1 files changed, 50 insertions, 72 deletions

diff --git a/gn_auth/auth/authorisation/resources/models.py b/gn_auth/auth/authorisation/resources/models.py
index 94e817d..8d3cfc3 100644
--- a/gn_auth/auth/authorisation/resources/models.py
+++ b/gn_auth/auth/authorisation/resources/models.py
@@ -16,78 +16,59 @@ from gn_auth.auth.authorisation.checks import authorised_p
 from gn_auth.auth.errors import NotFoundError, AuthorisationError
 
 from .checks import authorised_for
-from .base import Resource, ResourceCategory
-from .groups.models import Group, GroupRole, user_group, is_group_leader
+from .base import Resource, ResourceCategory, resource_from_dbrow
+from .common import assign_resource_owner_role
+from .groups.models import Group, is_group_leader
 from .mrna import (
     resource_data as mrna_resource_data,
     attach_resources_data as mrna_attach_resources_data,
     link_data_to_resource as mrna_link_data_to_resource,
     unlink_data_from_resource as mrna_unlink_data_from_resource)
-from .genotype import (
+from .genotypes.models import (
     resource_data as genotype_resource_data,
     attach_resources_data as genotype_attach_resources_data,
     link_data_to_resource as genotype_link_data_to_resource,
     unlink_data_from_resource as genotype_unlink_data_from_resource)
-from .phenotype import (
+from .phenotypes.models import (
     resource_data as phenotype_resource_data,
     attach_resources_data as phenotype_attach_resources_data,
     link_data_to_resource as phenotype_link_data_to_resource,
     unlink_data_from_resource as phenotype_unlink_data_from_resource)
 
-from .errors import MissingGroupError
-
-def __assign_resource_owner_role__(cursor, resource, user):
-    """Assign `user` the 'Resource Owner' role for `resource`."""
-    cursor.execute("SELECT * FROM roles WHERE role_name='resource-owner'")
-    role = cursor.fetchone()
-    cursor.execute(
-        "INSERT INTO user_roles "
-        "VALUES (:user_id, :role_id, :resource_id) "
-        "ON CONFLICT (user_id, role_id, resource_id) DO NOTHING",
-        {
-            "user_id": str(user.user_id),
-            "role_id": role["role_id"],
-            "resource_id": str(resource.resource_id)
-        })
-
-
-def resource_from_dbrow(row: sqlite3.Row):
-    """Convert an SQLite3 resultset row into a resource."""
-    return Resource(
-        resource_id=UUID(row["resource_id"]),
-        resource_name=row["resource_name"],
-        resource_category=ResourceCategory(
-            UUID(row["resource_category_id"]),
-            row["resource_category_key"],
-            row["resource_category_description"]),
-        public=bool(int(row["public"])))
-
 
