diff options
Diffstat (limited to 'gn_auth/auth/authorisation/groups')
-rw-r--r-- | gn_auth/auth/authorisation/groups/models.py | 39 |
1 files changed, 36 insertions, 3 deletions
diff --git a/gn_auth/auth/authorisation/groups/models.py b/gn_auth/auth/authorisation/groups/models.py index 6a39681..c40adbd 100644 --- a/gn_auth/auth/authorisation/groups/models.py +++ b/gn_auth/auth/authorisation/groups/models.py @@ -89,6 +89,19 @@ def create_group( conn: db.DbConnection, group_name: str, group_leader: User, group_description: Optional[str] = None) -> Group: """Create a new group.""" + def resource_category_by_key( + cursor: db.DbCursor, category_key: str): + """Retrieve a resource category by its key.""" + cursor.execute( + "SELECT * FROM resource_categories WHERE " + "resource_category_key=?", + (category_key,)) + results = cursor.fetchone() + if results: + return dict(results) + raise NotFoundError( + f"Could not find a ResourceCategory with key '{category_key}'") + user_groups = user_membership(conn, group_leader) if len(user_groups) > 0: raise MembershipError(group_leader, user_groups) @@ -98,9 +111,29 @@ def create_group( cursor, group_name,( {"group_description": group_description} if group_description else {})) + group_resource = { + "group_id": str(new_group.group_id), + "resource_id": str(uuid4()), + "resource_name": group_name, + "resource_category_id": str( + resource_category_by_key(cursor, "group")["resource_category_id"]), + "public": 0 + } + cursor.execute( + "INSERT INTO resources VALUES " + "(:resource_id, :resource_name, :resource_category_id, :public)", + group_resource) + cursor.execute( + "INSERT INTO group_resources(resource_id, group_id) " + "VALUES(:resource_id, :group_id)", + group_resource) add_user_to_group(cursor, new_group, group_leader) revoke_user_role_by_name(cursor, group_leader, "group-creator") - assign_user_role_by_name(cursor, group_leader, "group-leader") + assign_user_role_by_name( + cursor, + group_leader, + UUID(str(group_resource["resource_id"])), + "group-leader") return new_group @authorised_p(("group:role:create-role",), @@ -208,8 +241,8 @@ def save_group( "VALUES(:group_id, :group_name, :group_metadata) " "ON CONFLICT (group_id) DO UPDATE SET " "group_name=:group_name, group_metadata=:group_metadata"), - {"group_id": str(the_group.group_id), "group_name": the_group.group_name, - "group_metadata": json.dumps(the_group.group_metadata)}) + {"group_id": str(the_group.group_id), "group_name": the_group.group_name, + "group_metadata": json.dumps(the_group.group_metadata)}) return the_group def add_user_to_group(cursor: db.DbCursor, the_group: Group, user: User): |