diff options
| author | Frederick Muriuki Muriithi | 2026-03-11 11:42:04 -0500 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2026-03-11 11:42:04 -0500 |
| commit | edfd4cbcdc8bd41e61c47fc060fe24f26bb4be9a (patch) | |
| tree | ad27a98ed145d49497e62d7e0158c399a53b3166 | |
| parent | 052674e9778fa2258af9c6113eabf2a7b96308f0 (diff) | |
| download | gn-auth-edfd4cbcdc8bd41e61c47fc060fe24f26bb4be9a.tar.gz | |
Assign 'system:documentation:edit' privilege to 'systemwide-docs-editor' role.
| -rw-r--r-- | migrations/auth/20260311_01_TfRlV-add-privilege-for-gn-docs-documentation-editing.py | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/migrations/auth/20260311_01_TfRlV-add-privilege-for-gn-docs-documentation-editing.py b/migrations/auth/20260311_01_TfRlV-add-privilege-for-gn-docs-documentation-editing.py index d5146db..d618f14 100644 --- a/migrations/auth/20260311_01_TfRlV-add-privilege-for-gn-docs-documentation-editing.py +++ b/migrations/auth/20260311_01_TfRlV-add-privilege-for-gn-docs-documentation-editing.py @@ -24,6 +24,31 @@ def delete_systemwide_docs_editor_role(conn): """Create a new 'systemwide-data-curator' role.""" with contextlib.closing(conn.cursor()) as cursor: cursor.execute("DELETE FROM roles WHERE role_name=?", (ROLE_NAME,)) + + +def assign_edit_priv_to_docs_editor(conn): + with contextlib.closing(conn.cursor()) as cursor: + cursor.execute("SELECT role_id FROM roles WHERE role_name=?", + (ROLE_NAME,)) + role_id = cursor.fetchone()[0] + + cursor.execute( + "INSERT INTO role_privileges(role_id, privilege_id) " + "VALUES (?, ?)", + (role_id, "system:documentation:edit")) + + +def revoke_edit_priv_to_docs_editor(conn): + with contextlib.closing(conn.cursor()) as cursor: + cursor.execute("SELECT role_id FROM roles WHERE role_name=?", + (ROLE_NAME,)) + role_id = cursor.fetchone()[0] + + cursor.execute( + "DELETE FROM role_privileges WHERE role_id=? AND privilege_id=?", + (role_id, "system:documentation:edit")) + + steps = [ step( """INSERT INTO privileges(privilege_id, privilege_description) @@ -32,4 +57,6 @@ steps = [ 'Allows the holder to edit documentation presented with the Genenetwork system.' )""", "DELETE FROM privileges WHERE privilege_id='system:documentation:edit'"), - step(create_systemwide_docs_editor_role, delete_systemwide_docs_editor_role)] + step(create_systemwide_docs_editor_role, delete_systemwide_docs_editor_role), + step(assign_edit_priv_to_docs_editor, revoke_edit_priv_to_docs_editor) +] |