aboutsummaryrefslogtreecommitdiff
path: root/gn_auth
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-11-23 07:22:09 +0300
committerFrederick Muriuki Muriithi2023-11-23 07:22:09 +0300
commit24a66e814fabcce19d2bf6fb48186f5bc86fff38 (patch)
tree7c2827a2c5cd0c204aa5dad4dc2a85e471831b95 /gn_auth
parent410d797535fc9a9f432c44a7d6c786fd508066c5 (diff)
downloadgn-auth-24a66e814fabcce19d2bf6fb48186f5bc86fff38.tar.gz
Scripts: Update script for newer db schema
The schema changed a while back, and the script that is used to make all existing data public needs to be updated for the new schema. This commit does exactly that.
Diffstat (limited to 'gn_auth')
-rw-r--r--gn_auth/auth/authorisation/resources/groups/models.py13
-rw-r--r--gn_auth/auth/authorisation/resources/models.py15
2 files changed, 21 insertions, 7 deletions
diff --git a/gn_auth/auth/authorisation/resources/groups/models.py b/gn_auth/auth/authorisation/resources/groups/models.py
index 5ec26c5..959389c 100644
--- a/gn_auth/auth/authorisation/resources/groups/models.py
+++ b/gn_auth/auth/authorisation/resources/groups/models.py
@@ -451,3 +451,16 @@ def resource_owner(conn: db.DbConnection, resource: Resource) -> Group:
json.loads(row["group_metadata"]))
raise MissingGroupError("Resource has no 'owning' group.")
+
+def add_resources_to_group(conn: db.DbConnection,
+ resources: tuple[Resource, ...],
+ group: Group):
+ """Link the resources to the admin group."""
+ with db.cursor(conn) as cursor:
+ cursor.executemany(
+ "INSERT INTO resource_ownership VALUES(:group_id, :resource_id) "
+ "ON CONFLICT (group_id, resource_id) DO NOTHING",
+ tuple({
+ "group_id": str(group.group_id),
+ "resource_id": str(rsc.resource_id)
+ } for rsc in resources))
diff --git a/gn_auth/auth/authorisation/resources/models.py b/gn_auth/auth/authorisation/resources/models.py
index 15bb72f..d6e3a1d 100644
--- a/gn_auth/auth/authorisation/resources/models.py
+++ b/gn_auth/auth/authorisation/resources/models.py
@@ -54,13 +54,14 @@ def __assign_resource_owner_role__(cursor, resource, user, group):
"role_id": role["role_id"]})
cursor.execute(
- "INSERT INTO user_roles "
- "VALUES (:user_id, :role_id, :resource_id)",
- {
- "user_id": str(user.user_id),
- "role_id": role["role_id"],
- "resource_id": str(resource.resource_id)
- })
+ "INSERT INTO user_roles "
+ "VALUES (:user_id, :role_id, :resource_id) "
+ "ON CONFLICT (user_id, role_id, resource_id) DO NOTHING",
+ {
+ "user_id": str(user.user_id),
+ "role_id": role["role_id"],
+ "resource_id": str(resource.resource_id)
+ })
@authorised_p(("group:resource:create-resource",),
error_description="Insufficient privileges to create a resource",