From b8ba436dba2a17d17ab166ac6916a7f3d4758869 Mon Sep 17 00:00:00 2001 From: Igor Ilic Date: Fri, 13 Dec 2024 12:37:01 +0100 Subject: [PATCH] fix: Resolve issue with adding permissions to groups Resolve issue with adding permissions to groups Fix COG-656 --- .../routers/get_permissions_router.py | 22 +++++++++++-------- .../modules/users/models/GroupPermission.py | 11 ++++++++++ cognee/modules/users/models/__init__.py | 1 + 3 files changed, 25 insertions(+), 9 deletions(-) create mode 100644 cognee/modules/users/models/GroupPermission.py diff --git a/cognee/api/v1/permissions/routers/get_permissions_router.py b/cognee/api/v1/permissions/routers/get_permissions_router.py index 77ae5e4e6..2999b8a27 100644 --- a/cognee/api/v1/permissions/routers/get_permissions_router.py +++ b/cognee/api/v1/permissions/routers/get_permissions_router.py @@ -6,27 +6,32 @@ from sqlalchemy import insert from cognee.modules.users.exceptions import UserNotFoundError, GroupNotFoundError from cognee.modules.users import get_user_db -from cognee.modules.users.models import User, Group, Permission, UserGroup +from cognee.modules.users.models import User, Group, Permission, UserGroup, GroupPermission def get_permissions_router() -> APIRouter: permissions_router = APIRouter() @permissions_router.post("/groups/{group_id}/permissions") async def give_permission_to_group(group_id: str, permission: str, db: Session = Depends(get_user_db)): - group = db.query(Group).filter(Group.id == group_id).first() + group = (await db.session.execute(select(Group).where(Group.id == group_id))).scalars().first() if not group: raise GroupNotFoundError - permission = db.query(Permission).filter(Permission.name == permission).first() + permission_entity = ( + await db.session.execute(select(Permission).where(Permission.name == permission))).scalars().first() - if not permission: - permission = Permission(name = permission) - db.add(permission) + if not permission_entity: + stmt = insert(Permission).values(name=permission) + ret_val = await db.session.execute(stmt) - group.permissions.append(permission) + permission_entity = ( + await db.session.execute(select(Permission).where(Permission.name == permission))).scalars().first() - db.commit() + # add permission to group + await db.session.execute(insert(GroupPermission).values(group_id=group.id, permission_id=permission_entity.id)) + + await db.session.commit() return JSONResponse(status_code = 200, content = {"message": "Permission assigned to group"}) @@ -43,7 +48,6 @@ def get_permissions_router() -> APIRouter: # Add association directly to the association table stmt = insert(UserGroup).values(user_id=user_id, group_id=group_id) await db.session.execute(stmt) - #user.groups.append(group) await db.session.commit() diff --git a/cognee/modules/users/models/GroupPermission.py b/cognee/modules/users/models/GroupPermission.py new file mode 100644 index 000000000..eaf3630b4 --- /dev/null +++ b/cognee/modules/users/models/GroupPermission.py @@ -0,0 +1,11 @@ +from datetime import datetime, timezone +from sqlalchemy import Column, ForeignKey, DateTime, UUID +from cognee.infrastructure.databases.relational import Base + +class GroupPermission(Base): + __tablename__ = "group_permissions" + + created_at = Column(DateTime(timezone = True), default = lambda: datetime.now(timezone.utc)) + + group_id = Column(UUID, ForeignKey("groups.id"), primary_key = True) + permission_id = Column(UUID, ForeignKey("permissions.id"), primary_key = True) diff --git a/cognee/modules/users/models/__init__.py b/cognee/modules/users/models/__init__.py index 3d359da76..a713798d5 100644 --- a/cognee/modules/users/models/__init__.py +++ b/cognee/modules/users/models/__init__.py @@ -1,6 +1,7 @@ from .User import User from .Group import Group from .UserGroup import UserGroup +from .GroupPermission import GroupPermission from .Resource import Resource from .Permission import Permission from .ACL import ACL