On POST Workspace Layer/Map insert role name to DB

LayerManager · Nov 28, 2023 · 023716f · 023716f
1 parent a841702
commit 023716f
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -13,6 +13,7 @@
 - [#165](https://github.com/LayerManager/layman/issues/165) Add column `role_name` to table `rights` in prime DB schema. Add constraint that exactly one of columns `role_name` and `id_user` is not null.
 #### Data migrations
 ### Changes
+- [#165](https://github.com/LayerManager/layman/issues/165) POST Workspace [Layers](doc/rest.md#post-workspace-layers)/[Maps](doc/rest.md#post-workspace-maps) saves [role names](doc/models.md#role) mentioned in `access_rights.read` and `access_rights.write` parameters into DB.
 - All changes from [v1.22.1](#v1221) and [v1.22.2](#v1222).
 - [#960](https://github.com/LayerManager/layman/issues/960) Handle WMS requests with HTTP error more efficiently in timgen.
 - [#962](https://github.com/LayerManager/layman/issues/962) Make values of `layman_metadata.publication_status` and `status` key(s) more consistent in responses of PATCH Workspace [Layer](doc/rest.md#patch-workspace-layer)/[Map](doc/rest.md#patch-workspace-map) and GET Workspace [Layer](doc/rest.md#get-workspace-layer)/[Map](doc/rest.md#get-workspace-map).

diff --git a/src/layman/common/prime_db_schema/publications.py b/src/layman/common/prime_db_schema/publications.py
@@ -474,13 +474,15 @@ def insert_publication(workspace_name, info):
             )
     pub_id = db_util.run_query(insert_publications_sql, data)[0][0]
 
-    read_users = get_user_and_role_names_for_db(info['access_rights']['read'], workspace_name)[0]
-    write_users = get_user_and_role_names_for_db(info['access_rights']['write'], workspace_name)[0]
+    read_users, read_roles = get_user_and_role_names_for_db(info['access_rights']['read'], workspace_name)
+    write_users, write_roles = get_user_and_role_names_for_db(info['access_rights']['write'], workspace_name)
     rights.insert_rights(pub_id,
                          read_users,
+                         read_roles,
                          'read')
     rights.insert_rights(pub_id,
                          write_users,
+                         write_roles,
                          'write')
     return pub_id
 
@@ -553,7 +555,7 @@ def update_publication(workspace_name, info):
     pub_id = db_util.run_query(update_publications_sql, data)[0][0]
 
     for right_type in right_type_list:
-        rights.insert_rights(pub_id, access_rights_changes[right_type]['add'], right_type)
+        rights.insert_rights(pub_id, access_rights_changes[right_type]['add'], set(), right_type)
         rights.remove_rights(pub_id, access_rights_changes[right_type]['remove'], right_type)
 
     return pub_id

diff --git a/src/layman/common/prime_db_schema/rights.py b/src/layman/common/prime_db_schema/rights.py
@@ -9,6 +9,7 @@
 
 def insert_rights(id_publication,
                   users,
+                  roles,
                   type,
                   ):
     sql = f'''insert into {DB_SCHEMA}.rights (id_user, id_publication, type)
@@ -25,6 +26,15 @@ def insert_rights(id_publication,
                                 type,
                                 username,
                                 ))
+    sql = f'''insert into {DB_SCHEMA}.rights (role_name, id_publication, type)
+        values (%s, %s, %s)
+returning id
+;'''
+    for role_name in roles:
+        db_util.run_query(sql, (role_name,
+                                id_publication,
+                                type,
+                                ))
 
 
 def delete_rights_for_publication(id_publication):