[DROP] Add Write access to GroupSource for owners

This is in line with the existing doc on groups access [[1]]. However, a better alternative would be to use a new authz tag for Group as proposed in [[2]]. [1]: https://github.com/nextstrain/docs.nextstrain.org/blob/5b5f71fcfa65463c3920cfbdd340814d2be9e5d9/src/learn/groups/index.rst?plain=1#L122-L128 [2]: #570 (comment)
nextstrain · Aug 23, 2022 · 2adabdb · 2adabdb
1 parent 31f7f9f
commit 2adabdb
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/src/sources/groups.js b/src/sources/groups.js
@@ -277,11 +277,11 @@ function authzPolicy(group) {
     /* eslint-disable no-multi-spaces */
 
     /* All membership roles in a Nextstrain Group can see information about the
-     * group Source instance.
+     * group Source instance. Only Owners can edit the information.
      */
     {tag: Type.Source, role: viewers, allow: [Read]},
     {tag: Type.Source, role: editors, allow: [Read]},
-    {tag: Type.Source, role: owners,  allow: [Read]},
+    {tag: Type.Source, role: owners,  allow: [Read, Write]},
 
     /* Editors and Owners can create/update/delete datasets and narratives, but
      * Viewers can only see them.

diff --git a/test/authz.test.js b/test/authz.test.js
@@ -65,7 +65,7 @@ describe("authz.authorized() and .assertAuthorized()", () => {
     [[mockUser(["test/owners"]),  Read,  testSource],     true],
     [[mockUser(["test/owners"]),  Read,  testDataset],    true],
     [[mockUser(["test/owners"]),  Read,  testNarrative],  true],
-    [[mockUser(["test/owners"]),  Write, testSource],     false],
+    [[mockUser(["test/owners"]),  Write, testSource],     true],
     [[mockUser(["test/owners"]),  Write, testDataset],    true],
     [[mockUser(["test/owners"]),  Write, testNarrative],  true],
 
@@ -101,7 +101,7 @@ describe("authz.authorized() and .assertAuthorized()", () => {
     [[mockUser(["test-private/owners"]),  Read,  testPrivateSource],     true],
     [[mockUser(["test-private/owners"]),  Read,  testPrivateDataset],    true],
     [[mockUser(["test-private/owners"]),  Read,  testPrivateNarrative],  true],
-    [[mockUser(["test-private/owners"]),  Write, testPrivateSource],     false],
+    [[mockUser(["test-private/owners"]),  Write, testPrivateSource],     true],
     [[mockUser(["test-private/owners"]),  Write, testPrivateDataset],    true],
     [[mockUser(["test-private/owners"]),  Write, testPrivateNarrative],  true],
   ];