auth: resources: Enable assigning a user roles on resources

author: Frederick Muriuki Muriithi 2023-03-06 14:57:53 +0300
committer: Frederick Muriuki Muriithi 2023-03-06 14:57:53 +0300
commit: 98e93be1b8e5353656e18f1452026db6f2902e6c (patch)
tree: 2547ab9284e1a1718b35faf92d8aa68e9d42b283 /gn3/auth/authorisation/users/models.py
parent: 4fc72af7e851f12a9f4edc98b0a55c66c9bf1b13 (diff)
download: genenetwork3-98e93be1b8e5353656e18f1452026db6f2902e6c.tar.gz
1 files changed, 19 insertions, 0 deletions
diff --git a/gn3/auth/authorisation/users/models.py b/gn3/auth/authorisation/users/models.py
new file mode 100644
index 0000000..844a8a9
--- /dev/null
+++ b/gn3/auth/authorisation/users/models.py
@@ -0,0 +1,19 @@
+"""Functions for acting on users."""
+import uuid
+
+from gn3.auth import db
+from gn3.auth.authorisation.checks import authorised_p
+
+from gn3.auth.authentication.users import User
+
+@authorised_p(
+    ("system:user:list",),
+    "You do not have the appropriate privileges to list users.",
+    oauth2_scope="profile user")
+def list_users(conn: db.DbConnection) -> tuple[User, ...]:
+    """List out all users."""
+    with db.cursor(conn) as cursor:
+        cursor.execute("SELECT * FROM users")
+        return tuple(
+            User(uuid.UUID(row["user_id"]), row["email"], row["name"])
+            for row in cursor.fetchall())
author	Frederick Muriuki Muriithi	2023-03-06 14:57:53 +0300
committer	Frederick Muriuki Muriithi	2023-03-06 14:57:53 +0300
commit	98e93be1b8e5353656e18f1452026db6f2902e6c (patch)
tree	2547ab9284e1a1718b35faf92d8aa68e9d42b283 /gn3/auth/authorisation/users/models.py
parent	4fc72af7e851f12a9f4edc98b0a55c66c9bf1b13 (diff)
download	genenetwork3-98e93be1b8e5353656e18f1452026db6f2902e6c.tar.gz