diff options
author | Frederick Muriuki Muriithi | 2023-01-31 14:13:35 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-01-31 14:13:35 +0300 |
commit | 6fc120aca6062f96725adaece85a7b76000affda (patch) | |
tree | 915999652c153d0f25724ce61dfb965223646251 /gn3/auth | |
parent | 83a8bf8e45951b771b476d2200ed1b69e4904975 (diff) | |
download | genenetwork3-6fc120aca6062f96725adaece85a7b76000affda.tar.gz |
auth: Retrieve group members.
Diffstat (limited to 'gn3/auth')
-rw-r--r-- | gn3/auth/authorisation/groups.py | 12 | ||||
-rw-r--r-- | gn3/auth/authorisation/views.py | 14 |
2 files changed, 24 insertions, 2 deletions
diff --git a/gn3/auth/authorisation/groups.py b/gn3/auth/authorisation/groups.py index 0e022ee..c691457 100644 --- a/gn3/auth/authorisation/groups.py +++ b/gn3/auth/authorisation/groups.py @@ -209,3 +209,15 @@ def add_user_to_group(cursor: db.DbCursor, the_group: Group, user: User): ("INSERT INTO group_users VALUES (:group_id, :user_id) " "ON CONFLICT (group_id, user_id) DO NOTHING"), {"group_id": str(the_group.group_id), "user_id": str(user.user_id)}) + +def group_users(conn: db.DbConnection, group_id: UUID) -> Iterable[User]: + """Retrieve all users that are members of group with id `group_id`.""" + with db.cursor(conn) as cursor: + cursor.execute( + "SELECT u.* FROM group_users AS gu INNER JOIN users AS u " + "ON gu.user_id = u.user_id WHERE gu.group_id=:group_id", + {"group_id": str(group_id)}) + results = cursor.fetchall() + + return (User(UUID(row["user_id"]), row["email"], row["name"]) + for row in results) diff --git a/gn3/auth/authorisation/views.py b/gn3/auth/authorisation/views.py index 6cab0df..03c4b03 100644 --- a/gn3/auth/authorisation/views.py +++ b/gn3/auth/authorisation/views.py @@ -15,7 +15,7 @@ from .resources import user_resources as _user_resources from .roles import user_role, assign_default_roles, user_roles as _user_roles from .groups import ( all_groups, GroupCreationError, user_group as _user_group, - create_group as _create_group) + group_users as _group_users, create_group as _create_group) from ..authentication.oauth2.resource_server import require_oauth from ..authentication.users import save_user, set_user_password @@ -162,7 +162,7 @@ def role(role_id: uuid.UUID) -> Response: __error__, lambda a_role: jsonify(dictify(a_role))) @oauth2.route("/user-group", methods=["GET"]) -@require_oauth("group") +@require_oauth("profile group") def user_group(): """Retrieve the group in which the user is a member.""" with require_oauth.acquire("profile group") as the_token: @@ -185,3 +185,13 @@ def user_resources(): return jsonify([ dictify(resource) for resource in _user_resources(conn, the_token.user)]) + +@oauth2.route("/group-users/<uuid:group_id>", methods=["GET"]) +@require_oauth("profile group") +def group_users(group_id: uuid.UUID) -> Response: + """Retrieve all the members of a group.""" + with require_oauth.acquire("profile group") as the_token: + db_uri = current_app.config["AUTH_DB"] + with db.connection(db_uri) as conn: + return jsonify(tuple( + dictify(user) for user in _group_users(conn, group_id))) |