4dn-dcic · willronchetti · Feb 5, 2024 · Jan 31, 2024 · Jan 31, 2024 · Feb 5, 2024
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -6,6 +6,11 @@ snovault
 Change Log
 ----------
 
+11.9.1.0b0
+==========
+
+* Removes strip of ``role.`` permissions so smaht-portal roles work
+
 
 11.9.0
 ======
@@ -71,7 +76,7 @@ Change Log
 11.0.1
 ======
 
-* Repair reference to ``load_data_by_type`` to resolve correctly when loadxl 
+* Repair reference to ``load_data_by_type`` to resolve correctly when loadxl
   is absent entirely from the application repo
 
 

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "dcicsnovault"
-version = "11.9.0"
+version = "11.9.1.0b0"  # to become 11.10.0
 description = "Storage support for 4DN Data Portals."
 authors = ["4DN-DCIC Team <[email protected]>"]
 license = "MIT"

diff --git a/snovault/resources.py b/snovault/resources.py
@@ -736,8 +736,11 @@ def principals_allowed(self):
             elif Authenticated in principals:
                 principals = [Authenticated]
             # Filter our roles
+            # NOTE: previously, we removed things that began with role. however this
+            # breaks how smaht-portal permissioning is implemented, so we are no longer
+            # suppressing them - Will Jan 31 2024
             allowed[permission] = [
-                p for p in sorted(principals) if not p.startswith('role.')
+                p for p in sorted(principals)  # if not p.startswith('role.')
             ]
         return allowed