Create the 'systemwide-docs-editor' role.

1 files changed, 20 insertions, 2 deletions

diff --git a/migrations/auth/20260311_01_TfRlV-add-privilege-for-gn-docs-documentation-editing.py b/migrations/auth/20260311_01_TfRlV-add-privilege-for-gn-docs-documentation-editing.py
index 552fd01..d5146db 100644
--- a/migrations/auth/20260311_01_TfRlV-add-privilege-for-gn-docs-documentation-editing.py
+++ b/migrations/auth/20260311_01_TfRlV-add-privilege-for-gn-docs-documentation-editing.py
@@ -1,11 +1,29 @@
 """
 add privilege for gn-docs documentation editing
 """
+import uuid
+import contextlib
 
 from yoyo import step
 
 __depends__ = {'20260206_01_v3f4P-add-role-systemwide-data-curator'}
 
+ROLE_NAME = 'systemwide-docs-editor'
+
+
+def create_systemwide_docs_editor_role(conn):
+    """Create a new 'systemwide-data-curator' role."""
+    with contextlib.closing(conn.cursor()) as cursor:
+        cursor.execute(
+            "INSERT INTO roles(role_id, role_name, user_editable) "
+            "VALUES (?, ?, 0)",
+            (str(uuid.uuid4()), ROLE_NAME))
+
+
+def delete_systemwide_docs_editor_role(conn):
+    """Create a new 'systemwide-data-curator' role."""
+    with contextlib.closing(conn.cursor()) as cursor:
+        cursor.execute("DELETE FROM roles WHERE role_name=?", (ROLE_NAME,))
 steps = [
     step(
         """INSERT INTO privileges(privilege_id, privilege_description)
@@ -13,5 +31,5 @@ steps = [
         'system:documentation:edit',
         'Allows the holder to edit documentation presented with the Genenetwork system.'
         )""",
-        "DELETE FROM privileges WHERE privilege_id='system:documentation:edit'")
-]
+        "DELETE FROM privileges WHERE privilege_id='system:documentation:edit'"),
+    step(create_systemwide_docs_editor_role, delete_systemwide_docs_editor_role)]