From 8593d882ed1eea226eeefabaa66135df2374746f Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Thu, 25 May 2023 06:02:38 +0300
Subject: Set whether resource is publicly viewable on creation

---
 gn3/auth/authorisation/resources/models.py | 6 ++++--
 gn3/auth/authorisation/resources/views.py  | 8 +++++---
 2 files changed, 9 insertions(+), 5 deletions(-)

(limited to 'gn3/auth/authorisation')

diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py
index e54ec48..2016960 100644
--- a/gn3/auth/authorisation/resources/models.py
+++ b/gn3/auth/authorisation/resources/models.py
@@ -84,7 +84,8 @@ def __assign_resource_owner_role__(cursor, resource, user):
               oauth2_scope="profile resource")
 def create_resource(
         conn: db.DbConnection, resource_name: str,
-        resource_category: ResourceCategory, user: User) -> Resource:
+        resource_category: ResourceCategory, user: User,
+        public: bool) -> Resource:
     """Create a resource item."""
     with db.cursor(conn) as cursor:
         group = user_group(conn, user).maybe(
@@ -92,7 +93,8 @@ def create_resource(
         if not group:
             raise MissingGroupError(
                 "User with no group cannot create a resource.")
-        resource = Resource(group, uuid4(), resource_name, resource_category, False)
+        resource = Resource(
+            group, uuid4(), resource_name, resource_category, public)
         cursor.execute(
             "INSERT INTO resources VALUES (?, ?, ?, ?, ?)",
             (str(resource.group.group_id), str(resource.resource_id),
diff --git a/gn3/auth/authorisation/resources/views.py b/gn3/auth/authorisation/resources/views.py
index c8bff6a..396a57e 100644
--- a/gn3/auth/authorisation/resources/views.py
+++ b/gn3/auth/authorisation/resources/views.py
@@ -47,9 +47,11 @@ def create_resource() -> Response:
         with db.connection(db_uri) as conn:
             try:
                 resource = _create_resource(
-                    conn, resource_name, resource_category_by_id(
-                        conn, resource_category_id),
-                    the_token.user)
+                    conn,
+                    resource_name,
+                    resource_category_by_id(conn, resource_category_id),
+                    the_token.user,
+                    (form.get("public") == "on"))
                 return jsonify(dictify(resource))
             except sqlite3.IntegrityError as sql3ie:
                 if sql3ie.args[0] == ("UNIQUE constraint failed: "
-- 
cgit v1.2.3