Merge pull request #790 from topcoder-platform/pm-974

hentrymartin · web-flow · commit d61ed771e0bf · 2025-03-28T01:53:09.000+01:00
fix(PM-974): allow project manager to view all projects
diff --git a/src/permissions/constants.js b/src/permissions/constants.js
@@ -191,6 +191,7 @@ export const PERMISSION = { // eslint-disable-line import/prefer-default-export
     topcoderRoles: [
       ...TOPCODER_ROLES_ADMINS,
       USER_ROLE.MANAGER,
+      USER_ROLE.PROJECT_MANAGER,
     ],
     projectRoles: ALL,
     scopes: SCOPES_PROJECTS_READ,
@@ -205,6 +206,7 @@ export const PERMISSION = { // eslint-disable-line import/prefer-default-export
     topcoderRoles: [
       ...TOPCODER_ROLES_ADMINS,
       USER_ROLE.MANAGER,
+      USER_ROLE.PROJECT_MANAGER,
     ],
     scopes: SCOPES_PROJECTS_READ,
   },
diff --git a/src/routes/projects/list.js b/src/routes/projects/list.js
@@ -661,6 +661,7 @@ module.exports = [
       (sort && _.indexOf(sortableProps, sort) < 0)) {
       return util.handleError('Invalid filters or sort', null, req, next);
     }
+
     // check if user only wants to retrieve projects where he/she is a member
     const memberOnly = _.get(filters, 'memberOnly', false);
     filters = _.omit(filters, 'memberOnly');
@@ -674,7 +675,7 @@ module.exports = [
     };
     req.log.info(criteria);
     // TODO refactor (DRY) code below so we don't repeat the same logic for admins and non-admin users
-    if (!memberOnly && util.hasPermission(PERMISSION.READ_PROJECT_ANY, req.authUser)) {
+    if (memberOnly !== 'true' && util.hasPermission(PERMISSION.READ_PROJECT_ANY, req.authUser)) {
       // admins & topcoder managers can see all projects
       return retrieveProjects(req, criteria, sort, req.query.fields)
         .then((result) => {
