aboutsummaryrefslogtreecommitdiff
path: root/gn3/auth
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-05-25 19:11:49 +0300
committerFrederick Muriuki Muriithi2023-05-25 19:11:49 +0300
commit256f13f675c60547b10a06736f0a7cb3faf752d5 (patch)
tree3e5a29212de06312424b521055a5f17e9e9dc79b /gn3/auth
parent8593d882ed1eea226eeefabaa66135df2374746f (diff)
downloadgenenetwork3-256f13f675c60547b10a06736f0a7cb3faf752d5.tar.gz
Script to assign existing data to publicly-visible resources
A script to assign existing data not assigned to any group to publicly-visible resources.
Diffstat (limited to 'gn3/auth')
-rw-r--r--gn3/auth/authorisation/groups/models.py4
-rw-r--r--gn3/auth/authorisation/resources/models.py4
2 files changed, 5 insertions, 3 deletions
diff --git a/gn3/auth/authorisation/groups/models.py b/gn3/auth/authorisation/groups/models.py
index ea629e0..5a3ae50 100644
--- a/gn3/auth/authorisation/groups/models.py
+++ b/gn3/auth/authorisation/groups/models.py
@@ -94,7 +94,7 @@ def create_group(
raise MembershipError(group_leader, user_groups)
with db.cursor(conn) as cursor:
- new_group = __save_group__(
+ new_group = save_group(
cursor, group_name,(
{"group_description": group_description}
if group_description else {}))
@@ -198,7 +198,7 @@ def all_groups(conn: db.DbConnection) -> Maybe[Sequence[Group]]:
return Nothing
-def __save_group__(
+def save_group(
cursor: db.DbCursor, group_name: str,
group_metadata: dict[str, Any]) -> Group:
"""Save a group to db"""
diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py
index 2016960..5ff5983 100644
--- a/gn3/auth/authorisation/resources/models.py
+++ b/gn3/auth/authorisation/resources/models.py
@@ -57,7 +57,9 @@ def __assign_resource_owner_role__(cursor, resource, user):
"""Assign `user` the 'Resource Owner' role for `resource`."""
cursor.execute(
"SELECT gr.* FROM group_roles AS gr INNER JOIN roles AS r "
- "ON gr.role_id=r.role_id WHERE r.role_name='resource-owner'")
+ "ON gr.role_id=r.role_id WHERE r.role_name='resource-owner' "
+ "AND gr.group_id=?",
+ (str(resource.group.group_id),))
role = cursor.fetchone()
if not role:
cursor.execute("SELECT * FROM roles WHERE role_name='resource-owner'")