From f7b27947495b4dc928f6c257286bcb6a7112dbed Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Sat, 18 Mar 2023 11:35:36 +0300 Subject: oauth2: resources: toggle whether a resource is public or not --- gn3/auth/authorisation/resources/models.py | 27 +++++++++++++++++++++++++++ gn3/auth/authorisation/resources/views.py | 27 ++++++++++++++++++++++++--- 2 files changed, 51 insertions(+), 3 deletions(-) (limited to 'gn3') diff --git a/gn3/auth/authorisation/resources/models.py b/gn3/auth/authorisation/resources/models.py index 4049fae..afda5e8 100644 --- a/gn3/auth/authorisation/resources/models.py +++ b/gn3/auth/authorisation/resources/models.py @@ -529,3 +529,30 @@ def unassign_resource_user( f"The user '{user.name}'({user.email}) had the " f"'{role.role.role_name}' role on resource with ID " f"'{resource.resource_id}' taken away.")} + +def save_resource( + conn: db.DbConnection, user: User, resource: Resource) -> Resource: + """Update an existing resource.""" + resource_id = resource.resource_id + authorised = authorised_for( + conn, user, ("group:resource:edit-resource",), (resource_id,)) + if authorised[resource_id]: + with db.cursor(conn) as cursor: + params = {**dictify(resource), "public": 1 if resource.public else 0} + print(f"THE PARAMS: {params}") + cursor.execute( + "UPDATE resources SET " + "resource_name=:resource_name, " + "public=:public " + "WHERE group_id=:group_id " + "AND resource_id=:resource_id", + { + "resource_name": resource.resource_name, + "public": 1 if resource.public else 0, + "group_id": str(resource.group.group_id), + "resource_id": str(resource.resource_id) + }) + return resource + + raise AuthorisationError( + "You do not have the appropriate privileges to edit this resource.") diff --git a/gn3/auth/authorisation/resources/views.py b/gn3/auth/authorisation/resources/views.py index 6f7b65c..5615b11 100644 --- a/gn3/auth/authorisation/resources/views.py +++ b/gn3/auth/authorisation/resources/views.py @@ -10,9 +10,10 @@ from gn3.auth.db_utils import with_db_connection from .checks import authorised_for from .models import ( - resource_by_id, resource_categories, assign_resource_user, - link_data_to_resource, unassign_resource_user, resource_category_by_id, - unlink_data_from_resource, create_resource as _create_resource) + Resource, save_resource, resource_by_id, resource_categories, + assign_resource_user, link_data_to_resource, unassign_resource_user, + resource_category_by_id, unlink_data_from_resource, + create_resource as _create_resource) from ..roles import Role from ..errors import InvalidData, InconsistencyError, AuthorisationError @@ -214,3 +215,23 @@ def unassign_role_to_user(resource_id: uuid.UUID) -> Response: raise AuthorisationError(aserr.args[0]) from aserr return jsonify(with_db_connection(__assign__)) + +@resources.route("/toggle-public", methods=["POST"]) +@require_oauth("profile group resource role") +def toggle_public(resource_id: uuid.UUID) -> Response: + """Make a resource public if it is private, or private if public.""" + with require_oauth.acquire("profile group resource") as the_token: + def __toggle__(conn: db.DbConnection) -> Resource: + old_rsc = resource_by_id(conn, the_token.user, resource_id) + return save_resource( + conn, the_token.user, Resource( + old_rsc.group, old_rsc.resource_id, old_rsc.resource_name, + old_rsc.resource_category, not old_rsc.public, + old_rsc.resource_data)) + + resource = with_db_connection(__toggle__) + return jsonify({ + "resource": dictify(resource), + "description": ( + "Made resource public" if resource.public + else "Made resource private")}) -- cgit v1.2.3