diff options
| author | Frederick Muriuki Muriithi | 2026-06-03 13:11:35 -0500 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2026-06-03 13:19:51 -0500 |
| commit | abf7b88e44a2400f948fe6768fd217543c42678c (patch) | |
| tree | 6677a84d4ef121a20ba0ad7e0a085cc84b267d4b /gn_auth/auth/authorisation | |
| parent | 597e1bb7d35368930c0a5d26cf32969c62bc2278 (diff) | |
| download | gn-auth-abf7b88e44a2400f948fe6768fd217543c42678c.tar.gz | |
Only grant system-administration role against the system resource.
Diffstat (limited to 'gn_auth/auth/authorisation')
| -rw-r--r-- | gn_auth/auth/authorisation/users/admin/models.py | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/gn_auth/auth/authorisation/users/admin/models.py b/gn_auth/auth/authorisation/users/admin/models.py index 3d68932..0594864 100644 --- a/gn_auth/auth/authorisation/users/admin/models.py +++ b/gn_auth/auth/authorisation/users/admin/models.py @@ -4,6 +4,7 @@ import warnings from gn_auth.auth.db import sqlite3 as db from gn_auth.auth.authentication.users import User from gn_auth.auth.authorisation.roles.models import Role, db_rows_to_roles +from gn_auth.auth.authorisation.resources.system.models import system_resource def sysadmin_role(conn: db.DbConnection) -> Role: @@ -28,14 +29,14 @@ def grant_sysadmin_role(cursor: db.DbCursor, user: User) -> User: cursor.execute( "SELECT * FROM roles WHERE role_name='system-administrator'") admin_role = cursor.fetchone() - cursor.execute("SELECT resources.resource_id FROM resources") - cursor.executemany( + sysresource = system_resource(cursor) + cursor.execute( "INSERT INTO user_roles VALUES (:user_id, :role_id, :resource_id)", - tuple({ + { "user_id": str(user.user_id), "role_id": admin_role["role_id"], - "resource_id": resource_id - } for resource_id in cursor.fetchall())) + "resource_id": str(sysresource.resource_id) + }) return user |