Skip to content

Commit 374dddb

Browse files
committed
Split code correctly between business and persistence layer
1 parent d416cdf commit 374dddb

2 files changed

Lines changed: 32 additions & 23 deletions

File tree

source/app/business/access_controls.py

Lines changed: 4 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -15,15 +15,14 @@
1515
# You should have received a copy of the GNU Lesser General Public License
1616
# along with this program; if not, write to the Free Software Foundation,
1717
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18-
from sqlalchemy import and_
1918

2019
from app import db
21-
from app.datamgmt.manage.manage_access_control_db import get_case_effective_access
20+
from app.datamgmt.manage.manage_access_control_db import get_case_effective_access, \
21+
remove_duplicate_user_case_effective_accesses, set_user_case_effective_access
2222
from app.datamgmt.manage.manage_access_control_db import check_ua_case_client
2323
from app.iris_engine.access_control.iris_user import iris_current_user
2424
from app.logger import logger
2525
from app.models.authorization import UserCaseAccess
26-
from app.models.authorization import UserCaseEffectiveAccess
2726
from app.models.authorization import CaseAccessLevel
2827
from app.models.authorization import ac_flag_match_mask
2928

@@ -64,28 +63,10 @@ def set_case_effective_access_for_user(user_id, case_id, access_level: int):
6463
Set a case access from a user
6564
"""
6665

67-
uac = UserCaseEffectiveAccess.query.where(and_(
68-
UserCaseEffectiveAccess.user_id == user_id,
69-
UserCaseEffectiveAccess.case_id == case_id
70-
)).all()
71-
72-
if len(uac) > 1:
66+
if remove_duplicate_user_case_effective_accesses(user_id, case_id):
7367
logger.error(f'Multiple access found for user {user_id} and case {case_id}')
74-
for u in uac:
75-
db.session.delete(u)
76-
db.session.commit()
7768

78-
uac = UserCaseEffectiveAccess()
79-
uac.user_id = user_id
80-
uac.case_id = case_id
81-
uac.access_level = access_level
82-
db.session.add(uac)
83-
84-
elif len(uac) == 1:
85-
uac = uac[0]
86-
uac.access_level = access_level
87-
88-
db.session.commit()
69+
set_user_case_effective_access(access_level, case_id, user_id)
8970

9071

9172
def ac_fast_check_user_has_case_access(user_id, cid, expected_access_levels: list[CaseAccessLevel]):

source/app/datamgmt/manage/manage_access_control_db.py

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,8 +14,10 @@
1414
# You should have received a copy of the GNU Lesser General Public License
1515
# along with this program; if not, write to the Free Software Foundation,
1616
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17+
from sqlalchemy import and_
1718

1819
from app import ac_current_user_has_permission
20+
from app import db
1921
from app.models.cases import Cases
2022
from app.models.authorization import Group
2123
from app.models.authorization import UserClient
@@ -174,3 +176,29 @@ def user_has_client_access(user_id: int, client_id: int) -> bool:
174176
).first()
175177

176178
return result is not None
179+
180+
181+
def remove_duplicate_user_case_effective_accesses(user_id, case_id):
182+
uac = UserCaseEffectiveAccess.query.where(and_(
183+
UserCaseEffectiveAccess.user_id == user_id,
184+
UserCaseEffectiveAccess.case_id == case_id
185+
)).all()
186+
187+
if len(uac) <= 1:
188+
return False
189+
190+
for u in uac[1:]:
191+
db.session.delete(u)
192+
db.session.commit()
193+
return True
194+
195+
196+
def set_user_case_effective_access(access_level, case_id, user_id):
197+
uac = UserCaseEffectiveAccess.query.where(and_(
198+
UserCaseEffectiveAccess.user_id == user_id,
199+
UserCaseEffectiveAccess.case_id == case_id
200+
)).first()
201+
if uac:
202+
uac = uac[0]
203+
uac.access_level = access_level
204+
db.session.commit()

0 commit comments

Comments
 (0)