diff options
| author | Frederick Muriuki Muriithi | 2022-11-24 13:42:37 +0300 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2022-11-24 13:52:29 +0300 |
| commit | 021b8dfcb99928b363e4546f626e3deb5793e392 (patch) | |
| tree | 107182d01dc7e5fd802fadb4e12cd88867748c36 /gn3/auth/authorisation/resources.py | |
| parent | bac3865f7c0d625f2932e1c3fb001cc6a0048921 (diff) | |
| download | genenetwork3-021b8dfcb99928b363e4546f626e3deb5793e392.tar.gz | |
auth: Implement `create_resource` function
* gn3/auth/authentication/checks.py: new `authenticated_p` decorator to apply
on any function that requires the user to be authenticated before it runs.
* gn3/auth/authorisation/checks.py: use a `auth.authentication.users.User`
object rather than a UUID object in the global `g`.
* gn3/auth/authorisation/groups.py: Implement the `authenticated_user_group`
function to get the group(s) in which the currently authenticated user
belongs.
* gn3/auth/authorisation/resources.py: Implement the `create_resource`
function correctly.
* tests/unit/auth/conftest.py: extract the User objects into a global variable
for reusability with the tests.
* tests/unit/auth/test_resources.py: Use global user objects from conftest in
the tests. Set a User object (rather than UUID) in the global `g` variable.
Diffstat (limited to 'gn3/auth/authorisation/resources.py')
| -rw-r--r-- | gn3/auth/authorisation/resources.py | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/gn3/auth/authorisation/resources.py b/gn3/auth/authorisation/resources.py index d01c435..f0a4b3a 100644 --- a/gn3/auth/authorisation/resources.py +++ b/gn3/auth/authorisation/resources.py @@ -1,10 +1,14 @@ """Handle the management of resources.""" -from uuid import UUID +from uuid import UUID, uuid4 from typing import NamedTuple from gn3.auth import db -from .groups import Group from .checks import authorised_p +from .exceptions import AuthorisationError +from .groups import Group, authenticated_user_group + +class MissingGroupError(AuthorisationError): + """Raised for any resource operation without a group.""" class ResourceCategory(NamedTuple): """Class representing a resource category.""" @@ -22,6 +26,18 @@ class Resource(NamedTuple): @authorised_p(("create-resource",), error_message="Could not create resource") def create_resource( conn: db.DbConnection, resource_name: str, - resource_category: ResourceCategory): + resource_category: ResourceCategory) -> Resource: """Create a resource item.""" - return tuple() + with db.cursor(conn) as cursor: + group = authenticated_user_group(conn).maybe(False, lambda val: val) + if not group: + raise MissingGroupError( + "User with no group cannot create a resource.") + resource = Resource(group, uuid4(), resource_name, resource_category) + cursor.execute( + ("INSERT INTO resources VALUES (?, ?, ?, ?)"), + (str(resource.group.group_id), str(resource.resource_id), + resource_name, + str(resource.resource_category.resource_category_id))) + + return resource |