aboutsummaryrefslogtreecommitdiff
path: root/gn_auth/auth/authorisation
AgeCommit message (Collapse)Author
2023-09-26Add `public-view` role. Assign it to users.Frederick Muriuki Muriithi
Add a new `public-view` role to be assigned to all users on all resources that are defined as publicly viewable. Update code to make assign `public-view` role to a newly registered user for all publicly viewable roles. Update the code to assign/revoke the `public-view` role to/from users whenever the resource is toggled to and from being publicly viewable. Ensure that `public-view` is not revoked from system-administrators. Ensure that `public-view` is not revoked from the group administrators of the group that owns the resource.
2023-09-26Update fetching a single roleFrederick Muriuki Muriithi
2023-09-26Initialise package to handle resources of type "system".Frederick Muriuki Muriithi
2023-09-26Update /roles endpoint: rework code for new `user_roles` functionFrederick Muriuki Muriithi
The way the `gn_auth.auth.authorisation.roles.models.user_roles` function works has changed: this commit updates the code to take that into consideration and fix any errors.
2023-09-26Add System resource, and group resource(s) to list of user resourcesFrederick Muriuki Muriithi
* The system resource is public, and should be present for all users. * Each user that is a member of a group, should have their group show up in their list of resources. * Fix the SQL join: add an `ON ...` clause.
2023-09-26Update `user_roles`: Return roles for user by resource.Frederick Muriuki Muriithi
2023-09-26Move `groups` package under `resources` packageFrederick Muriuki Muriithi
With user groups being resources that users can act on (with the recent changes), this commit moves the `groups` module to under the `resources` module. It also renames the `*_resources.py` modules by dropping the `_resources` part since the code is under the `resources` module anyway.
2023-09-26Remove group from resource objectsFrederick Muriuki Muriithi
With the new schema, not all Resource objects are "owned" by a group. Those that are, are linked together through a different db table (`resource_ownership`). This commit removes the `Group` object from `Resource` objects and updates the `resource_ownership` where relevant.
2023-09-26Raise exception if no group for `resource_group`Frederick Muriuki Muriithi
Rather than using pymonad's Maybe monad and dealing with the complexity it introduces, raise an exception if there is no group found for the given resource.
2023-09-26Add `resource_group` function to retrieve the owning groupFrederick Muriuki Muriithi
Some resources are "owned" by specific user groups. This commit adds a way to retrieve those "owners" where relevant.
2023-09-26Extract resource-type-specific code into separate modulesFrederick Muriuki Muriithi
For easier maintenance, extract the code that relates to specific resource types/categories into separate modules, each dealing with a single resource type/category.
2023-09-26Extract basic resource types to a separate module.Frederick Muriuki Muriithi
2023-08-08Use relative imports to break circular import errorsFrederick Muriuki Muriithi
2023-08-08Fix issues caught by linterFrederick Muriuki Muriithi
* Add a .pylintrc to silence annoying messages * Fix imports * Add missing `parse_db_url` function * Add a new `gn_auth.auth.db.redis` module
2023-08-07Add missing modulesFrederick Muriuki Muriithi
Copy over missing modules and functions to completely disconnect gn-auth from GN3.
2023-08-07Change imports to new unified db module.Frederick Muriuki Muriithi
2023-08-07Update module name/pathFrederick Muriuki Muriithi
Change from gn3 to gn_auth
2023-08-04Initialise the application and update some module importsFrederick Muriuki Muriithi
2023-08-04Copy over files from GN3 repository.Frederick Muriuki Muriithi