From 24a66e814fabcce19d2bf6fb48186f5bc86fff38 Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Thu, 23 Nov 2023 07:22:09 +0300 Subject: Scripts: Update script for newer db schema The schema changed a while back, and the script that is used to make all existing data public needs to be updated for the new schema. This commit does exactly that. --- gn_auth/auth/authorisation/resources/groups/models.py | 13 +++++++++++++ gn_auth/auth/authorisation/resources/models.py | 15 ++++++++------- 2 files changed, 21 insertions(+), 7 deletions(-) (limited to 'gn_auth') diff --git a/gn_auth/auth/authorisation/resources/groups/models.py b/gn_auth/auth/authorisation/resources/groups/models.py index 5ec26c5..959389c 100644 --- a/gn_auth/auth/authorisation/resources/groups/models.py +++ b/gn_auth/auth/authorisation/resources/groups/models.py @@ -451,3 +451,16 @@ def resource_owner(conn: db.DbConnection, resource: Resource) -> Group: json.loads(row["group_metadata"])) raise MissingGroupError("Resource has no 'owning' group.") + +def add_resources_to_group(conn: db.DbConnection, + resources: tuple[Resource, ...], + group: Group): + """Link the resources to the admin group.""" + with db.cursor(conn) as cursor: + cursor.executemany( + "INSERT INTO resource_ownership VALUES(:group_id, :resource_id) " + "ON CONFLICT (group_id, resource_id) DO NOTHING", + tuple({ + "group_id": str(group.group_id), + "resource_id": str(rsc.resource_id) + } for rsc in resources)) diff --git a/gn_auth/auth/authorisation/resources/models.py b/gn_auth/auth/authorisation/resources/models.py index 15bb72f..d6e3a1d 100644 --- a/gn_auth/auth/authorisation/resources/models.py +++ b/gn_auth/auth/authorisation/resources/models.py @@ -54,13 +54,14 @@ def __assign_resource_owner_role__(cursor, resource, user, group): "role_id": role["role_id"]}) cursor.execute( - "INSERT INTO user_roles " - "VALUES (:user_id, :role_id, :resource_id)", - { - "user_id": str(user.user_id), - "role_id": role["role_id"], - "resource_id": str(resource.resource_id) - }) + "INSERT INTO user_roles " + "VALUES (:user_id, :role_id, :resource_id) " + "ON CONFLICT (user_id, role_id, resource_id) DO NOTHING", + { + "user_id": str(user.user_id), + "role_id": role["role_id"], + "resource_id": str(resource.resource_id) + }) @authorised_p(("group:resource:create-resource",), error_description="Insufficient privileges to create a resource", -- cgit v1.2.3