feat(permissions): route to get available perm

PnX-SI · Nov 20, 2024 · 3914bec · 3914bec
1 parent ef48080
commit 3914bec
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 2 deletions.
diff --git a/backend/geonature/core/gn_permissions/routes.py b/backend/geonature/core/gn_permissions/routes.py
@@ -5,14 +5,17 @@
 from copy import copy
 
 from flask import Blueprint, Response, session
+from geonature.core.gn_commons.models.base import TModules
 import sqlalchemy as sa
 
 from geonature.utils.env import db
+from sqlalchemy.exc import NoResultFound
 from sqlalchemy.orm import joinedload
-from geonature.core.gn_permissions.models import PermissionAvailable
+from geonature.core.gn_permissions.models import PermAction, PermissionAvailable, TObjects
 from geonature.core.gn_permissions.schemas import PermissionAvailableSchema
 from geonature.core.gn_permissions.decorators import login_required
 from geonature.core.gn_permissions.commands import supergrant
+from werkzeug.exceptions import NotFound
 
 
 routes = Blueprint(
@@ -45,3 +48,20 @@ def list_permissions_availables():
     pa = db.session.execute(sa.select(PermissionAvailable)).scalars()
     schema = PermissionAvailableSchema(only=["action", "module", "object"])
     return schema.dump(pa, many=True)
+
+
+@routes.route("/availables/<module_code>/<code_object>/<code_action>", methods=["GET"])
+@login_required
+def get_permission_available(module_code, code_object, code_action):
+    try:
+        pa = db.session.execute(
+            sa.select(PermissionAvailable).where(
+                PermissionAvailable.module.has(TModules.module_code == module_code),
+                PermissionAvailable.object.has(TObjects.code_object == code_object),
+                PermissionAvailable.action.has(PermAction.code_action == code_action),
+            )
+        ).scalar_one()
+    except NoResultFound:
+        raise NotFound
+    schema = PermissionAvailableSchema(only=["action", "module", "object"])
+    return schema.dump(pa)
diff --git a/backend/geonature/tests/test_gn_permission.py b/backend/geonature/tests/test_gn_permission.py
@@ -2,7 +2,7 @@
 from flask import url_for
 
 from pypnusershub.tests.utils import set_logged_user
-from werkzeug.exceptions import Unauthorized
+from werkzeug.exceptions import NotFound, Unauthorized
 
 
 @pytest.mark.usefixtures("client_class")
@@ -22,3 +22,28 @@ def test_list_permissions_availables(self, users):
         set_logged_user(self.client, users["user"])
         response = self.client.get(url)
         assert response.status_code == 200
+
+    def test_get_permission_available(self, users):
+        url = url_for(
+            "gn_permissions.get_permission_available",
+            module_code="METADATA",
+            code_object="ALL",
+            code_action="R",
+        )
+
+        response = self.client.get(url)
+        assert response.status_code == Unauthorized.code
+
+        set_logged_user(self.client, users["user"])
+        response = self.client.get(url)
+        assert response.status_code == 200
+
+        response = self.client.get(
+            url_for(
+                "gn_permissions.get_permission_available",
+                module_code="METADATA",
+                code_object="ALL",
+                code_action="UNEXISTING",
+            )
+        )
+        assert response.status_code == NotFound.code