blob: b956befe57b6a3617d0642abb538412ef18052f6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
"""
Add 'system:user:edit' privilege to 'system-admin' role.
"""
import contextlib
from yoyo import step
__depends__ = {'20250722_01_7Gro7-create-new-system-user-edit-privilege'}
def system_administrator_role_id(cursor):
"""Fetch ID for role 'system-administrator'."""
cursor.execute(
"SELECT role_id FROM roles WHERE role_name='system-administrator'")
return cursor.fetchone()[0]
def add_system_user_edit_privilege(conn):
"""Add the 'system:user:edit' to the 'system-administrator' role."""
with contextlib.closing(conn.cursor()) as cursor:
cursor.execute(
"INSERT INTO role_privileges(role_id, privilege_id) "
"VALUES(?, ?)",
(system_administrator_role_id(cursor), 'system:user:edit'))
def remove_system_user_edit_privilege(conn):
"""Remove the 'system:user:edit' from the 'system-administrator' role."""
with contextlib.closing(conn.cursor()) as cursor:
cursor.execute(
"DELETE FROM role_privileges WHERE role_id=? AND privilege_id=?",
(system_administrator_role_id(cursor), 'system:user:edit'))
steps = [
step(add_system_user_edit_privilege, remove_system_user_edit_privilege)
]
|
