diff options
| author | Frederick Muriuki Muriithi | 2024-10-03 14:09:44 -0500 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2024-10-03 14:09:44 -0500 |
| commit | 8679ee038a1976c2504af4c4b61af6004f54de65 (patch) | |
| tree | 6541da6104115d52195ac75ac9e07b385d0b65cc | |
| parent | 00f863b3dcb76f5fdca8e139e903e2f7edb861fc (diff) | |
| download | gn-auth-8679ee038a1976c2504af4c4b61af6004f54de65.tar.gz | |
BugFix: Fetch also roles assigned to user
When fetching the resource roles, fetch also any roles that are
assigned to the user for that resource.
| -rw-r--r-- | gn_auth/auth/authorisation/resources/views.py | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/gn_auth/auth/authorisation/resources/views.py b/gn_auth/auth/authorisation/resources/views.py index 3d590a3..1c4104a 100644 --- a/gn_auth/auth/authorisation/resources/views.py +++ b/gn_auth/auth/authorisation/resources/views.py @@ -411,9 +411,18 @@ def resource_roles(resource_id: UUID) -> Response: "ON rp.privilege_id=p.privilege_id " "WHERE rr.resource_id=? AND rr.role_created_by=?", (str(resource_id), str(_token.user.user_id))) - results = cursor.fetchall() + user_created = db_rows_to_roles(cursor.fetchall()) - return db_rows_to_roles(results) + cursor.execute( + "SELECT ur.user_id, ur.resource_id, r.*, p.* FROM user_roles AS ur " + "INNER JOIN roles AS r ON ur.role_id=r.role_id " + "INNER JOIN role_privileges AS rp ON r.role_id=rp.role_id " + "INNER JOIN privileges AS p ON rp.privilege_id=p.privilege_id " + "WHERE resource_id=? AND user_id=?", + (str(resource_id), str(_token.user.user_id))) + assigned_to_user = db_rows_to_roles(cursor.fetchall()) + + return assigned_to_user + user_created return jsonify(with_db_connection(__roles__)) |