fix: allow AWARD_MASTER role to access project files

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-06 16:34:38 -04:00
parent a002f544a6
commit de12b232d9
1 changed files with 5 additions and 5 deletions
--- a/src/server/routers/file.ts
+++ b/src/server/routers/file.ts
@@ -22,7 +22,7 @@ export const fileRouter = router({
      })
    )
    .query(async ({ ctx, input }) => {
-      const isAdminOrObserver = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'OBSERVER'].includes(ctx.user.role)
+      const isAdminOrObserver = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'OBSERVER', 'AWARD_MASTER'].includes(ctx.user.role)
      if (!isAdminOrObserver) {
        const file = await ctx.prisma.projectFile.findFirst({
@@ -307,7 +307,7 @@ export const fileRouter = router({
      roundId: z.string().optional(),
    }))
    .query(async ({ ctx, input }) => {
-      const isAdminOrObserver = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'OBSERVER'].includes(ctx.user.role)
+      const isAdminOrObserver = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'OBSERVER', 'AWARD_MASTER'].includes(ctx.user.role)
      if (!isAdminOrObserver) {
        const [juryAssignment, mentorAssignment, teamMembership] = await Promise.all([
@@ -376,7 +376,7 @@ export const fileRouter = router({
      roundId: z.string(),
    }))
    .query(async ({ ctx, input }) => {
-      const isAdminOrObserver = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'OBSERVER'].includes(ctx.user.role)
+      const isAdminOrObserver = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'OBSERVER', 'AWARD_MASTER'].includes(ctx.user.role)
      if (!isAdminOrObserver) {
        const [juryAssignment, mentorAssignment, teamMembership] = await Promise.all([
@@ -496,7 +496,7 @@ export const fileRouter = router({
      })
    )
    .mutation(async ({ ctx, input }) => {
-      const isAdminOrObserver = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'OBSERVER'].includes(ctx.user.role)
+      const isAdminOrObserver = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'OBSERVER', 'AWARD_MASTER'].includes(ctx.user.role)
      if (!isAdminOrObserver) {
        // Check user has access to the project (assigned or team member)
@@ -680,7 +680,7 @@ export const fileRouter = router({
      })
    )
    .query(async ({ ctx, input }) => {
-      const isAdminOrObserver = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'OBSERVER'].includes(ctx.user.role)
+      const isAdminOrObserver = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'OBSERVER', 'AWARD_MASTER'].includes(ctx.user.role)
      if (!isAdminOrObserver) {
        const [assignment, mentorAssignment, teamMembership] = await Promise.all([