feat: default org perm grant grants
This commit is contained in:
parent
d6c14655c0
commit
2c5edd1b0f
2 changed files with 39 additions and 1 deletions
|
|
@ -21,7 +21,7 @@ from typing import Annotated
|
|||
from sqlalchemy.exc import IntegrityError
|
||||
from psycopg.errors import UniqueViolation
|
||||
|
||||
from fastapi import APIRouter, status
|
||||
from fastapi import APIRouter, status, BackgroundTasks
|
||||
from fastapi.params import Query
|
||||
|
||||
from src.contact.schemas import ContactModel
|
||||
|
|
@ -36,6 +36,7 @@ from src.contact.exceptions import ContactNotFoundException
|
|||
from src.database import db_dependency
|
||||
from src.iam.service import assign_default_user_group, assign_default_root_group
|
||||
from src.organisation.schemas_questionnaires import QuestionnaireQuestionsVersion0
|
||||
from src.organisation.service import add_default_org_permissions
|
||||
from src.user.dependencies import (
|
||||
user_model_body_dependency,
|
||||
user_model_claims_dependency,
|
||||
|
|
@ -147,6 +148,7 @@ async def create_org(
|
|||
db: db_dependency,
|
||||
user_model: user_model_claims_dependency,
|
||||
request_model: OrgPostOrgRequest,
|
||||
background_tasks: BackgroundTasks,
|
||||
):
|
||||
"""
|
||||
Creates a new organisation with optional questionnaire (to be completed or submitted).
|
||||
|
|
@ -200,6 +202,7 @@ async def create_org(
|
|||
db.flush()
|
||||
org_model.__setattr__(contact_type, contact_model.id)
|
||||
response = OrgPostOrgResponse(**org_model.__dict__)
|
||||
background_tasks.add_task(add_default_org_permissions, db, org_model.id)
|
||||
db.commit()
|
||||
return response
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +1,38 @@
|
|||
"""
|
||||
Reusable business logic functions for the organisation module
|
||||
"""
|
||||
|
||||
from sqlalchemy.orm import Session
|
||||
from src.organisation.models import Organisation as Org
|
||||
from src.iam.models import Permission as Perm
|
||||
|
||||
|
||||
async def add_default_org_permissions(
|
||||
db: Session,
|
||||
org_id: int,
|
||||
):
|
||||
default_org_permissions = [
|
||||
1, # test_service res_one read
|
||||
2, # test_service res_one create
|
||||
10, # tor-bridge-service collector read
|
||||
13, # tor-bridge-service samples read
|
||||
]
|
||||
|
||||
org_model = db.get(Org, org_id)
|
||||
if org_model is None:
|
||||
print("Org not found while adding defaults")
|
||||
return
|
||||
|
||||
for permission in default_org_permissions:
|
||||
perm_model = db.get(Perm, permission)
|
||||
|
||||
if perm_model is None:
|
||||
continue
|
||||
|
||||
if perm_model in org_model.permission_rel:
|
||||
continue
|
||||
|
||||
org_model.permission_rel.append(perm_model)
|
||||
db.flush()
|
||||
|
||||
db.commit()
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue