diff options
| author | Frederick Muriuki Muriithi | 2023-03-18 11:35:36 +0300 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2023-03-18 11:35:36 +0300 |
| commit | f7b27947495b4dc928f6c257286bcb6a7112dbed (patch) | |
| tree | 7fd12449a99ed759b139980fa7733eab27e460c4 /gn3/auth/authorisation/resources/views.py | |
| parent | 30900b963c043939caa4492aca6d130843e048d0 (diff) | |
| download | genenetwork3-f7b27947495b4dc928f6c257286bcb6a7112dbed.tar.gz | |
oauth2: resources: toggle whether a resource is public or not
Diffstat (limited to 'gn3/auth/authorisation/resources/views.py')
| -rw-r--r-- | gn3/auth/authorisation/resources/views.py | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/gn3/auth/authorisation/resources/views.py b/gn3/auth/authorisation/resources/views.py index 6f7b65c..5615b11 100644 --- a/gn3/auth/authorisation/resources/views.py +++ b/gn3/auth/authorisation/resources/views.py @@ -10,9 +10,10 @@ from gn3.auth.db_utils import with_db_connection from .checks import authorised_for from .models import ( - resource_by_id, resource_categories, assign_resource_user, - link_data_to_resource, unassign_resource_user, resource_category_by_id, - unlink_data_from_resource, create_resource as _create_resource) + Resource, save_resource, resource_by_id, resource_categories, + assign_resource_user, link_data_to_resource, unassign_resource_user, + resource_category_by_id, unlink_data_from_resource, + create_resource as _create_resource) from ..roles import Role from ..errors import InvalidData, InconsistencyError, AuthorisationError @@ -214,3 +215,23 @@ def unassign_role_to_user(resource_id: uuid.UUID) -> Response: raise AuthorisationError(aserr.args[0]) from aserr return jsonify(with_db_connection(__assign__)) + +@resources.route("<uuid:resource_id>/toggle-public", methods=["POST"]) +@require_oauth("profile group resource role") +def toggle_public(resource_id: uuid.UUID) -> Response: + """Make a resource public if it is private, or private if public.""" + with require_oauth.acquire("profile group resource") as the_token: + def __toggle__(conn: db.DbConnection) -> Resource: + old_rsc = resource_by_id(conn, the_token.user, resource_id) + return save_resource( + conn, the_token.user, Resource( + old_rsc.group, old_rsc.resource_id, old_rsc.resource_name, + old_rsc.resource_category, not old_rsc.public, + old_rsc.resource_data)) + + resource = with_db_connection(__toggle__) + return jsonify({ + "resource": dictify(resource), + "description": ( + "Made resource public" if resource.public + else "Made resource private")}) |