diff options
Diffstat (limited to 'gn_auth/auth/authorisation/roles')
-rw-r--r-- | gn_auth/auth/authorisation/roles/models.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/gn_auth/auth/authorisation/roles/models.py b/gn_auth/auth/authorisation/roles/models.py index b559bff..e740bfd 100644 --- a/gn_auth/auth/authorisation/roles/models.py +++ b/gn_auth/auth/authorisation/roles/models.py @@ -239,3 +239,14 @@ def role_by_id(conn: db.DbConnection, role_id: UUID) -> Optional[Role]: raise Exception("Data corruption: Expected a single role.") return _roles[0] + + +def delete_privilege_from_resource_role( + cursor: db.DbCursor, + role: Role, + privilege_id: str +): + """Delete a privilege from a resource role.""" + cursor.execute( + "DELETE FROM role_privileges WHERE role_id=? AND privilege_id=?", + (str(role.role_id), privilege.privilege_id)) |