From 98dc0c5b1a67a7c7b97a1fa02211e9f99360edce Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Mon, 16 Jan 2023 12:14:24 +0300
Subject: auth: update privileges format

Save privileges with ids of the form <top-level>:<sub-level>:<privilege-name>
rather than using a UUID, to reduce indirection levels.

* migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py: new migration
  to change the schema and IDs for the privileges.
* Update code to use new privileges format
  * gn3/auth/authorisation/checks.py
  * gn3/auth/authorisation/groups.py
  * gn3/auth/authorisation/privileges.py
  * gn3/auth/authorisation/resources.py
  * gn3/auth/authorisation/roles.py
  * migrations/auth/20230116_01_KwuJ3-rework-privileges-schema.py
  * tests/unit/auth/fixtures/role_fixtures.py
  * tests/unit/auth/test_groups.py
  * tests/unit/auth/test_privileges.py
  * tests/unit/auth/test_roles.py
---
 gn3/auth/authorisation/checks.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'gn3/auth/authorisation/checks.py')

diff --git a/gn3/auth/authorisation/checks.py b/gn3/auth/authorisation/checks.py
index dd041fe..d847c1e 100644
--- a/gn3/auth/authorisation/checks.py
+++ b/gn3/auth/authorisation/checks.py
@@ -19,7 +19,7 @@ def authorised_p(
             if hasattr(g, "user") and g.user:
                 with db.connection(app.config["AUTH_DB"]) as conn:
                     user_privileges = tuple(
-                        priv.privilege_name for priv in
+                        priv.privilege_id for priv in
                         auth_privs.user_privileges(conn, g.user))
 
                 not_assigned = [
-- 
cgit v1.2.3