From 24a66e814fabcce19d2bf6fb48186f5bc86fff38 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Thu, 23 Nov 2023 07:22:09 +0300
Subject: Scripts: Update script for newer db schema

The schema changed a while back, and the script that is used to make
all existing data public needs to be updated for the new schema. This
commit does exactly that.
---
 gn_auth/auth/authorisation/resources/groups/models.py | 13 +++++++++++++
 gn_auth/auth/authorisation/resources/models.py        | 15 ++++++++-------
 2 files changed, 21 insertions(+), 7 deletions(-)

(limited to 'gn_auth/auth/authorisation')

diff --git a/gn_auth/auth/authorisation/resources/groups/models.py b/gn_auth/auth/authorisation/resources/groups/models.py
index 5ec26c5..959389c 100644
--- a/gn_auth/auth/authorisation/resources/groups/models.py
+++ b/gn_auth/auth/authorisation/resources/groups/models.py
@@ -451,3 +451,16 @@ def resource_owner(conn: db.DbConnection, resource: Resource) -> Group:
                 json.loads(row["group_metadata"]))
 
     raise MissingGroupError("Resource has no 'owning' group.")
+
+def add_resources_to_group(conn: db.DbConnection,
+                           resources: tuple[Resource, ...],
+                           group: Group):
+    """Link the resources to the admin group."""
+    with db.cursor(conn) as cursor:
+        cursor.executemany(
+            "INSERT INTO resource_ownership VALUES(:group_id, :resource_id) "
+            "ON CONFLICT (group_id, resource_id) DO NOTHING",
+            tuple({
+                "group_id": str(group.group_id),
+                "resource_id": str(rsc.resource_id)
+            } for rsc in resources))
diff --git a/gn_auth/auth/authorisation/resources/models.py b/gn_auth/auth/authorisation/resources/models.py
index 15bb72f..d6e3a1d 100644
--- a/gn_auth/auth/authorisation/resources/models.py
+++ b/gn_auth/auth/authorisation/resources/models.py
@@ -54,13 +54,14 @@ def __assign_resource_owner_role__(cursor, resource, user, group):
              "role_id": role["role_id"]})
 
     cursor.execute(
-            "INSERT INTO user_roles "
-            "VALUES (:user_id, :role_id, :resource_id)",
-            {
-                "user_id": str(user.user_id),
-                "role_id": role["role_id"],
-                "resource_id": str(resource.resource_id)
-            })
+        "INSERT INTO user_roles "
+        "VALUES (:user_id, :role_id, :resource_id) "
+        "ON CONFLICT (user_id, role_id, resource_id) DO NOTHING",
+        {
+            "user_id": str(user.user_id),
+            "role_id": role["role_id"],
+            "resource_id": str(resource.resource_id)
+        })
 
 @authorised_p(("group:resource:create-resource",),
               error_description="Insufficient privileges to create a resource",
-- 
cgit v1.2.3