Set folder permissions when adding a user to a service

This sets the folder permissions for a user when adding them to a service. If a user is being added to a service after accepting an invite, we need to account for the possibility that the folders we are trying to add them to have been deleted before they accepted the invite.
2026-01-30 14:31:57 -05:00 · 2019-03-14 16:55:48 +00:00
parent b0d3bd9046
commit 2aa14bc41c
5 changed files with 110 additions and 4 deletions
--- a/app/dao/services_dao.py
+++ b/app/dao/services_dao.py
@@ -14,6 +14,7 @@ from app.dao.dao_utils import (
 from app.dao.organisation_dao import dao_get_organisation_by_email_address
 from app.dao.service_sms_sender_dao import insert_service_sms_sender
 from app.dao.service_user_dao import dao_get_service_user
+from app.dao.template_folder_dao import dao_get_valid_template_folders_by_id
 from app.models import (
    AnnualBilling,
    ApiKey,
@@ -208,13 +209,21 @@ def dao_update_service(service):
    db.session.add(service)


-def dao_add_user_to_service(service, user, permissions=None):
+def dao_add_user_to_service(service, user, permissions=None, folder_permissions=None):
    permissions = permissions or []
+    folder_permissions = folder_permissions or []
+
    try:
        from app.dao.permissions_dao import permission_dao
        service.users.append(user)
        permission_dao.set_user_service_permission(user, service, permissions, _commit=False)
        db.session.add(service)
+
+        service_user = dao_get_service_user(user.id, service.id)
+        valid_template_folders = dao_get_valid_template_folders_by_id(folder_permissions)
+        service_user.folders = valid_template_folders
+        db.session.add(service_user)
+
    except Exception as e:
        db.session.rollback()
        raise e
--- a/app/dao/template_folder_dao.py
+++ b/app/dao/template_folder_dao.py
@@ -10,6 +10,10 @@ def dao_get_template_folder_by_id_and_service_id(template_folder_id, service_id)
    ).one()


+def dao_get_valid_template_folders_by_id(folder_ids):
+    return TemplateFolder.query.filter(TemplateFolder.id.in_(folder_ids)).all()
+
+
@transactional
 def dao_create_template_folder(template_folder):
    db.session.add(template_folder)
--- a/app/service/rest.py
+++ b/app/service/rest.py
@@ -292,8 +292,9 @@ def add_user_to_service(service_id, user_id):
        Permission(service_id=service_id, user_id=user_id, permission=p['permission'])
        for p in data['permissions']
    ]
+    folder_permissions = data.get('folder_permissions', [])

-    dao_add_user_to_service(service, user, permissions)
+    dao_add_user_to_service(service, user, permissions, folder_permissions)
    data = service_schema.dump(service).data
    return jsonify(data=data), 201