diff options
author | Frederick Muriuki Muriithi | 2023-11-23 07:22:09 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-11-23 07:22:09 +0300 |
commit | 24a66e814fabcce19d2bf6fb48186f5bc86fff38 (patch) | |
tree | 7c2827a2c5cd0c204aa5dad4dc2a85e471831b95 /gn_auth | |
parent | 410d797535fc9a9f432c44a7d6c786fd508066c5 (diff) | |
download | gn-auth-24a66e814fabcce19d2bf6fb48186f5bc86fff38.tar.gz |
Scripts: Update script for newer db schema
The schema changed a while back, and the script that is used to make
all existing data public needs to be updated for the new schema. This
commit does exactly that.
Diffstat (limited to 'gn_auth')
-rw-r--r-- | gn_auth/auth/authorisation/resources/groups/models.py | 13 | ||||
-rw-r--r-- | gn_auth/auth/authorisation/resources/models.py | 15 |
2 files changed, 21 insertions, 7 deletions
diff --git a/gn_auth/auth/authorisation/resources/groups/models.py b/gn_auth/auth/authorisation/resources/groups/models.py index 5ec26c5..959389c 100644 --- a/gn_auth/auth/authorisation/resources/groups/models.py +++ b/gn_auth/auth/authorisation/resources/groups/models.py @@ -451,3 +451,16 @@ def resource_owner(conn: db.DbConnection, resource: Resource) -> Group: json.loads(row["group_metadata"])) raise MissingGroupError("Resource has no 'owning' group.") + +def add_resources_to_group(conn: db.DbConnection, + resources: tuple[Resource, ...], + group: Group): + """Link the resources to the admin group.""" + with db.cursor(conn) as cursor: + cursor.executemany( + "INSERT INTO resource_ownership VALUES(:group_id, :resource_id) " + "ON CONFLICT (group_id, resource_id) DO NOTHING", + tuple({ + "group_id": str(group.group_id), + "resource_id": str(rsc.resource_id) + } for rsc in resources)) diff --git a/gn_auth/auth/authorisation/resources/models.py b/gn_auth/auth/authorisation/resources/models.py index 15bb72f..d6e3a1d 100644 --- a/gn_auth/auth/authorisation/resources/models.py +++ b/gn_auth/auth/authorisation/resources/models.py @@ -54,13 +54,14 @@ def __assign_resource_owner_role__(cursor, resource, user, group): "role_id": role["role_id"]}) cursor.execute( - "INSERT INTO user_roles " - "VALUES (:user_id, :role_id, :resource_id)", - { - "user_id": str(user.user_id), - "role_id": role["role_id"], - "resource_id": str(resource.resource_id) - }) + "INSERT INTO user_roles " + "VALUES (:user_id, :role_id, :resource_id) " + "ON CONFLICT (user_id, role_id, resource_id) DO NOTHING", + { + "user_id": str(user.user_id), + "role_id": role["role_id"], + "resource_id": str(resource.resource_id) + }) @authorised_p(("group:resource:create-resource",), error_description="Insufficient privileges to create a resource", |