feat: default org perm grant grants

2026-06-17 09:32:12 +01:00 · 2026-06-17 09:32:12 +01:00 · 2c5edd1b0f
commit 2c5edd1b0f
parent d6c14655c0
2 changed files with 39 additions and 1 deletions
--- a/src/organisation/service.py
+++ b/src/organisation/service.py
@ -1,3 +1,38 @@
 """
 Reusable business logic functions for the organisation module
 """
+
+from sqlalchemy.orm import Session
+from src.organisation.models import Organisation as Org
+from src.iam.models import Permission as Perm
+
+
+async def add_default_org_permissions(
+	db: Session,
+	org_id: int,
+):
+	default_org_permissions = [
+		1,  # test_service res_one read
+		2,  # test_service res_one create
+		10,  # tor-bridge-service collector read
+		13,  # tor-bridge-service samples read
+	]
+
+	org_model = db.get(Org, org_id)
+	if org_model is None:
+		print("Org not found while adding defaults")
+		return
+
+	for permission in default_org_permissions:
+		perm_model = db.get(Perm, permission)
+
+		if perm_model is None:
+			continue
+
+		if perm_model in org_model.permission_rel:
+			continue
+
+		org_model.permission_rel.append(perm_model)
+		db.flush()
+
+	db.commit()