Script to assign existing data to publicly-visible resources

A script to assign existing data not assigned to any group to publicly-visible
resources.

2 files changed, 5 insertions, 3 deletions

diff --git a/gn3/auth/authorisation/groups/models.py b/gn3/auth/authorisation/groups/models.py
index ea629e0..5a3ae50 100644
--- a/gn3/auth/authorisation/groups/models.py
+++ b/gn3/auth/authorisation/groups/models.py
@@ -94,7 +94,7 @@ def create_group(
         raise MembershipError(group_leader, user_groups)
 
     with db.cursor(conn) as cursor:
-        new_group = __save_group__(
+        new_group = save_group(
             cursor, group_name,(
                 {"group_description": group_description}
                 if group_description else {}))
@@ -198,7 +198,7 @@ def all_groups(conn: db.DbConnection) -> Maybe[Sequence[Group]]:
 
     return Nothing
 
-def __save_group__(
+def save_group(
         cursor: db.DbCursor, group_name: str,
         group_metadata: dict[str, Any]) -> Group:
     """Save a group to db"""
diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py
index 2016960..5ff5983 100644
--- a/gn3/auth/authorisation/resources/models.py
+++ b/gn3/auth/authorisation/resources/models.py
@@ -57,7 +57,9 @@ def __assign_resource_owner_role__(cursor, resource, user):
     """Assign `user` the 'Resource Owner' role for `resource`."""
     cursor.execute(
         "SELECT gr.* FROM group_roles AS gr INNER JOIN roles AS r "
-        "ON gr.role_id=r.role_id WHERE r.role_name='resource-owner'")
+        "ON gr.role_id=r.role_id WHERE r.role_name='resource-owner' "
+        "AND gr.group_id=?",
+        (str(resource.group.group_id),))
     role = cursor.fetchone()
     if not role:
         cursor.execute("SELECT * FROM roles WHERE role_name='resource-owner'")