diff --git a/src/services/ReviewService.js b/src/services/ReviewService.js index a8ec3f0..76f62d6 100644 --- a/src/services/ReviewService.js +++ b/src/services/ReviewService.js @@ -165,7 +165,7 @@ async function createReview (authUser, entity) { entity ) - if (_.intersection(authUser.roles, ['Administrator', 'administrator']).length === 0 && !authUser.scopes) { + if (_.intersection(authUser.roles, ['Administrator', 'administrator', 'tgadmin']).length === 0 && !authUser.scopes) { if (entity.reviewedDate) { throw new errors.HttpStatusError(403, 'You are not allowed to set the `reviewedDate` attribute on a review') } diff --git a/src/services/ReviewSummationService.js b/src/services/ReviewSummationService.js index 6d59684..d56dabe 100644 --- a/src/services/ReviewSummationService.js +++ b/src/services/ReviewSummationService.js @@ -102,7 +102,7 @@ async function createReviewSummation (authUser, entity) { item.isFinal = entity.isFinal } - if (_.intersection(authUser.roles, ['Administrator', 'administrator']).length === 0 && !authUser.scopes) { + if (_.intersection(authUser.roles, ['Administrator', 'administrator', 'tgadmin']).length === 0 && !authUser.scopes) { if (entity.reviewedDate) { throw new errors.HttpStatusError(403, 'You are not allowed to set the `reviewedDate` attribute on a review summation') } diff --git a/src/services/SubmissionService.js b/src/services/SubmissionService.js index c9f7c1e..5635a94 100755 --- a/src/services/SubmissionService.js +++ b/src/services/SubmissionService.js @@ -403,7 +403,7 @@ async function createSubmission (authUser, files, entity) { } logger.info('Check User access before creating the submission') - if (_.intersection(authUser.roles, ['Administrator', 'administrator']).length === 0 && !authUser.scopes) { + if (_.intersection(authUser.roles, ['Administrator', 'administrator', 'tgadmin']).length === 0 && !authUser.scopes) { await helper.checkCreateAccess(authUser, item.memberId, challenge) if (entity.submittedDate) {