aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gn3/auth/authorisation/resources/models.py27
-rw-r--r--gn3/auth/authorisation/resources/views.py27
2 files changed, 51 insertions, 3 deletions
diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py
index 4049fae..afda5e8 100644
--- a/gn3/auth/authorisation/resources/models.py
+++ b/gn3/auth/authorisation/resources/models.py
@@ -529,3 +529,30 @@ def unassign_resource_user(
f"The user '{user.name}'({user.email}) had the "
f"'{role.role.role_name}' role on resource with ID "
f"'{resource.resource_id}' taken away.")}
+
+def save_resource(
+ conn: db.DbConnection, user: User, resource: Resource) -> Resource:
+ """Update an existing resource."""
+ resource_id = resource.resource_id
+ authorised = authorised_for(
+ conn, user, ("group:resource:edit-resource",), (resource_id,))
+ if authorised[resource_id]:
+ with db.cursor(conn) as cursor:
+ params = {**dictify(resource), "public": 1 if resource.public else 0}
+ print(f"THE PARAMS: {params}")
+ cursor.execute(
+ "UPDATE resources SET "
+ "resource_name=:resource_name, "
+ "public=:public "
+ "WHERE group_id=:group_id "
+ "AND resource_id=:resource_id",
+ {
+ "resource_name": resource.resource_name,
+ "public": 1 if resource.public else 0,
+ "group_id": str(resource.group.group_id),
+ "resource_id": str(resource.resource_id)
+ })
+ return resource
+
+ raise AuthorisationError(
+ "You do not have the appropriate privileges to edit this resource.")
diff --git a/gn3/auth/authorisation/resources/views.py b/gn3/auth/authorisation/resources/views.py
index 6f7b65c..5615b11 100644
--- a/gn3/auth/authorisation/resources/views.py
+++ b/gn3/auth/authorisation/resources/views.py
@@ -10,9 +10,10 @@ from gn3.auth.db_utils import with_db_connection
from .checks import authorised_for
from .models import (
- resource_by_id, resource_categories, assign_resource_user,
- link_data_to_resource, unassign_resource_user, resource_category_by_id,
- unlink_data_from_resource, create_resource as _create_resource)
+ Resource, save_resource, resource_by_id, resource_categories,
+ assign_resource_user, link_data_to_resource, unassign_resource_user,
+ resource_category_by_id, unlink_data_from_resource,
+ create_resource as _create_resource)
from ..roles import Role
from ..errors import InvalidData, InconsistencyError, AuthorisationError
@@ -214,3 +215,23 @@ def unassign_role_to_user(resource_id: uuid.UUID) -> Response:
raise AuthorisationError(aserr.args[0]) from aserr
return jsonify(with_db_connection(__assign__))
+
+@resources.route("<uuid:resource_id>/toggle-public", methods=["POST"])
+@require_oauth("profile group resource role")
+def toggle_public(resource_id: uuid.UUID) -> Response:
+ """Make a resource public if it is private, or private if public."""
+ with require_oauth.acquire("profile group resource") as the_token:
+ def __toggle__(conn: db.DbConnection) -> Resource:
+ old_rsc = resource_by_id(conn, the_token.user, resource_id)
+ return save_resource(
+ conn, the_token.user, Resource(
+ old_rsc.group, old_rsc.resource_id, old_rsc.resource_name,
+ old_rsc.resource_category, not old_rsc.public,
+ old_rsc.resource_data))
+
+ resource = with_db_connection(__toggle__)
+ return jsonify({
+ "resource": dictify(resource),
+ "description": (
+ "Made resource public" if resource.public
+ else "Made resource private")})