From 2e130cbd7e64d76a170fd87b8120c250cce768c3 Mon Sep 17 00:00:00 2001
From: Nitay Rabinovich <nitayrabi@gmail.com>
Date: Sat, 5 May 2018 20:11:54 +0300
Subject: [PATCH] Open `camps_all` and `arts_all` for supplier managers (camps
 and art admins) (#947)

---
 libs/user_role.js                    | 2 +-
 routes/api-18/routers/main.router.js | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/libs/user_role.js b/libs/user_role.js
index 52cb5448b..f93ecad6d 100644
--- a/libs/user_role.js
+++ b/libs/user_role.js
@@ -43,7 +43,7 @@ userRole.isGateManager = function () {
 userRole.isAllowedToViewSuppliers = function () {
     return (req, res, next) => {
         const user = req.user;
-        if (user.isAdmin || user.isCampManager || user.isGateManager || user.isCampsAdmin) {
+        if (user.isAdmin || user.isCampManager || user.isGateManager || user.isCampsAdmin || user.isArtInstallationsAdmin) {
             next();
         } else {
             next('route'); //TODO: set redirect route
diff --git a/routes/api-18/routers/main.router.js b/routes/api-18/routers/main.router.js
index cbfd972c5..b7f82570b 100644
--- a/routes/api-18/routers/main.router.js
+++ b/routes/api-18/routers/main.router.js
@@ -49,13 +49,13 @@ class MainRouter {
          * request => /camps_open
          */
         this.router.route('/camps_all')
-            .get([userRole.isCampsAdmin()],
+            .get([userRole.isAllowedToViewSuppliers()],
             (req, res) => campsService.retrieveDataFor(constants.prototype_camps.THEME_CAMP.id,req.user).then(result => res.status(result.status).json(result.data)));
         this.router.route('/prod_dep_all')
             .get(userRole.isProdDepsAdmin(),
             (req, res) => campsService.retrieveDataFor(constants.prototype_camps.PROD_DEP.id,req.user).then(result => res.status(result.status).json(result.data)));
         this.router.route('/art_all')
-            .get(userRole.isArtInstallationsAdmin(),
+            .get(userRole.isAllowedToViewSuppliers(),
             (req, res) => campsService.retrieveDataFor(constants.prototype_camps.ART_INSTALLATION.id,req.user).then(result => res.status(result.status).json(result.data)));
         /**
          * TODO - this should move under camps prefix - who uses these api's