 @authorised_p(("group:resource:create-resource",),
               error_description="Insufficient privileges to create a resource",
               oauth2_scope="profile resource")
-def create_resource(
-        conn: db.DbConnection, resource_name: str,
-        resource_category: ResourceCategory, user: User,
-        public: bool) -> Resource:
+def create_resource(# pylint: disable=[too-many-arguments]
+        cursor: sqlite3.Cursor,
+        resource_name: str,
+        resource_category: ResourceCategory,
+        user: User,
+        group: Group,
+        public: bool
+) -> Resource:
     """Create a resource item."""
-    with db.cursor(conn) as cursor:
-        group = user_group(conn, user).maybe(
-            False, lambda grp: grp)# type: ignore[misc, arg-type]
-        if not group:
-            raise MissingGroupError(# Not all resources require an owner group
-                "User with no group cannot create a resource.")
-        resource = Resource(uuid4(), resource_name, resource_category, public)
-        cursor.execute(
-            "INSERT INTO resources VALUES (?, ?, ?, ?)",
-            (str(resource.resource_id),
-             resource_name,
-             str(resource.resource_category.resource_category_id),
-             1 if resource.public else 0))
-        cursor.execute("INSERT INTO resource_ownership (group_id, resource_id) "
-                       "VALUES (?, ?)",
-                       (str(group.group_id), str(resource.resource_id)))
-        __assign_resource_owner_role__(cursor, resource, user)
+    resource = Resource(uuid4(), resource_name, resource_category, public)
+    cursor.execute(
+        "INSERT INTO resources VALUES (?, ?, ?, ?)",
+        (str(resource.resource_id),
+         resource_name,
+         str(resource.resource_category.resource_category_id),
+         1 if resource.public else 0))
+    # TODO: @fredmanglis,@rookie101
+    # 1. Move the actions below into a (the?) hooks system
+    # 2. Do more checks: A resource can have varying hooks depending on type
+    #    e.g. if mRNA, pheno or geno resource, assign:
+    #           - "resource-owner"
+    #         if inbredset-group, assign:
+    #           - "resource-owner",
+    #           - "inbredset-group-owner" etc.
+    #         if resource is of type "group", assign:
+    #           - group-leader
+    cursor.execute("INSERT INTO resource_ownership (group_id, resource_id) "
+                   "VALUES (?, ?)",
+                   (str(group.group_id), str(resource.resource_id)))
+    assign_resource_owner_role(cursor, resource.resource_id, user.user_id)
 
     return resource
 
@@ -293,13 +274,13 @@ def attach_resources_data(
              for category, rscs in organised.items())
             for resource in categories)
 
-@authorised_p(
-    ("group:user:assign-role",),
-    "You cannot assign roles to users for this group.",
-    oauth2_scope="profile group role resource")
+
 def assign_resource_user(
-        conn: db.DbConnection, resource: Resource, user: User,
-        role: GroupRole) -> dict:
+        conn: db.DbConnection,
+        resource: Resource,
+        user: User,
+        role: Role
+) -> dict:
     """Assign `role` to `user` for the specific `resource`."""
     with db.cursor(conn) as cursor:
         cursor.execute(
@@ -307,39 +288,36 @@ def assign_resource_user(
             "VALUES (?, ?, ?) "
             "ON CONFLICT (user_id, role_id, resource_id) "
             "DO NOTHING",
-            (str(user.user_id), str(role.role.role_id),
-             str(resource.resource_id)))
+            (str(user.user_id), str(role.role_id), str(resource.resource_id)))
         return {
             "resource": asdict(resource),
             "user": asdict(user),
             "role": asdict(role),
             "description": (
                 f"The user '{user.name}'({user.email}) was assigned the "
-                f"'{role.role.role_name}' role on resource with ID "
+                f"'{role.role_name}' role on resource with ID "
                 f"'{resource.resource_id}'.")}
 
-@authorised_p(
-    ("group:user:assign-role",),
-    "You cannot assign roles to users for this group.",
-    oauth2_scope="profile group role resource")
+
 def unassign_resource_user(
-        conn: db.DbConnection, resource: Resource, user: User,
-        role: GroupRole) -> dict:
+        conn: db.DbConnection,
+        resource: Resource,
+        user: User,
+        role: Role
+) -> dict:
     """Assign `role` to `user` for the specific `resource`."""
     with db.cursor(conn) as cursor:
         cursor.execute(
             "DELETE FROM user_roles "
             "WHERE user_id=? AND role_id=? AND resource_id=?",
-            (str(user.user_id),
-             str(role.role.role_id),
-             str(resource.resource_id)))
+            (str(user.user_id), str(role.role_id), str(resource.resource_id)))
         return {
             "resource": asdict(resource),
             "user": asdict(user),
             "role": asdict(role),
             "description": (
                 f"The user '{user.name}'({user.email}) had the "
-                f"'{role.role.role_name}' role on resource with ID "
+                f"'{role.role_name}' role on resource with ID "
                 f"'{resource.resource_id}' taken away.")}
 
 def save_resource(