about summary refs log tree commit diff
path: root/gn_auth/auth/authorisation/resources/views.py
diff options
context:
space:
mode:
authorMunyoki Kilyungi2024-03-21 10:10:46 +0300
committerMunyoki Kilyungi2024-03-21 10:19:19 +0300
commitccd4ee5405f6a302283bac80dee15919dd3c6ffe (patch)
tree586921c94b09267b04d1bef598157d634d37249f /gn_auth/auth/authorisation/resources/views.py
parent7107b2b99058835bf0115955c3e79c23f9fb6bc9 (diff)
downloadgn-auth-ccd4ee5405f6a302283bac80dee15919dd3c6ffe.tar.gz
Add extra endpoint to get user authorisation given a resource name.
* gn_auth/auth/authorisation/resources/models.py
(user_roles_on_resources): New function.
* gn_auth/auth/authorisation/resources/views.py
(resources_authorisation): New endpoint.

Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
Diffstat (limited to 'gn_auth/auth/authorisation/resources/views.py')
-rw-r--r--gn_auth/auth/authorisation/resources/views.py24
1 files changed, 23 insertions, 1 deletions
diff --git a/gn_auth/auth/authorisation/resources/views.py b/gn_auth/auth/authorisation/resources/views.py
index 13d9bdf..8034110 100644
--- a/gn_auth/auth/authorisation/resources/views.py
+++ b/gn_auth/auth/authorisation/resources/views.py
@@ -23,7 +23,8 @@ from .models import (
     Resource, resource_data, resource_by_id, public_resources,
     resource_categories, assign_resource_user, link_data_to_resource,
     unassign_resource_user, resource_category_by_id, user_roles_on_resources,
-    unlink_data_from_resource, create_resource as _create_resource)
+    unlink_data_from_resource, create_resource as _create_resource,
+    get_resource_id)
 from .groups.models import Group, resource_owner, group_role_by_id
 
 resources = Blueprint("resources", __name__)
@@ -372,3 +373,24 @@ def resources_authorisation():
         resp.status_code = 400
 
     return resp
+
+
+@resources.route("/authorisation/<name>", methods=["GET"])
+def get_user_roles_on_resource(name) -> Response:
+    """Get user authorisation for a given resource given it's name"""
+    resid = with_db_connection(
+        lambda conn: get_resource_id(conn, name)
+    )
+    with require_oauth.acquire("profile resource") as _token:
+        _resources = with_db_connection(
+            lambda conn: user_roles_on_resources(
+                conn, _token.user, (resid,)
+            )
+        )
+        return jsonify({
+                name: {
+                    "roles": tuple(
+                        asdict(rol) for rol in
+                        _resources.get(resid, {}).get("roles", tuple()))
+                }
+            })