From a4b0fd1a46243141b8a70ae40a38eb0dcbf6f331 Mon Sep 17 00:00:00 2001
From: Untone <anton.rewin@gmail.com>
Date: Mon, 25 Dec 2023 01:42:39 +0300
Subject: [PATCH] add-role-feature

---
 resolvers/reaction.py | 14 ++++++++------
 services/auth.py      | 32 +++++++++++++++++++++++++++++---
 services/db.py        |  2 +-
 3 files changed, 38 insertions(+), 10 deletions(-)

diff --git a/resolvers/reaction.py b/resolvers/reaction.py
index 23317a97..0ebba815 100644
--- a/resolvers/reaction.py
+++ b/resolvers/reaction.py
@@ -7,7 +7,7 @@ from sqlalchemy.orm import aliased, joinedload
 from orm.author import Author
 from orm.reaction import Reaction, ReactionKind
 from orm.shout import Shout, ShoutReactionsFollower
-from services.auth import login_required
+from services.auth import login_required, add_author_role
 from services.db import local_session
 from services.notify import notify_reaction
 from services.schema import mutation, query
@@ -98,18 +98,18 @@ def is_published_author(session, author_id):
     )
 
 
-def check_to_publish(session, author_id, reaction):
+def check_to_publish(session, approver_id, reaction):
     """set shout to public if publicated approvers amount > 4"""
     if not reaction.reply_to and reaction.kind in [
         ReactionKind.ACCEPT.value,
         ReactionKind.LIKE.value,
         ReactionKind.PROOF.value,
     ]:
-        if is_published_author(session, author_id):
+        if is_published_author(session, approver_id):
             # now count how many approvers are voted already
             approvers_reactions = session.query(Reaction).where(Reaction.shout == reaction.shout).all()
             approvers = [
-                author_id,
+                approver_id,
             ]
             for ar in approvers_reactions:
                 a = ar.created_by
@@ -142,10 +142,12 @@ def check_to_hide(session, reaction):
     return False
 
 
-def set_published(session, shout_id):
+def set_published(session, shout_id, approver_id):
     s = session.query(Shout).where(Shout.id == shout_id).first()
     s.published_at = int(time.time())
+    s.published_by = approver_id
     s.visibility = text("public")
+    add_author_role(s.created_by)
     session.add(s)
     session.commit()
 
@@ -233,7 +235,7 @@ async def create_reaction(_, info, reaction):
             if check_to_hide(session, r):
                 set_hidden(session, r.shout)
             elif check_to_publish(session, author.id, r):
-                set_published(session, r.shout)
+                set_published(session, r.shout, author.id)
 
             try:
                 reactions_follow(author.id, reaction["shout"], True)
diff --git a/services/auth.py b/services/auth.py
index 240b79af..fd55a531 100644
--- a/services/auth.py
+++ b/services/auth.py
@@ -3,7 +3,7 @@ from functools import wraps
 from aiohttp import ClientSession
 from starlette.exceptions import HTTPException
 
-from settings import AUTH_URL
+from settings import AUTH_URL, AUTH_SECRET
 
 
 async def check_auth(req) -> str | None:
@@ -17,7 +17,6 @@ async def check_auth(req) -> str | None:
         headers = {
             "Content-Type": "application/json",
         }
-
         variables = {
             "params": {
                 "token_type": "access_token",
@@ -47,7 +46,34 @@ async def check_auth(req) -> str | None:
             print(f"[services.auth] {e}")
 
     if not user_id:
-        raise HTTPException(status_code=401,detail="Unauthorized")
+        raise HTTPException(status_code=401, detail="Unauthorized")
+
+
+async def add_author_role(author_id):
+    print(f"[services.auth] add author role for author with id {author_id}")
+    query_name = "_update_user"
+    operation = "UpdateUserRoles"
+    headers = {"Content-Type": "application/json", "x-authorizer-admin-secret": AUTH_SECRET}
+    variables = {"params": {"roles": "author, reader"}}
+    gql = {
+        "query": f"mutation {operation}($params: UpdateUserInput!) {{ {query_name}(params: $params) {{ id roles }} }}",
+        "variables": variables,
+        "operationName": operation,
+    }
+    try:
+        # Asynchronous HTTP request to the authentication server
+        async with ClientSession() as session:
+            async with session.post(AUTH_URL, json=gql, headers=headers) as response:
+                if response.status == 200:
+                    data = await response.json()
+                    errors = data.get("errors")
+                    if errors:
+                        print(f"[services.auth] errors: {errors}")
+                    else:
+                        user_id = data.get("data", {}).get(query_name, {}).get("id")
+                        return user_id
+    except Exception as e:
+        print(f"[services.auth] {e}")
 
 
 def login_required(f):
diff --git a/services/db.py b/services/db.py
index 939a7b78..709505e3 100644
--- a/services/db.py
+++ b/services/db.py
@@ -29,7 +29,7 @@ def before_cursor_execute(conn, cursor, statement, parameters, context, executem
 def after_cursor_execute(conn, cursor, statement, parameters, context, executemany):
     total = time.time() - conn.info["query_start_time"].pop(-1)
     total = math.floor(total * 10000) / 10
-    if total > 100:
+    if total > 35:
         print(f"\n{statement}\n----------------- Finished in {total} ms ")