update with main

app/modules/encounters/resources.py

@@ -249,7 +249,7 @@ class EncounterExport(Resource):
     )
     def post(self):
         search = request.get_json()
-        encs = Encounter.elasticsearch(search)
+        encs = Encounter.elasticsearch(search, limit=15000)
         if not encs:
             abort(400, 'No results to export')
         from flask import send_file

app/modules/individuals/resources.py

@@ -272,7 +272,7 @@ class IndividualExport(Resource):
     )
     def post(self):
         search = request.get_json()
-        indivs = Individual.elasticsearch(search)
+        indivs = Individual.elasticsearch(search, limit=15000)
         if not indivs:
             abort(400, 'No results to export')
         from flask import send_file

app/modules/sightings/resources.py

@@ -149,7 +149,7 @@ class SightingExport(Resource):
     )
     def post(self):
         search = request.get_json()
-        sights = Sighting.elasticsearch(search)
+        sights = Sighting.elasticsearch(search, limit=15000)
         if not sights:
             abort(400, 'No results to export')
         from flask import send_file

app/modules/users/permissions/rules.py

@@ -119,13 +119,13 @@
             'is_admin',
             'is_researcher',
         ],
-        ('Encounter', AccessOperation.READ): ['is_researcher'],
+        ('Encounter', AccessOperation.READ): ['is_researcher', 'is_admin'],
         ('Encounter', AccessOperation.EXPORT): ['is_researcher'],
         ('Encounter', AccessOperation.WRITE): ['is_active'],  # TODO is this still correct
-        ('Sighting', AccessOperation.READ): ['is_researcher'],
+        ('Sighting', AccessOperation.READ): ['is_researcher', 'is_admin'],
         ('Sighting', AccessOperation.WRITE): ['is_active'],
         ('Sighting', AccessOperation.DELETE): ['is_admin'],
-        ('Individual', AccessOperation.READ): ['is_researcher'],
+        ('Individual', AccessOperation.READ): ['is_researcher', 'is_admin'],
         ('Individual', AccessOperation.EXPORT): ['is_researcher'],
         ('Individual', AccessOperation.WRITE): ['is_researcher'],
         ('Individual', AccessOperation.DELETE): ['is_admin'],

tests/modules/collaborations/resources/test_collaboration_usage.py

@@ -16,7 +16,14 @@
     module_unavailable('collaborations'), reason='Collaborations module disabled'
 )
 def test_use_collaboration(
-    flask_app_client, researcher_1, researcher_2, admin_user, test_root, db, request
+    flask_app_client,
+    researcher_1,
+    researcher_2,
+    admin_user,
+    user_manager_user,
+    test_root,
+    db,
+    request,
 ):
     from app.modules.sightings.models import Sighting
 
@@ -33,6 +40,7 @@ def test_use_collaboration(
     assert sighting.user_has_export_permission(researcher_1)
     assert not sighting.user_has_view_permission(researcher_2)
     assert not sighting.user_has_export_permission(researcher_2)
+    assert not sighting.user_has_export_permission(user_manager_user)
 
     # should not work and should give informative error
     ags_resp = asset_group_utils.read_asset_group_sighting(
@@ -44,7 +52,20 @@ def test_use_collaboration(
     )
     assert ags_resp['message'] == access_error
 
-    # create a (view) collab and approve
+    # create a (view) collab (between researcher1 and user_manager_user) and approve
+    create_resp = collab_utils.create_simple_collaboration(
+        flask_app_client, researcher_1, user_manager_user
+    )
+    collab_guid = create_resp.json['guid']
+    collab = collab_utils.get_collab_object_for_user(researcher_1, collab_guid)
+    request.addfinalizer(collab.delete)
+    collab_utils.approve_view_on_collaboration(
+        flask_app_client, collab_guid, user_manager_user, researcher_1
+    )
+    assert sighting.user_has_view_permission(user_manager_user)
+    assert not sighting.user_has_export_permission(user_manager_user)
+
+    # create a (view) collab (between researchers) and approve
     create_resp = collab_utils.create_simple_collaboration(
         flask_app_client, researcher_1, researcher_2
     )