Create a resource role.

author: Frederick Muriuki Muriithi 2024-06-17 13:53:50 -0500
committer: Frederick Muriuki Muriithi 2024-06-17 13:53:50 -0500
commit: 1776582ab9d44758793cab70978b353c00be51bc (patch)
tree: 7bb8e61897ee34e134724ab206ba326b8e6aa672 /gn_auth/auth/authorisation/roles
parent: 5612df9436cad6d9b88242cb26c8d2de7fd174e7 (diff)
download: gn-auth-1776582ab9d44758793cab70978b353c00be51bc.tar.gz
1 files changed, 7 insertions, 4 deletions
diff --git a/gn_auth/auth/authorisation/roles/models.py b/gn_auth/auth/authorisation/roles/models.py
index e740bfd..d58c4a1 100644
--- a/gn_auth/auth/authorisation/roles/models.py
+++ b/gn_auth/auth/authorisation/roles/models.py
@@ -54,11 +54,14 @@ def db_rows_to_roles(rows) -> tuple[Role, ...]:
                  if bool(rows) else [])
 
 @authorised_p(
-    privileges = ("group:role:create-role",),
+    privileges = ("resource:role:create-role",),
     error_description="Could not create role")
 def create_role(
-        cursor: db.DbCursor, role_name: str,
-        privileges: Iterable[Privilege]) -> Role:
+        cursor: db.DbCursor,
+        role_name: str,
+        privileges: Iterable[Privilege],
+        user_editable: bool=True
+) -> Role:
     """
     Create a new generic role.
 
@@ -71,7 +74,7 @@ def create_role(
 
     RETURNS: An immutable `gn3.auth.authorisation.roles.Role` object
     """
-    role = Role(uuid4(), role_name, True, tuple(privileges))
+    role = Role(uuid4(), role_name, user_editable, tuple(privileges))
 
     cursor.execute(
         "INSERT INTO roles(role_id, role_name, user_editable) VALUES (?, ?, ?)",
author	Frederick Muriuki Muriithi	2024-06-17 13:53:50 -0500
committer	Frederick Muriuki Muriithi	2024-06-17 13:53:50 -0500
commit	1776582ab9d44758793cab70978b353c00be51bc (patch)
tree	7bb8e61897ee34e134724ab206ba326b8e6aa672 /gn_auth/auth/authorisation/roles
parent	5612df9436cad6d9b88242cb26c8d2de7fd174e7 (diff)
download	gn-auth-1776582ab9d44758793cab70978b353c00be51bc.tar.gz