From 256f13f675c60547b10a06736f0a7cb3faf752d5 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Thu, 25 May 2023 19:11:49 +0300
Subject: Script to assign existing data to publicly-visible resources

A script to assign existing data not assigned to any group to publicly-visible
resources.
---
 gn3/auth/authorisation/resources/models.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'gn3/auth/authorisation/resources')

diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py
index 2016960..5ff5983 100644
--- a/gn3/auth/authorisation/resources/models.py
+++ b/gn3/auth/authorisation/resources/models.py
@@ -57,7 +57,9 @@ def __assign_resource_owner_role__(cursor, resource, user):
     """Assign `user` the 'Resource Owner' role for `resource`."""
     cursor.execute(
         "SELECT gr.* FROM group_roles AS gr INNER JOIN roles AS r "
-        "ON gr.role_id=r.role_id WHERE r.role_name='resource-owner'")
+        "ON gr.role_id=r.role_id WHERE r.role_name='resource-owner' "
+        "AND gr.group_id=?",
+        (str(resource.group.group_id),))
     role = cursor.fetchone()
     if not role:
         cursor.execute("SELECT * FROM roles WHERE role_name='resource-owner'")
-- 
cgit 1.4.1