feat: default org perm grant grants
This commit is contained in:
parent
d6c14655c0
commit
2c5edd1b0f
2 changed files with 39 additions and 1 deletions
|
|
@ -21,7 +21,7 @@ from typing import Annotated
|
||||||
from sqlalchemy.exc import IntegrityError
|
from sqlalchemy.exc import IntegrityError
|
||||||
from psycopg.errors import UniqueViolation
|
from psycopg.errors import UniqueViolation
|
||||||
|
|
||||||
from fastapi import APIRouter, status
|
from fastapi import APIRouter, status, BackgroundTasks
|
||||||
from fastapi.params import Query
|
from fastapi.params import Query
|
||||||
|
|
||||||
from src.contact.schemas import ContactModel
|
from src.contact.schemas import ContactModel
|
||||||
|
|
@ -36,6 +36,7 @@ from src.contact.exceptions import ContactNotFoundException
|
||||||
from src.database import db_dependency
|
from src.database import db_dependency
|
||||||
from src.iam.service import assign_default_user_group, assign_default_root_group
|
from src.iam.service import assign_default_user_group, assign_default_root_group
|
||||||
from src.organisation.schemas_questionnaires import QuestionnaireQuestionsVersion0
|
from src.organisation.schemas_questionnaires import QuestionnaireQuestionsVersion0
|
||||||
|
from src.organisation.service import add_default_org_permissions
|
||||||
from src.user.dependencies import (
|
from src.user.dependencies import (
|
||||||
user_model_body_dependency,
|
user_model_body_dependency,
|
||||||
user_model_claims_dependency,
|
user_model_claims_dependency,
|
||||||
|
|
@ -147,6 +148,7 @@ async def create_org(
|
||||||
db: db_dependency,
|
db: db_dependency,
|
||||||
user_model: user_model_claims_dependency,
|
user_model: user_model_claims_dependency,
|
||||||
request_model: OrgPostOrgRequest,
|
request_model: OrgPostOrgRequest,
|
||||||
|
background_tasks: BackgroundTasks,
|
||||||
):
|
):
|
||||||
"""
|
"""
|
||||||
Creates a new organisation with optional questionnaire (to be completed or submitted).
|
Creates a new organisation with optional questionnaire (to be completed or submitted).
|
||||||
|
|
@ -200,6 +202,7 @@ async def create_org(
|
||||||
db.flush()
|
db.flush()
|
||||||
org_model.__setattr__(contact_type, contact_model.id)
|
org_model.__setattr__(contact_type, contact_model.id)
|
||||||
response = OrgPostOrgResponse(**org_model.__dict__)
|
response = OrgPostOrgResponse(**org_model.__dict__)
|
||||||
|
background_tasks.add_task(add_default_org_permissions, db, org_model.id)
|
||||||
db.commit()
|
db.commit()
|
||||||
return response
|
return response
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,38 @@
|
||||||
"""
|
"""
|
||||||
Reusable business logic functions for the organisation module
|
Reusable business logic functions for the organisation module
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
from sqlalchemy.orm import Session
|
||||||
|
from src.organisation.models import Organisation as Org
|
||||||
|
from src.iam.models import Permission as Perm
|
||||||
|
|
||||||
|
|
||||||
|
async def add_default_org_permissions(
|
||||||
|
db: Session,
|
||||||
|
org_id: int,
|
||||||
|
):
|
||||||
|
default_org_permissions = [
|
||||||
|
1, # test_service res_one read
|
||||||
|
2, # test_service res_one create
|
||||||
|
10, # tor-bridge-service collector read
|
||||||
|
13, # tor-bridge-service samples read
|
||||||
|
]
|
||||||
|
|
||||||
|
org_model = db.get(Org, org_id)
|
||||||
|
if org_model is None:
|
||||||
|
print("Org not found while adding defaults")
|
||||||
|
return
|
||||||
|
|
||||||
|
for permission in default_org_permissions:
|
||||||
|
perm_model = db.get(Perm, permission)
|
||||||
|
|
||||||
|
if perm_model is None:
|
||||||
|
continue
|
||||||
|
|
||||||
|
if perm_model in org_model.permission_rel:
|
||||||
|
continue
|
||||||
|
|
||||||
|
org_model.permission_rel.append(perm_model)
|
||||||
|
db.flush()
|
||||||
|
|
||||||
|
db.commit()
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue