Implement editing resource name.

author: Frederick Muriuki Muriithi 2026-04-20 15:12:01 -0500
committer: Frederick Muriuki Muriithi 2026-04-20 15:12:01 -0500
commit: 20454143d8ba92cfbe70a0f59f1158a934054cab (patch)
tree: ffa07910ab6fe584cf9cc7dde772642bb37e516d /gn_auth
parent: c7499016156439f720dc45fd13cfb4d14d23e761 (diff)
download: gn-auth-20454143d8ba92cfbe70a0f59f1158a934054cab.tar.gz
2 files changed, 62 insertions, 1 deletions
diff --git a/gn_auth/auth/authorisation/resources/models.py b/gn_auth/auth/authorisation/resources/models.py
index b42e879..9ef62fe 100644
--- a/gn_auth/auth/authorisation/resources/models.py
+++ b/gn_auth/auth/authorisation/resources/models.py
@@ -104,6 +104,27 @@ def delete_resource(conn: db.DbConnection, resource_id: UUID):
                        (str(resource_id),))
 
 
+def edit_resource(conn: db.DbConnection, resource_id: UUID, name: str) -> Resource:
+    """Edit basic resource details."""
+    with db.cursor(conn) as cursor:
+        cursor.execute("UPDATE resources SET resource_name=? "
+                       "WHERE resource_id=?",
+                       (name, str(resource_id)))
+        cursor.execute(
+            "SELECT r.*, rc.* FROM resources AS r "
+            "INNER JOIN resource_categories AS rc "
+            "ON r.resource_category_id=rc.resource_category_id "
+            "WHERE r.resource_id=?",
+            (str(resource_id),))
+        _resource = resource_from_dbrow(cursor.fetchone())
+        cursor.execute(
+            "SELECT u.* FROM resources AS r INNER JOIN users AS u "
+            "ON r.created_by=u.user_id WHERE r.resource_id=?",
+            (str(resource_id),))
+        return Resource.from_resource(
+            _resource, created_by=User.from_sqlite3_row(cursor.fetchone()))
+
+
 def resource_category_by_id(
         conn: db.DbConnection, category_id: UUID) -> ResourceCategory:
     """Retrieve a resource category by its ID."""
diff --git a/gn_auth/auth/authorisation/resources/views.py b/gn_auth/auth/authorisation/resources/views.py
index 4235d87..bdbd356 100644
--- a/gn_auth/auth/authorisation/resources/views.py
+++ b/gn_auth/auth/authorisation/resources/views.py
@@ -14,6 +14,7 @@ from authlib.jose import jwt
 from authlib.integrations.flask_oauth2.errors import _HTTPException
 from flask import (make_response, request, jsonify, Response,
                    Blueprint, current_app as app)
+import gn_libs.privileges.resources
 
 from gn_auth.auth.requests import request_json
 
@@ -44,6 +45,7 @@ from .inbredset.views import popbp
 from .genotypes.views import genobp
 from .phenotypes.views import phenobp
 from .errors import MissingGroupError
+from .system.models import system_resource
 from .groups.models import Group, user_group
 from .checks import can_delete, authorised_for
 from .models import (
@@ -51,7 +53,8 @@ from .models import (
     resource_categories, assign_resource_user, link_data_to_resource,
     unassign_resource_user, resource_category_by_id, user_roles_on_resources,
     unlink_data_from_resource, create_resource as _create_resource,
-    get_resource_id, delete_resource as _delete_resource)
+    get_resource_id, delete_resource as _delete_resource,
+    edit_resource as _edit_resource)
 
 logger = logging.getLogger(__name__)
 
@@ -117,6 +120,43 @@ def view_resource(resource_id: UUID) -> Response:
                 )
             )
 
+
+@resources.route("/<uuid:resource_id>/edit", methods=["POST"])
+@require_oauth("profile group resource")
+def edit_resource(resource_id: UUID) -> Response:
+    """Update/edit basic details regarding a resource."""
+    db_uri = app.config["AUTH_DB"]
+    with (require_oauth.acquire("profile group resource") as _token,
+          db.connection(db_uri) as conn):
+        _privileges = tuple(
+            privilege.privilege_id
+            for role in (
+                    role for resource in user_roles_on_resources(
+                        conn,
+                        _token.user,
+                        (resource_id, system_resource(conn).resource_id)
+                    ).values()
+                    for role in resource.get("roles", tuple()))
+            for privilege in role.privileges)
+        if not gn_libs.privileges.resources.can_edit(_privileges):
+            return jsonify({
+                "error": "AuthorisationError",
+                "error_description": "You are not allowed to edit this resource."
+            }), 401
+
+        name = (request_json().get("resource_name") or "").strip()
+        if bool(name):
+            return jsonify({
+                "resource": asdict(_edit_resource(conn, resource_id, name)),
+                "message": "Resource updated successfully",
+                "status": "success"
+            })
+
+        return jsonify({
+            "error_description": "Expected `resource_name` to be provided.",
+            "error": "InvalidInput"
+        }), 400
+
 def __safe_get_requests_page__(key: str = "page") -> int:
     """Get the results page if it exists or default to the first page."""
     try:
author	Frederick Muriuki Muriithi	2026-04-20 15:12:01 -0500
committer	Frederick Muriuki Muriithi	2026-04-20 15:12:01 -0500
commit	20454143d8ba92cfbe70a0f59f1158a934054cab (patch)
tree	ffa07910ab6fe584cf9cc7dde772642bb37e516d /gn_auth
parent	c7499016156439f720dc45fd13cfb4d14d23e761 (diff)
download	gn-auth-20454143d8ba92cfbe70a0f59f1158a934054cab.tar.gz