Extract common role assignment to its own module

author: Frederick Muriuki Muriithi 2024-09-25 18:46:00 -0500
committer: Frederick Muriuki Muriithi 2024-09-25 18:46:00 -0500
commit: a3f0e670635ad4319e241ada50587af75a0a2901 (patch)
tree: 813545ebaba5f20918457d0d18ec46675d0ad55a /gn_auth/auth/authorisation/resources/common.py
parent: ef60b19dcb338ad80707ecffc5a959f3c6f66209 (diff)
download: gn-auth-a3f0e670635ad4319e241ada50587af75a0a2901.tar.gz
1 files changed, 24 insertions, 0 deletions
diff --git a/gn_auth/auth/authorisation/resources/common.py b/gn_auth/auth/authorisation/resources/common.py
new file mode 100644
index 0000000..5d2b72b
--- /dev/null
+++ b/gn_auth/auth/authorisation/resources/common.py
@@ -0,0 +1,24 @@
+"""Utilities common to more than one resource."""
+import uuid
+
+from sqlite3 import Cursor
+
+def assign_resource_owner_role(
+        cursor: Cursor,
+        resource_id: uuid.UUID,
+        user_id: uuid.UUID
+) -> dict:
+    """Assign `user` the 'Resource Owner' role for `resource`."""
+    cursor.execute("SELECT * FROM roles WHERE role_name='resource-owner'")
+    role = cursor.fetchone()
+    params = {
+        "user_id": str(user_id),
+        "role_id": role["role_id"],
+        "resource_id": str(resource_id)
+    }
+    cursor.execute(
+        "INSERT INTO user_roles "
+        "VALUES (:user_id, :role_id, :resource_id) "
+        "ON CONFLICT (user_id, role_id, resource_id) DO NOTHING",
+        params)
+    return params
author	Frederick Muriuki Muriithi	2024-09-25 18:46:00 -0500
committer	Frederick Muriuki Muriithi	2024-09-25 18:46:00 -0500
commit	a3f0e670635ad4319e241ada50587af75a0a2901 (patch)
tree	813545ebaba5f20918457d0d18ec46675d0ad55a /gn_auth/auth/authorisation/resources/common.py
parent	ef60b19dcb338ad80707ecffc5a959f3c6f66209 (diff)
download	gn-auth-a3f0e670635ad4319e241ada50587af75a0a2901.tar.gz