""" add privilege for gn-docs documentation editing """ import uuid import contextlib from yoyo import step __depends__ = {'20260206_01_v3f4P-add-role-systemwide-data-curator'} ROLE_NAME = 'systemwide-docs-editor' def create_systemwide_docs_editor_role(conn): """Create a new 'systemwide-data-curator' role.""" with contextlib.closing(conn.cursor()) as cursor: cursor.execute( "INSERT INTO roles(role_id, role_name, user_editable) " "VALUES (?, ?, 0)", (str(uuid.uuid4()), ROLE_NAME)) def delete_systemwide_docs_editor_role(conn): """Create a new 'systemwide-data-curator' role.""" with contextlib.closing(conn.cursor()) as cursor: cursor.execute("DELETE FROM roles WHERE role_name=?", (ROLE_NAME,)) def assign_edit_priv_to_docs_editor(conn): with contextlib.closing(conn.cursor()) as cursor: cursor.execute("SELECT role_id FROM roles WHERE role_name=?", (ROLE_NAME,)) role_id = cursor.fetchone()[0] cursor.execute( "INSERT INTO role_privileges(role_id, privilege_id) " "VALUES (?, ?)", (role_id, "system:documentation:edit")) def revoke_edit_priv_to_docs_editor(conn): with contextlib.closing(conn.cursor()) as cursor: cursor.execute("SELECT role_id FROM roles WHERE role_name=?", (ROLE_NAME,)) role_id = cursor.fetchone()[0] cursor.execute( "DELETE FROM role_privileges WHERE role_id=? AND privilege_id=?", (role_id, "system:documentation:edit")) steps = [ step( """INSERT INTO privileges(privilege_id, privilege_description) VALUES( 'system:documentation:edit', 'Allows the holder to edit documentation presented with the Genenetwork system.' )""", "DELETE FROM privileges WHERE privilege_id='system:documentation:edit'"), step(create_systemwide_docs_editor_role, delete_systemwide_docs_editor_role), step(assign_edit_priv_to_docs_editor, revoke_edit_priv_to_docs_editor) ]