aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-05-25 06:02:38 +0300
committerFrederick Muriuki Muriithi2023-05-25 06:18:25 +0300
commit8593d882ed1eea226eeefabaa66135df2374746f (patch)
tree972d233da4b6fa9238263277b579880e0862aeaa
parent5f9f4ff97c27a0f34a86eec516ab3f58faf5937e (diff)
downloadgenenetwork3-8593d882ed1eea226eeefabaa66135df2374746f.tar.gz
Set whether resource is publicly viewable on creation
-rw-r--r--gn3/auth/authorisation/resources/models.py6
-rw-r--r--gn3/auth/authorisation/resources/views.py8
-rw-r--r--tests/unit/auth/test_resources.py5
3 files changed, 12 insertions, 7 deletions
diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py
index e54ec48..2016960 100644
--- a/gn3/auth/authorisation/resources/models.py
+++ b/gn3/auth/authorisation/resources/models.py
@@ -84,7 +84,8 @@ def __assign_resource_owner_role__(cursor, resource, user):
oauth2_scope="profile resource")
def create_resource(
conn: db.DbConnection, resource_name: str,
- resource_category: ResourceCategory, user: User) -> Resource:
+ resource_category: ResourceCategory, user: User,
+ public: bool) -> Resource:
"""Create a resource item."""
with db.cursor(conn) as cursor:
group = user_group(conn, user).maybe(
@@ -92,7 +93,8 @@ def create_resource(
if not group:
raise MissingGroupError(
"User with no group cannot create a resource.")
- resource = Resource(group, uuid4(), resource_name, resource_category, False)
+ resource = Resource(
+ group, uuid4(), resource_name, resource_category, public)
cursor.execute(
"INSERT INTO resources VALUES (?, ?, ?, ?, ?)",
(str(resource.group.group_id), str(resource.resource_id),
diff --git a/gn3/auth/authorisation/resources/views.py b/gn3/auth/authorisation/resources/views.py
index c8bff6a..396a57e 100644
--- a/gn3/auth/authorisation/resources/views.py
+++ b/gn3/auth/authorisation/resources/views.py
@@ -47,9 +47,11 @@ def create_resource() -> Response:
with db.connection(db_uri) as conn:
try:
resource = _create_resource(
- conn, resource_name, resource_category_by_id(
- conn, resource_category_id),
- the_token.user)
+ conn,
+ resource_name,
+ resource_category_by_id(conn, resource_category_id),
+ the_token.user,
+ (form.get("public") == "on"))
return jsonify(dictify(resource))
except sqlite3.IntegrityError as sql3ie:
if sql3ie.args[0] == ("UNIQUE constraint failed: "
diff --git a/tests/unit/auth/test_resources.py b/tests/unit/auth/test_resources.py
index 840c008..2884add 100644
--- a/tests/unit/auth/test_resources.py
+++ b/tests/unit/auth/test_resources.py
@@ -37,7 +37,8 @@ def test_create_resource(mocker, fxtr_users_in_group, user, expected):
mocker.patch("gn3.auth.authorisation.checks.require_oauth.acquire",
conftest.get_tokeniser(user))
conn, _group, _users = fxtr_users_in_group
- resource = create_resource(conn, "test_resource", resource_category, user)
+ resource = create_resource(
+ conn, "test_resource", resource_category, user, False)
assert resource == expected
with db.cursor(conn) as cursor:
@@ -68,7 +69,7 @@ def test_create_resource_raises_for_unauthorised_users(
conn, _group, _users = fxtr_users_in_group
with pytest.raises(AuthorisationError):
assert create_resource(
- conn, "test_resource", resource_category, user) == expected
+ conn, "test_resource", resource_category, user, False) == expected
SORTKEY = lambda resource: resource.resource_id