From 3e2198e39bc229553d118f367fbd2f9932a9a76b Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Mon, 24 Apr 2023 11:45:45 +0300 Subject: auth: Return the actual privileges for the user Previously, the `oauth2/data/authorisation` endpoint was returning hard-coded values for the privileges assigned to the user for each resource. In this change, we rework to return the actual privileges for the user. --- gn3/auth/authorisation/resources/models.py | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) (limited to 'gn3/auth/authorisation/resources') diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py index bc88691..e54ec48 100644 --- a/gn3/auth/authorisation/resources/models.py +++ b/gn3/auth/authorisation/resources/models.py @@ -423,9 +423,8 @@ def attach_mrna_resources_data( """Attach linked data to mRNA Assay resources""" placeholders = ", ".join(["?"] * len(resources)) cursor.execute( - "SELECT * FROM mrna_resources AS mr INNER JOIN linked_group_data AS lgd" - " ON (mr.dataset_id=lgd.dataset_or_trait_id " - "AND mr.dataset_type=lgd.dataset_type) " + "SELECT * FROM mrna_resources AS mr INNER JOIN linked_mrna_data AS lmd" + " ON mr.data_link_id=lmd.data_link_id " f"WHERE mr.resource_id IN ({placeholders})", tuple(str(resource.resource_id) for resource in resources)) return __attach_data__(cursor.fetchall(), resources) @@ -436,10 +435,9 @@ def attach_genotype_resources_data( placeholders = ", ".join(["?"] * len(resources)) cursor.execute( "SELECT * FROM genotype_resources AS gr " - "INNER JOIN linked_group_data AS lgd " - "ON (gr.trait_id=lgd.dataset_or_trait_id " - "AND gr.dataset_type=lgd.dataset_type) " - f"WHERE gr.resource_id IN {placeholders}", + "INNER JOIN linked_genotype_data AS lgd " + "ON gr.data_link_id=lgd.data_link_id " + f"WHERE gr.resource_id IN ({placeholders})", tuple(str(resource.resource_id) for resource in resources)) return __attach_data__(cursor.fetchall(), resources) @@ -449,10 +447,9 @@ def attach_phenotype_resources_data( placeholders = ", ".join(["?"] * len(resources)) cursor.execute( "SELECT * FROM phenotype_resources AS pr " - "INNER JOIN linked_group_data AS lgd " - "ON (pr.trait_id=lgd.dataset_or_trait_id " - "AND pr.dataset_type=lgd.dataset_type) " - f"WHERE pr.resource_id IN {placeholders}", + "INNER JOIN linked_phenotype_data AS lpd " + "ON pr.data_link_id=lpd.data_link_id " + f"WHERE pr.resource_id IN ({placeholders})", tuple(str(resource.resource_id) for resource in resources)) return __attach_data__(cursor.fetchall(), resources) @@ -532,8 +529,6 @@ def save_resource( conn, user, ("group:resource:edit-resource",), (resource_id,)) if authorised[resource_id]: with db.cursor(conn) as cursor: - params = {**dictify(resource), "public": 1 if resource.public else 0} - print(f"THE PARAMS: {params}") cursor.execute( "UPDATE resources SET " "resource_name=:resource_name, " -- cgit v1.2.3