From 4e0fe0e12ab01d9cdbaf2d7a53a4f4ac8f6feb91 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Wed, 15 Apr 2026 15:00:53 -0500
Subject: Do not grant sysadmins direct access at resource creation.

---
 gn_auth/auth/authorisation/resources/models.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'gn_auth/auth/authorisation/resources/models.py')

diff --git a/gn_auth/auth/authorisation/resources/models.py b/gn_auth/auth/authorisation/resources/models.py
index 8c9abc7..b42e879 100644
--- a/gn_auth/auth/authorisation/resources/models.py
+++ b/gn_auth/auth/authorisation/resources/models.py
@@ -17,9 +17,9 @@ from gn_auth.auth.authorisation.checks import authorised_p
 from gn_auth.auth.errors import NotFoundError, AuthorisationError
 
 from .system.models import system_resource
+from .common import assign_resource_owner_role
 from .checks import can_edit, authorised_for_spec
 from .base import Resource, ResourceCategory, resource_from_dbrow
-from .common import assign_resource_owner_role, grant_access_to_sysadmins
 from .groups.models import Group, is_group_leader
 from .inbredset.models import resource_data as inbredset_resource_data
 from .mrna import (
@@ -79,8 +79,6 @@ def create_resource(# pylint: disable=[too-many-arguments, too-many-positional-a
                        "VALUES (?, ?)",
                        (str(group.group_id), str(resource.resource_id)))
         assign_resource_owner_role(cursor, resource.resource_id, user.user_id)
-        grant_access_to_sysadmins(
-            cursor, resource.resource_id, system_resource(conn).resource_id)
 
         return resource
 
-- 
cgit 1.4.1