check permission before displaying link to subject detail in guardian item
From a UX perspective it is bad to display links to pages that a user can not access.
From a security perspective the link already contains sensitive information: The slug is a global unique identifier for a subject.
Note that this is part of the contact form, so the change_contact
and therefore the view_contact
permission is somewhat implied.
However, users might only have that permission in the scope of the
study, i.e. only for subjects who directly participate in that study.
That does not include guardians.
I believe the proper fix would be to allow study-local subject managers to also update guardian data (see #131 (closed)). That is a much more complicated issue though.