diff options
| author | Frederick Muriuki Muriithi | 2025-07-30 10:51:02 -0500 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2025-07-30 10:51:02 -0500 |
| commit | 1e8e24fabf03a516d7b93ad092fac860d3ca9f01 (patch) | |
| tree | 75623277d2bd184b917146a8407a7933461bfe3d | |
| parent | 1244b2103943e0a0ade0719036ae39baaf6c47b5 (diff) | |
| download | gn-auth-1e8e24fabf03a516d7b93ad092fac860d3ca9f01.tar.gz | |
Don't allow user to create a group when they are a member of another
When user is made a member of a group, we revoke their ability to create a new group.
| -rw-r--r-- | gn_auth/auth/authorisation/resources/groups/models.py | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/gn_auth/auth/authorisation/resources/groups/models.py b/gn_auth/auth/authorisation/resources/groups/models.py index a4aacc7..a681e25 100644 --- a/gn_auth/auth/authorisation/resources/groups/models.py +++ b/gn_auth/auth/authorisation/resources/groups/models.py @@ -313,6 +313,7 @@ def add_user_to_group(cursor: db.DbCursor, the_group: Group, user: User): ("INSERT INTO group_users VALUES (:group_id, :user_id) " "ON CONFLICT (group_id, user_id) DO NOTHING"), {"group_id": str(the_group.group_id), "user_id": str(user.user_id)}) + revoke_user_role_by_name(cursor, user, "group-creator") @authorised_p( |