aboutsummaryrefslogtreecommitdiff
path: root/gn_auth/auth/authorisation/resources
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2024-10-03 14:09:44 -0500
committerFrederick Muriuki Muriithi2024-10-03 14:09:44 -0500
commit8679ee038a1976c2504af4c4b61af6004f54de65 (patch)
tree6541da6104115d52195ac75ac9e07b385d0b65cc /gn_auth/auth/authorisation/resources
parent00f863b3dcb76f5fdca8e139e903e2f7edb861fc (diff)
downloadgn-auth-8679ee038a1976c2504af4c4b61af6004f54de65.tar.gz
BugFix: Fetch also roles assigned to user
When fetching the resource roles, fetch also any roles that are assigned to the user for that resource.
Diffstat (limited to 'gn_auth/auth/authorisation/resources')
-rw-r--r--gn_auth/auth/authorisation/resources/views.py13
1 files changed, 11 insertions, 2 deletions
diff --git a/gn_auth/auth/authorisation/resources/views.py b/gn_auth/auth/authorisation/resources/views.py
index 3d590a3..1c4104a 100644
--- a/gn_auth/auth/authorisation/resources/views.py
+++ b/gn_auth/auth/authorisation/resources/views.py
@@ -411,9 +411,18 @@ def resource_roles(resource_id: UUID) -> Response:
"ON rp.privilege_id=p.privilege_id "
"WHERE rr.resource_id=? AND rr.role_created_by=?",
(str(resource_id), str(_token.user.user_id)))
- results = cursor.fetchall()
+ user_created = db_rows_to_roles(cursor.fetchall())
- return db_rows_to_roles(results)
+ cursor.execute(
+ "SELECT ur.user_id, ur.resource_id, r.*, p.* FROM user_roles AS ur "
+ "INNER JOIN roles AS r ON ur.role_id=r.role_id "
+ "INNER JOIN role_privileges AS rp ON r.role_id=rp.role_id "
+ "INNER JOIN privileges AS p ON rp.privilege_id=p.privilege_id "
+ "WHERE resource_id=? AND user_id=?",
+ (str(resource_id), str(_token.user.user_id)))
+ assigned_to_user = db_rows_to_roles(cursor.fetchall())
+
+ return assigned_to_user + user_created
return jsonify(with_db_connection(__roles__))