == 2 && ctype_digit($_PE[1]) && !ACTION) {
$aNavigation['phenotypes?create&target=' . $nID] = array('menu_plus.png', 'Add phenotype information to individual', 1);
}
$aNavigation['screenings?create&target=' . $nID] = array('menu_plus.png', 'Add screening to individual', 1);
if ($_AUTH['level'] >= LEVEL_CURATOR) {
if ($_AUTH['level'] >= $_SETT['user_level_settings']['delete_individual']) {
$aNavigation[CURRENT_PATH . '?delete'] = array('cross.png', 'Delete individual entry', 1);
}
}
......@@ -522,7 +522,7 @@ if (PATH_COUNT == 2 && ctype_digit($_PE[1]) && ACTION == 'delete') {
// FIXME: What if individual also contains other user's data?
lovd_isAuthorized('individual', $nID);
lovd_requireAUTH(LEVEL_CURATOR);
lovd_requireAUTH($_SETT['user_level_settings']['delete_individual']);
require ROOT_PATH . 'class/object_individuals.php';
$_DATA = new LOVD_Individual();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment