diff options
author | Frederick Muriuki Muriithi | 2023-05-25 06:02:38 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-05-25 06:18:25 +0300 |
commit | 8593d882ed1eea226eeefabaa66135df2374746f (patch) | |
tree | 972d233da4b6fa9238263277b579880e0862aeaa | |
parent | 5f9f4ff97c27a0f34a86eec516ab3f58faf5937e (diff) | |
download | genenetwork3-8593d882ed1eea226eeefabaa66135df2374746f.tar.gz |
Set whether resource is publicly viewable on creation
-rw-r--r-- | gn3/auth/authorisation/resources/models.py | 6 | ||||
-rw-r--r-- | gn3/auth/authorisation/resources/views.py | 8 | ||||
-rw-r--r-- | tests/unit/auth/test_resources.py | 5 |
3 files changed, 12 insertions, 7 deletions
diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py index e54ec48..2016960 100644 --- a/gn3/auth/authorisation/resources/models.py +++ b/gn3/auth/authorisation/resources/models.py @@ -84,7 +84,8 @@ def __assign_resource_owner_role__(cursor, resource, user): oauth2_scope="profile resource") def create_resource( conn: db.DbConnection, resource_name: str, - resource_category: ResourceCategory, user: User) -> Resource: + resource_category: ResourceCategory, user: User, + public: bool) -> Resource: """Create a resource item.""" with db.cursor(conn) as cursor: group = user_group(conn, user).maybe( @@ -92,7 +93,8 @@ def create_resource( if not group: raise MissingGroupError( "User with no group cannot create a resource.") - resource = Resource(group, uuid4(), resource_name, resource_category, False) + resource = Resource( + group, uuid4(), resource_name, resource_category, public) cursor.execute( "INSERT INTO resources VALUES (?, ?, ?, ?, ?)", (str(resource.group.group_id), str(resource.resource_id), diff --git a/gn3/auth/authorisation/resources/views.py b/gn3/auth/authorisation/resources/views.py index c8bff6a..396a57e 100644 --- a/gn3/auth/authorisation/resources/views.py +++ b/gn3/auth/authorisation/resources/views.py @@ -47,9 +47,11 @@ def create_resource() -> Response: with db.connection(db_uri) as conn: try: resource = _create_resource( - conn, resource_name, resource_category_by_id( - conn, resource_category_id), - the_token.user) + conn, + resource_name, + resource_category_by_id(conn, resource_category_id), + the_token.user, + (form.get("public") == "on")) return jsonify(dictify(resource)) except sqlite3.IntegrityError as sql3ie: if sql3ie.args[0] == ("UNIQUE constraint failed: " diff --git a/tests/unit/auth/test_resources.py b/tests/unit/auth/test_resources.py index 840c008..2884add 100644 --- a/tests/unit/auth/test_resources.py +++ b/tests/unit/auth/test_resources.py @@ -37,7 +37,8 @@ def test_create_resource(mocker, fxtr_users_in_group, user, expected): mocker.patch("gn3.auth.authorisation.checks.require_oauth.acquire", conftest.get_tokeniser(user)) conn, _group, _users = fxtr_users_in_group - resource = create_resource(conn, "test_resource", resource_category, user) + resource = create_resource( + conn, "test_resource", resource_category, user, False) assert resource == expected with db.cursor(conn) as cursor: @@ -68,7 +69,7 @@ def test_create_resource_raises_for_unauthorised_users( conn, _group, _users = fxtr_users_in_group with pytest.raises(AuthorisationError): assert create_resource( - conn, "test_resource", resource_category, user) == expected + conn, "test_resource", resource_category, user, False) == expected SORTKEY = lambda resource: resource.resource_id |