aboutsummaryrefslogtreecommitdiff
path: root/gn3/auth/authorisation/resources.py
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2022-11-24 13:42:37 +0300
committerFrederick Muriuki Muriithi2022-11-24 13:52:29 +0300
commit021b8dfcb99928b363e4546f626e3deb5793e392 (patch)
tree107182d01dc7e5fd802fadb4e12cd88867748c36 /gn3/auth/authorisation/resources.py
parentbac3865f7c0d625f2932e1c3fb001cc6a0048921 (diff)
downloadgenenetwork3-021b8dfcb99928b363e4546f626e3deb5793e392.tar.gz
auth: Implement `create_resource` function
* gn3/auth/authentication/checks.py: new `authenticated_p` decorator to apply on any function that requires the user to be authenticated before it runs. * gn3/auth/authorisation/checks.py: use a `auth.authentication.users.User` object rather than a UUID object in the global `g`. * gn3/auth/authorisation/groups.py: Implement the `authenticated_user_group` function to get the group(s) in which the currently authenticated user belongs. * gn3/auth/authorisation/resources.py: Implement the `create_resource` function correctly. * tests/unit/auth/conftest.py: extract the User objects into a global variable for reusability with the tests. * tests/unit/auth/test_resources.py: Use global user objects from conftest in the tests. Set a User object (rather than UUID) in the global `g` variable.
Diffstat (limited to 'gn3/auth/authorisation/resources.py')
-rw-r--r--gn3/auth/authorisation/resources.py24
1 files changed, 20 insertions, 4 deletions
diff --git a/gn3/auth/authorisation/resources.py b/gn3/auth/authorisation/resources.py
index d01c435..f0a4b3a 100644
--- a/gn3/auth/authorisation/resources.py
+++ b/gn3/auth/authorisation/resources.py
@@ -1,10 +1,14 @@
"""Handle the management of resources."""
-from uuid import UUID
+from uuid import UUID, uuid4
from typing import NamedTuple
from gn3.auth import db
-from .groups import Group
from .checks import authorised_p
+from .exceptions import AuthorisationError
+from .groups import Group, authenticated_user_group
+
+class MissingGroupError(AuthorisationError):
+ """Raised for any resource operation without a group."""
class ResourceCategory(NamedTuple):
"""Class representing a resource category."""
@@ -22,6 +26,18 @@ class Resource(NamedTuple):
@authorised_p(("create-resource",), error_message="Could not create resource")
def create_resource(
conn: db.DbConnection, resource_name: str,
- resource_category: ResourceCategory):
+ resource_category: ResourceCategory) -> Resource:
"""Create a resource item."""
- return tuple()
+ with db.cursor(conn) as cursor:
+ group = authenticated_user_group(conn).maybe(False, lambda val: val)
+ if not group:
+ raise MissingGroupError(
+ "User with no group cannot create a resource.")
+ resource = Resource(group, uuid4(), resource_name, resource_category)
+ cursor.execute(
+ ("INSERT INTO resources VALUES (?, ?, ?, ?)"),
+ (str(resource.group.group_id), str(resource.resource_id),
+ resource_name,
+ str(resource.resource_category.resource_category_id)))
+
+ return resource