diff options
Diffstat (limited to 'gn3/auth')
| -rw-r--r-- | gn3/auth/authorisation/groups.py | 13 | 
1 files changed, 13 insertions, 0 deletions
| diff --git a/gn3/auth/authorisation/groups.py b/gn3/auth/authorisation/groups.py index f3345c3..210c8de 100644 --- a/gn3/auth/authorisation/groups.py +++ b/gn3/auth/authorisation/groups.py @@ -26,3 +26,16 @@ def create_group(conn: db.DbConnection, group_name: str) -> Group: ## Maybe assign `group-leader` role to user creating the group return group + +@authorised_p(("create-role",), error_message="Could not create the group role") +def create_group_role( + conn: db.DbConnection, group: Group, role_name: str, + privileges: Iterable[Privilege]) -> Role: + """Create a role attached to a group.""" + with db.cursor(conn) as cursor: + role = create_role(cursor, role_name, privileges) + cursor.execute( + "INSERT INTO group_roles(group_id, role_id) VALUES(?, ?)", + (str(group.group_id), role.role_id)) + + return role | 
