about summary refs log tree commit diff
path: root/gn_auth
AgeCommit message (Collapse)Author
2026-02-10Check only for the base URL and path.Frederick Muriuki Muriithi
To allow the client to pass flags to the redirect_uri that the authorisation server has no interest in, check that only the "base" url (protocol, hostname/netlog and path) are registered, ignoring any query and fragment parameters.
2026-02-10Bug: Fix import path.Frederick Muriuki Muriithi
2026-02-10Setup correct flash message classes.Frederick Muriuki Muriithi
2026-02-10Authorisation Check: New function to check user has edit access.Frederick Muriuki Muriithi
2026-02-10Authorisation Check: New function to check user has view access.Frederick Muriuki Muriithi
2026-02-10Use Auth function that checks for delete access.Frederick Muriuki Muriithi
2026-02-10Authorisation Check: New function to check user has delete access.Frederick Muriuki Muriithi
2026-02-06Use AuthorisationError to indicate error condition.Frederick Muriuki Muriithi
2026-02-06Replace hard-coded email check with check against privilegesFrederick Muriuki Muriithi
Fix the check: rather than using a hard-coded email to check for authorisation, we instead check against the privileges the user has on the resource, or whether they have global privileges allowing them to act on any data.
2026-02-06Fetch a single resource ID: delete data from one resource at a time.Frederick Muriuki Muriithi
2026-01-30Add placeholder check for privilegesFrederick Muriuki Muriithi
For now, only one user is allowed to delete data from Genenetwork. To get the code online as quickly as possible, in order to test out the system, I have elected to do a quick and dirty check that prevents everyone except @acenteno from being able to delete data from the system. To fix this, I'll need to actually implement (a) new role(s) to grant certain users special permissions on **ALL** the data in the system regardless of who owns it.
2026-01-27Leave notes for tasks that need doing.Frederick Muriuki Muriithi
2026-01-27Proof-of-concept: Delete linked phenotype data.Frederick Muriuki Muriithi
2026-01-27Simplify relative import.Frederick Muriuki Muriithi
2025-12-29`system_resource(...)` function takes either connection or cursorFrederick Muriuki Muriithi
Refactor to allow the `gn_auth.auth.authorisation.resources.system.models.system_resource` function to take either a database connection or cursor and use that to retrieve the "system resource".
2025-12-29`create_resource(...)` function takes either connection or cursorFrederick Muriuki Muriithi
Refactor to allow the `gn_auth.auth.authorisation.resources.models.create_resource` function to take either a database connection or cursor to perform its tasks.
2025-12-15Fix issues caught by mypy.Frederick Muriuki Muriithi
2025-12-03Improve error messaging.Frederick Muriuki Muriithi
2025-12-03Add endpoint for getting user details, given user IDzsloan
2025-07-31Clean up data on group deletion.Frederick Muriuki Muriithi
2025-07-31Re-grant access to sysadmin, in case they're removed as group memberFrederick Muriuki Muriithi
2025-07-31Revoke roles a user has on group when they are removed as a member.Frederick Muriuki Muriithi
2025-07-31Check for data inconsistency.Frederick Muriuki Muriithi
2025-07-31Prevent error in case sysadmin user already has accessFrederick Muriuki Muriithi
In case any sysadmin user has access to the resource, we do not want the query failing for other sysadmins.
2025-07-31Grant sysadmins access to user group when its created.Frederick Muriuki Muriithi
2025-07-31Add type-hinting to the top-level exception handler.Frederick Muriuki Muriithi
2025-07-31Set HTTP response code from the exception if present.Frederick Muriuki Muriithi
2025-07-31Delete a group.Frederick Muriuki Muriithi
2025-07-31Break circular dependency - move utility function to module of use.Frederick Muriuki Muriithi
2025-07-31Add function to retrieve inbredset-group data.Frederick Muriuki Muriithi
2025-07-31Fix query to remove user from group.Frederick Muriuki Muriithi
2025-07-30Provide endpoint to remove a group member.Frederick Muriuki Muriithi
2025-07-30Fix linting errors and typos.Frederick Muriuki Muriithi
2025-07-30Call the correct function.Frederick Muriuki Muriithi
2025-07-30Type-Check fix: Function does not return anything.Frederick Muriuki Muriithi
2025-07-30Use provided functions to add warnings filters.Frederick Muriuki Muriithi
2025-07-30Remove a user from a group as a member.Frederick Muriuki Muriithi
2025-07-30Fetch resource object that wraps the group for authorisationsFrederick Muriuki Muriithi
2025-07-30Don't allow user to create a group when they are a member of anotherFrederick Muriuki Muriithi
When user is made a member of a group, we revoke their ability to create a new group.
2025-07-30Implement revocation of `system-administrator` role.Frederick Muriuki Muriithi
2025-07-30Grant user `system-administrator` role on all resourcesFrederick Muriuki Muriithi
During promotion of a user to system admin, grant the user `system-administrator` role on all resources in the system.
2025-07-30Add global configurations for warnings filters.Frederick Muriuki Muriithi
2025-07-30Rename function, retaining some backwards compatibility.Frederick Muriuki Muriithi
2025-07-30Function to fetch the `system-administrator` role details from db.Frederick Muriuki Muriithi
2025-07-29Fix issues caught by the type-checker.Frederick Muriuki Muriithi
2025-07-29Fix issues caught by code-linter.Frederick Muriuki Muriithi
2025-07-29Actually delete a resource.Frederick Muriuki Muriithi
2025-07-29Grant sysadmins access to the resource when created.Frederick Muriuki Muriithi
2025-07-29Add function to delete a resource.Frederick Muriuki Muriithi
2025-07-29Add new route for consistency.Frederick Muriuki Muriithi
generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-03-26 09:29:09 +0000