diff options
| author | Frederick Muriuki Muriithi | 2025-07-30 10:53:16 -0500 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2025-07-30 12:54:52 -0500 |
| commit | 29d097ffcbe9b0993bfab794c91f96d473ce0207 (patch) | |
| tree | 7ce2ee881b81128e1d34521fb3f965fd059713c7 | |
| parent | 1e8e24fabf03a516d7b93ad092fac860d3ca9f01 (diff) | |
| download | gn-auth-29d097ffcbe9b0993bfab794c91f96d473ce0207.tar.gz | |
Fetch resource object that wraps the group for authorisations
| -rw-r--r-- | gn_auth/auth/authorisation/resources/groups/models.py | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/gn_auth/auth/authorisation/resources/groups/models.py b/gn_auth/auth/authorisation/resources/groups/models.py index a681e25..9daadf4 100644 --- a/gn_auth/auth/authorisation/resources/groups/models.py +++ b/gn_auth/auth/authorisation/resources/groups/models.py @@ -316,6 +316,25 @@ def add_user_to_group(cursor: db.DbCursor, the_group: Group, user: User): revoke_user_role_by_name(cursor, user, "group-creator") +def resource_from_group(conn: db.DbConnection, the_group: Group) -> Resource: + """Get the resource object that wraps the group for auth purposes.""" + with db.cursor(conn) as cursor: + cursor.execute( + "SELECT " + "resources.resource_id, resources.resource_name, " + "resources.public, resource_categories.* " + "FROM group_resources " + "INNER JOIN resources " + "ON group_resources.resource_id=resources.resource_id " + "INNER JOIN resource_categories " + "ON resources.resource_category_id=resource_categories.resource_category_id " + "WHERE group_resources.group_id=?", + (str(the_group.group_id),)) + results = db_rows_to_roles(cursor.fetchall()) + assert len(results) == 1, "Expected a single group resource." + return results[0] + + @authorised_p( privileges=("system:group:view-group",), error_description=( |