We're updating the issue view to help you get more done. 

Non-admin users cannot view bodies when requesting multiple transactions through the API

Description

The Medscheme failures report needs to retrieve request and response message bodies.
The report needs to run as a non-admin user and make API calls (/transactions?filterRepresentation=full) to OpenHIM core to retrieve data.
On the API call for getTransactions(), the filter representation is overridden for non-admin users to (default) a value that causes request and response bodies to not be returned by the call.
See https://github.com/jembi/openhim-core-js/blob/0ee8da5bc7661ce160d71d38b4d1a367a7b578cd/src/api/transactions.js#L136-L137.
It should be smarter in allowing certain properties based on whether or not the user has `txViewFullAcl` for the transaction's channel.

Status

Assignee

Martin Brocker

Reporter

Brett Ausmeier

Labels

None

Funders Code

None

Sprint

None

Story Points

3

Due Date

None

Fix versions

Priority

Major