auth: Add `create_group_role` function.

author: Frederick Muriuki Muriithi 2022-11-15 13:11:31 +0300
committer: Frederick Muriuki Muriithi 2022-11-15 13:11:31 +0300
commit: bec9a1d1c1611771bc16fd1f304e56b2e1810ed0 (patch)
tree: 7696a0552e61a72c4687e20be47eaf27c7effc73 /gn3
parent: a11bd7a2c7f5b9a82ce70b7baf9eae92561ed905 (diff)
download: genenetwork3-bec9a1d1c1611771bc16fd1f304e56b2e1810ed0.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/gn3/auth/authorisation/groups.py b/gn3/auth/authorisation/groups.py
index f3345c3..210c8de 100644
--- a/gn3/auth/authorisation/groups.py
+++ b/gn3/auth/authorisation/groups.py
@@ -26,3 +26,16 @@ def create_group(conn: db.DbConnection, group_name: str) -> Group:
         ## Maybe assign `group-leader` role to user creating the group
 
     return group
+
+@authorised_p(("create-role",), error_message="Could not create the group role")
+def create_group_role(
+        conn: db.DbConnection, group: Group, role_name: str,
+        privileges: Iterable[Privilege]) -> Role:
+    """Create a role attached to a group."""
+    with db.cursor(conn) as cursor:
+        role = create_role(cursor, role_name, privileges)
+        cursor.execute(
+            "INSERT INTO group_roles(group_id, role_id) VALUES(?, ?)",
+            (str(group.group_id), role.role_id))
+
+    return role
author	Frederick Muriuki Muriithi	2022-11-15 13:11:31 +0300
committer	Frederick Muriuki Muriithi	2022-11-15 13:11:31 +0300
commit	bec9a1d1c1611771bc16fd1f304e56b2e1810ed0 (patch)
tree	7696a0552e61a72c4687e20be47eaf27c7effc73 /gn3
parent	a11bd7a2c7f5b9a82ce70b7baf9eae92561ed905 (diff)
download	genenetwork3-bec9a1d1c1611771bc16fd1f304e56b2e1810ed0.tar.gz