aboutsummaryrefslogtreecommitdiff
path: root/gn3/auth
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-02-03 15:16:50 +0300
committerFrederick Muriuki Muriithi2023-02-03 15:16:50 +0300
commit578424c78a752f302e380bc054e31a03fb1bf913 (patch)
tree061be3d67f00573b9803f5e8d64500a3a5798a41 /gn3/auth
parente6dd74a3fab65355c0aa187ee31d5ee74a888649 (diff)
downloadgenenetwork3-578424c78a752f302e380bc054e31a03fb1bf913.tar.gz
oauth: enable resource creation
Diffstat (limited to 'gn3/auth')
-rw-r--r--gn3/auth/authorisation/resources/models.py28
-rw-r--r--gn3/auth/authorisation/resources/views.py36
2 files changed, 59 insertions, 5 deletions
diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py
index 8d45ef4..df7fdf9 100644
--- a/gn3/auth/authorisation/resources/models.py
+++ b/gn3/auth/authorisation/resources/models.py
@@ -3,14 +3,15 @@ import json
from uuid import UUID, uuid4
from typing import Any, Dict, Sequence, NamedTuple
+from pymonad.maybe import Just, Maybe, Nothing
+
from gn3.auth import db
from gn3.auth.dictify import dictify
from gn3.auth.authentication.users import User
from ..checks import authorised_p
from ..errors import AuthorisationError
-from ..groups.models import (
- Group, user_group, is_group_leader, authenticated_user_group)
+from ..groups.models import Group, user_group, is_group_leader
class MissingGroupError(AuthorisationError):
"""Raised for any resource operation without a group."""
@@ -51,10 +52,11 @@ class Resource(NamedTuple):
oauth2_scope="profile resource")
def create_resource(
conn: db.DbConnection, resource_name: str,
- resource_category: ResourceCategory) -> Resource:
+ resource_category: ResourceCategory, user: User) -> Resource:
"""Create a resource item."""
with db.cursor(conn) as cursor:
- group = authenticated_user_group(conn).maybe(False, lambda val: val)# type: ignore[misc]
+ group = user_group(cursor, user).maybe(
+ False, lambda grp: grp)# type: ignore[misc, arg-type]
if not group:
raise MissingGroupError(
"User with no group cannot create a resource.")
@@ -65,9 +67,27 @@ def create_resource(
resource_name,
str(resource.resource_category.resource_category_id),
1 if resource.public else 0))
+ # assign_resource_owner_role(conn, resource, user)
return resource
+def resource_category_by_id(
+ conn: db.DbConnection, category_id: UUID) -> Maybe[ResourceCategory]:
+ """Retrieve a resource category by its ID."""
+ with db.cursor(conn) as cursor:
+ cursor.execute(
+ "SELECT * FROM resource_categories WHERE "
+ "resource_category_id=?",
+ (str(category_id),))
+ results = cursor.fetchone()
+ if results:
+ return Just(ResourceCategory(
+ UUID(results["resource_category_id"]),
+ results["resource_category_key"],
+ results["resource_category_description"]))
+
+ return Nothing
+
def resource_categories(conn: db.DbConnection) -> Sequence[ResourceCategory]:
"""Retrieve all available resource categories"""
with db.cursor(conn) as cursor:
diff --git a/gn3/auth/authorisation/resources/views.py b/gn3/auth/authorisation/resources/views.py
index 009cae6..77346bb 100644
--- a/gn3/auth/authorisation/resources/views.py
+++ b/gn3/auth/authorisation/resources/views.py
@@ -1,4 +1,38 @@
"""The views/routes for the resources package"""
-from flask import Blueprint
+import uuid
+from flask import request, jsonify, Blueprint, current_app as app
+
+from .models import (
+ resource_categories, resource_category_by_id,
+ create_resource as _create_resource)
+
+from ... import db
+from ...dictify import dictify
+from ...authentication.oauth2.resource_server import require_oauth
resources = Blueprint("resources", __name__)
+
+@resources.route("/categories", methods=["GET"])
+@require_oauth("profile group resource")
+def list_resource_categories():
+ """Retrieve all resource categories"""
+ db_uri = app.config["AUTH_DB"]
+ with db.connection(db_uri) as conn:
+ return jsonify(tuple(
+ dictify(category) for category in resource_categories(conn)))
+
+@resources.route("/create", methods=["POST"])
+@require_oauth("profile group resource")
+def create_resource():
+ """Create a new resource"""
+ with require_oauth.acquire("profile group resource") as the_token:
+ form = request.form
+ resource_name = form.get("resource_name")
+ resource_category_id = uuid.UUID(form.get("resource_category"))
+ db_uri = app.config["AUTH_DB"]
+ with db.connection(db_uri) as conn:
+ resource = _create_resource(
+ conn, resource_name, resource_category_by_id(
+ conn, resource_category_id).maybe(False, lambda rcat: rcat),
+ the_token.user)
+ return jsonify(dictify(resource))