aboutsummaryrefslogtreecommitdiff
path: root/gn3
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2022-11-15 13:11:31 +0300
committerFrederick Muriuki Muriithi2022-11-15 13:11:31 +0300
commitbec9a1d1c1611771bc16fd1f304e56b2e1810ed0 (patch)
tree7696a0552e61a72c4687e20be47eaf27c7effc73 /gn3
parenta11bd7a2c7f5b9a82ce70b7baf9eae92561ed905 (diff)
downloadgenenetwork3-bec9a1d1c1611771bc16fd1f304e56b2e1810ed0.tar.gz
auth: Add `create_group_role` function.
Diffstat (limited to 'gn3')
-rw-r--r--gn3/auth/authorisation/groups.py13
1 files changed, 13 insertions, 0 deletions
diff --git a/gn3/auth/authorisation/groups.py b/gn3/auth/authorisation/groups.py
index f3345c3..210c8de 100644
--- a/gn3/auth/authorisation/groups.py
+++ b/gn3/auth/authorisation/groups.py
@@ -26,3 +26,16 @@ def create_group(conn: db.DbConnection, group_name: str) -> Group:
## Maybe assign `group-leader` role to user creating the group
return group
+
+@authorised_p(("create-role",), error_message="Could not create the group role")
+def create_group_role(
+ conn: db.DbConnection, group: Group, role_name: str,
+ privileges: Iterable[Privilege]) -> Role:
+ """Create a role attached to a group."""
+ with db.cursor(conn) as cursor:
+ role = create_role(cursor, role_name, privileges)
+ cursor.execute(
+ "INSERT INTO group_roles(group_id, role_id) VALUES(?, ?)",
+ (str(group.group_id), role.role_id))
+
+ return role