1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
"""
add privilege for gn-docs documentation editing
"""
import uuid
import contextlib
from yoyo import step
__depends__ = {'20260206_01_v3f4P-add-role-systemwide-data-curator'}
ROLE_NAME = 'systemwide-docs-editor'
def create_systemwide_docs_editor_role(conn):
"""Create a new 'systemwide-data-curator' role."""
with contextlib.closing(conn.cursor()) as cursor:
cursor.execute(
"INSERT INTO roles(role_id, role_name, user_editable) "
"VALUES (?, ?, 0)",
(str(uuid.uuid4()), ROLE_NAME))
def delete_systemwide_docs_editor_role(conn):
"""Create a new 'systemwide-data-curator' role."""
with contextlib.closing(conn.cursor()) as cursor:
cursor.execute("DELETE FROM roles WHERE role_name=?", (ROLE_NAME,))
def assign_edit_priv_to_docs_editor(conn):
with contextlib.closing(conn.cursor()) as cursor:
cursor.execute("SELECT role_id FROM roles WHERE role_name=?",
(ROLE_NAME,))
role_id = cursor.fetchone()[0]
cursor.execute(
"INSERT INTO role_privileges(role_id, privilege_id) "
"VALUES (?, ?)",
(role_id, "system:documentation:edit"))
def revoke_edit_priv_to_docs_editor(conn):
with contextlib.closing(conn.cursor()) as cursor:
cursor.execute("SELECT role_id FROM roles WHERE role_name=?",
(ROLE_NAME,))
role_id = cursor.fetchone()[0]
cursor.execute(
"DELETE FROM role_privileges WHERE role_id=? AND privilege_id=?",
(role_id, "system:documentation:edit"))
steps = [
step(
"""INSERT INTO privileges(privilege_id, privilege_description)
VALUES(
'system:documentation:edit',
'Allows the holder to edit documentation presented with the Genenetwork system.'
)""",
"DELETE FROM privileges WHERE privilege_id='system:documentation:edit'"),
step(create_systemwide_docs_editor_role, delete_systemwide_docs_editor_role),
step(assign_edit_priv_to_docs_editor, revoke_edit_priv_to_docs_editor)
]
|
