aboutsummaryrefslogtreecommitdiff
path: root/gn3/auth
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2022-12-12 13:31:06 +0300
committerFrederick Muriuki Muriithi2022-12-12 13:31:06 +0300
commit2344e4cd55cc37dac93ab2127a456a39dc4fedbe (patch)
tree962d50b68b639e169182b94a0de18d04f5e5de58 /gn3/auth
parent56b54da6fc6e97d5d6dac70f2393dcc98d93991c (diff)
downloadgenenetwork3-2344e4cd55cc37dac93ab2127a456a39dc4fedbe.tar.gz
auth: Add a way to check whether a user is a group leader
* gn3/auth/authorisation/groups.py: Add `is_group_leader` function
Diffstat (limited to 'gn3/auth')
-rw-r--r--gn3/auth/authorisation/groups.py19
1 files changed, 19 insertions, 0 deletions
diff --git a/gn3/auth/authorisation/groups.py b/gn3/auth/authorisation/groups.py
index dbc9f7d..cb32f00 100644
--- a/gn3/auth/authorisation/groups.py
+++ b/gn3/auth/authorisation/groups.py
@@ -124,3 +124,22 @@ def user_group(cursor: db.DbCursor, user: User) -> Maybe:
return Just(groups[0])
return Nothing
+
+def is_group_leader(cursor: db.DbCursor, user: User, group: Group):
+ """Check whether the given `user` is the leader of `group`."""
+ ugroup = user_group(cursor, user).maybe(False, lambda val: val) # type: ignore[misc]
+ if not group:
+ # User cannot be a group leader if not a member of ANY group
+ return False
+
+ if not ugroup == group:
+ # User cannot be a group leader if not a member of THIS group
+ return False
+
+ cursor.execute(
+ ("SELECT roles.role_name FROM user_roles LEFT JOIN roles "
+ "ON user_roles.role_id = roles.role_id WHERE user_id = ?"),
+ (str(user.user_id),))
+ role_names = tuple(row[0] for row in cursor.fetchall())
+
+ return "group-leader" in role_names