Fixes broken access to artefact_snapshot by peer reviewer by extending...

Fixes broken access to artefact_snapshot by peer reviewer by extending EditorReviewViewSet queryset accordingly

- EditorReviewViewSet we also allow detail access to EditorReview record for associated peer reviewers.

- todo improve privacy and optimize data exchange size by removing these extra access,  copying relevant EditorReview fields in PeerReview and avoid fetching whole EditorReview from peer review component.

ref #374

micorr/reviews/views.py

@@ -113,10 +113,13 @@ class EditorReviewViewSet(viewsets.ModelViewSet):
                 # "Main administrator" members have access to all editor reviews
                 queryset = EditorReview.objects.all()
             else:
-                # returns only editorreview  records related to authenticated user's publications
-                # and only for single record (self.detail for author-review) or
+                # returns only editorreview  records related to authenticated user's publications or peer_review
+                # and only for single record (self.detail for author-review or editor-review)
+                if self.detail:
+                    queryset = EditorReview.objects.filter(
+                        publication__artefact__object__user=user) | EditorReview.objects.filter(peer_reviews__user=user)
                 # in case of list view for author component only (when requested with query_params set)
-                if self.detail or 'publication__artefact__object__user' in self.request.query_params:
+                elif 'publication__artefact__object__user' in self.request.query_params:
                     queryset = EditorReview.objects.filter(publication__artefact__object__user=user)
         return queryset