From 7a6859d6de5c9f575d202facc613ffdb940d747f Mon Sep 17 00:00:00 2001
From: afwillia <anthony.williams@sagebase.org>
Date: Tue, 4 Jun 2024 12:20:43 -0700
Subject: [PATCH 1/2] check config for enabling schematic validate cross
 manifest validation. Remove project scope from validation query

---
 server.R | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/server.R b/server.R
index d28a88f3..2e6bdf00 100644
--- a/server.R
+++ b/server.R
@@ -806,7 +806,10 @@ shinyServer(function(input, output, session) {
     # asset view must be NULL to avoid cross-manifest validation.
     # doing this in a verbose way to avoid warning with ifelse
     .asset_view <- NULL
-    if (!is.null(.project_scope)) .asset_view <- selected$master_asset_view()
+    if (!is.null(dcc_config_react()$schematic$model_validate$enable_cross_manifest_validation) &
+        isTRUE(dcc_config_react()$schematic$model_validate$enable_cross_manifest_validation)) {
+      .asset_view <- selected$master_asset_view()
+    }
 
     promises::future_promise({
       annotation_status <- switch(dca_schematic_api,
@@ -822,7 +825,7 @@ shinyServer(function(input, output, session) {
           data_type = .schema,
           file_name = .datapath,
           restrict_rules = .restrict_rules,
-          project_scope = .project_scope,
+          #project_scope = .project_scope,
           access_token = .access_token,
           data_model_labels = .data_model_labels,
           asset_view = .asset_view

From 3b4ea14545a9b8fdc7bf923f9799099c84f73f44 Mon Sep 17 00:00:00 2001
From: afwillia <anthony.williams@sagebase.org>
Date: Tue, 4 Jun 2024 14:02:22 -0700
Subject: [PATCH 2/2] Check that user is certified before checking for asset
 view permissions.

---
 server.R | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/server.R b/server.R
index 2e6bdf00..8f3ed576 100644
--- a/server.R
+++ b/server.R
@@ -127,18 +127,7 @@ shinyServer(function(input, output, session) {
 
     if (dca_schematic_api != "offline") {
       access_token <- session$userData$access_token
-      has_access <- vapply(all_asset_views, function(x) {
-        synapse_access(id = x, access = "DOWNLOAD", auth = access_token)
-      }, 1L)
-      asset_views(all_asset_views[has_access == 1])
-
-      if (length(asset_views) == 0) stop("You do not have DOWNLOAD access to any supported Asset Views.")
-      updateSelectInput(session, "dropdown_asset_view",
-        choices = asset_views()
-      )
-
       user_name <- synapse_user_profile(auth = access_token)$firstName
-
       is_certified <- synapse_is_certified(auth = access_token)
       if (!is_certified) {
         dcWaiter("update", landing = TRUE, isCertified = FALSE)
@@ -146,6 +135,16 @@ shinyServer(function(input, output, session) {
         # update waiter loading screen once login successful
         dcWaiter("update", landing = TRUE, userName = user_name)
       }
+      
+      has_access <- vapply(all_asset_views, function(x) {
+        synapse_access(id = x, access = "DOWNLOAD", auth = access_token)
+      }, 1L)
+      asset_views(all_asset_views[has_access == 1])
+      
+      if (length(asset_views) == 0) stop("You do not have DOWNLOAD access to any supported Asset Views.")
+      updateSelectInput(session, "dropdown_asset_view",
+                        choices = asset_views()
+      )
     } else {
       updateSelectInput(session, "dropdown_asset_view",
         choices = c("Offline mock data (synXXXXXX)" = "synXXXXXX")