diff options
author | Frederick Muriuki Muriithi | 2023-02-03 15:16:50 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-02-03 15:16:50 +0300 |
commit | 578424c78a752f302e380bc054e31a03fb1bf913 (patch) | |
tree | 061be3d67f00573b9803f5e8d64500a3a5798a41 | |
parent | e6dd74a3fab65355c0aa187ee31d5ee74a888649 (diff) | |
download | genenetwork3-578424c78a752f302e380bc054e31a03fb1bf913.tar.gz |
oauth: enable resource creation
-rw-r--r-- | gn3/auth/authorisation/resources/models.py | 28 | ||||
-rw-r--r-- | gn3/auth/authorisation/resources/views.py | 36 |
2 files changed, 59 insertions, 5 deletions
diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py index 8d45ef4..df7fdf9 100644 --- a/gn3/auth/authorisation/resources/models.py +++ b/gn3/auth/authorisation/resources/models.py @@ -3,14 +3,15 @@ import json from uuid import UUID, uuid4 from typing import Any, Dict, Sequence, NamedTuple +from pymonad.maybe import Just, Maybe, Nothing + from gn3.auth import db from gn3.auth.dictify import dictify from gn3.auth.authentication.users import User from ..checks import authorised_p from ..errors import AuthorisationError -from ..groups.models import ( - Group, user_group, is_group_leader, authenticated_user_group) +from ..groups.models import Group, user_group, is_group_leader class MissingGroupError(AuthorisationError): """Raised for any resource operation without a group.""" @@ -51,10 +52,11 @@ class Resource(NamedTuple): oauth2_scope="profile resource") def create_resource( conn: db.DbConnection, resource_name: str, - resource_category: ResourceCategory) -> Resource: + resource_category: ResourceCategory, user: User) -> Resource: """Create a resource item.""" with db.cursor(conn) as cursor: - group = authenticated_user_group(conn).maybe(False, lambda val: val)# type: ignore[misc] + group = user_group(cursor, user).maybe( + False, lambda grp: grp)# type: ignore[misc, arg-type] if not group: raise MissingGroupError( "User with no group cannot create a resource.") @@ -65,9 +67,27 @@ def create_resource( resource_name, str(resource.resource_category.resource_category_id), 1 if resource.public else 0)) + # assign_resource_owner_role(conn, resource, user) return resource +def resource_category_by_id( + conn: db.DbConnection, category_id: UUID) -> Maybe[ResourceCategory]: + """Retrieve a resource category by its ID.""" + with db.cursor(conn) as cursor: + cursor.execute( + "SELECT * FROM resource_categories WHERE " + "resource_category_id=?", + (str(category_id),)) + results = cursor.fetchone() + if results: + return Just(ResourceCategory( + UUID(results["resource_category_id"]), + results["resource_category_key"], + results["resource_category_description"])) + + return Nothing + def resource_categories(conn: db.DbConnection) -> Sequence[ResourceCategory]: """Retrieve all available resource categories""" with db.cursor(conn) as cursor: diff --git a/gn3/auth/authorisation/resources/views.py b/gn3/auth/authorisation/resources/views.py index 009cae6..77346bb 100644 --- a/gn3/auth/authorisation/resources/views.py +++ b/gn3/auth/authorisation/resources/views.py @@ -1,4 +1,38 @@ """The views/routes for the resources package""" -from flask import Blueprint +import uuid +from flask import request, jsonify, Blueprint, current_app as app + +from .models import ( + resource_categories, resource_category_by_id, + create_resource as _create_resource) + +from ... import db +from ...dictify import dictify +from ...authentication.oauth2.resource_server import require_oauth resources = Blueprint("resources", __name__) + +@resources.route("/categories", methods=["GET"]) +@require_oauth("profile group resource") +def list_resource_categories(): + """Retrieve all resource categories""" + db_uri = app.config["AUTH_DB"] + with db.connection(db_uri) as conn: + return jsonify(tuple( + dictify(category) for category in resource_categories(conn))) + +@resources.route("/create", methods=["POST"]) +@require_oauth("profile group resource") +def create_resource(): + """Create a new resource""" + with require_oauth.acquire("profile group resource") as the_token: + form = request.form + resource_name = form.get("resource_name") + resource_category_id = uuid.UUID(form.get("resource_category")) + db_uri = app.config["AUTH_DB"] + with db.connection(db_uri) as conn: + resource = _create_resource( + conn, resource_name, resource_category_by_id( + conn, resource_category_id).maybe(False, lambda rcat: rcat), + the_token.user) + return jsonify(dictify(resource)) |