From ccd4ee5405f6a302283bac80dee15919dd3c6ffe Mon Sep 17 00:00:00 2001 From: Munyoki Kilyungi Date: Thu, 21 Mar 2024 10:10:46 +0300 Subject: Add extra endpoint to get user authorisation given a resource name. * gn_auth/auth/authorisation/resources/models.py (user_roles_on_resources): New function. * gn_auth/auth/authorisation/resources/views.py (resources_authorisation): New endpoint. Signed-off-by: Munyoki Kilyungi --- gn_auth/auth/authorisation/resources/views.py | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) (limited to 'gn_auth/auth/authorisation/resources/views.py') diff --git a/gn_auth/auth/authorisation/resources/views.py b/gn_auth/auth/authorisation/resources/views.py index 13d9bdf..8034110 100644 --- a/gn_auth/auth/authorisation/resources/views.py +++ b/gn_auth/auth/authorisation/resources/views.py @@ -23,7 +23,8 @@ from .models import ( Resource, resource_data, resource_by_id, public_resources, resource_categories, assign_resource_user, link_data_to_resource, unassign_resource_user, resource_category_by_id, user_roles_on_resources, - unlink_data_from_resource, create_resource as _create_resource) + unlink_data_from_resource, create_resource as _create_resource, + get_resource_id) from .groups.models import Group, resource_owner, group_role_by_id resources = Blueprint("resources", __name__) @@ -372,3 +373,24 @@ def resources_authorisation(): resp.status_code = 400 return resp + + +@resources.route("/authorisation/", methods=["GET"]) +def get_user_roles_on_resource(name) -> Response: + """Get user authorisation for a given resource given it's name""" + resid = with_db_connection( + lambda conn: get_resource_id(conn, name) + ) + with require_oauth.acquire("profile resource") as _token: + _resources = with_db_connection( + lambda conn: user_roles_on_resources( + conn, _token.user, (resid,) + ) + ) + return jsonify({ + name: { + "roles": tuple( + asdict(rol) for rol in + _resources.get(resid, {}).get("roles", tuple())) + } + }) -- cgit v1.2.3