add-role-feature

2023-12-25 01:42:39 +03:00 · 2023-12-25 01:42:39 +03:00 · a4b0fd1a46
commit a4b0fd1a46
parent 2547bd111b
3 changed files with 38 additions and 10 deletions
--- a/resolvers/reaction.py
+++ b/resolvers/reaction.py
@ -7,7 +7,7 @@ from sqlalchemy.orm import aliased, joinedload
 from orm.author import Author
 from orm.reaction import Reaction, ReactionKind
 from orm.shout import Shout, ShoutReactionsFollower
-from services.auth import login_required
+from services.auth import login_required, add_author_role
 from services.db import local_session
 from services.notify import notify_reaction
 from services.schema import mutation, query
@ -98,18 +98,18 @@ def is_published_author(session, author_id):
    )


-def check_to_publish(session, author_id, reaction):
+def check_to_publish(session, approver_id, reaction):
    """set shout to public if publicated approvers amount > 4"""
    if not reaction.reply_to and reaction.kind in [
        ReactionKind.ACCEPT.value,
        ReactionKind.LIKE.value,
        ReactionKind.PROOF.value,
    ]:
-        if is_published_author(session, author_id):
+        if is_published_author(session, approver_id):
            # now count how many approvers are voted already
            approvers_reactions = session.query(Reaction).where(Reaction.shout == reaction.shout).all()
            approvers = [
-                author_id,
+                approver_id,
            ]
            for ar in approvers_reactions:
                a = ar.created_by
@ -142,10 +142,12 @@ def check_to_hide(session, reaction):
    return False


-def set_published(session, shout_id):
+def set_published(session, shout_id, approver_id):
    s = session.query(Shout).where(Shout.id == shout_id).first()
    s.published_at = int(time.time())
+    s.published_by = approver_id
    s.visibility = text("public")
+    add_author_role(s.created_by)
    session.add(s)
    session.commit()

@ -233,7 +235,7 @@ async def create_reaction(_, info, reaction):
            if check_to_hide(session, r):
                set_hidden(session, r.shout)
            elif check_to_publish(session, author.id, r):
-                set_published(session, r.shout)
+                set_published(session, r.shout, author.id)

            try:
                reactions_follow(author.id, reaction["shout"], True)
--- a/services/auth.py
+++ b/services/auth.py
@ -3,7 +3,7 @@ from functools import wraps
 from aiohttp import ClientSession
 from starlette.exceptions import HTTPException

-from settings import AUTH_URL
+from settings import AUTH_URL, AUTH_SECRET


 async def check_auth(req) -> str | None:
@ -17,7 +17,6 @@ async def check_auth(req) -> str | None:
        headers = {
            "Content-Type": "application/json",
        }
-
        variables = {
            "params": {
                "token_type": "access_token",
@ -47,7 +46,34 @@ async def check_auth(req) -> str | None:
            print(f"[services.auth] {e}")

    if not user_id:
-        raise HTTPException(status_code=401,detail="Unauthorized")
+        raise HTTPException(status_code=401, detail="Unauthorized")
+
+
+async def add_author_role(author_id):
+    print(f"[services.auth] add author role for author with id {author_id}")
+    query_name = "_update_user"
+    operation = "UpdateUserRoles"
+    headers = {"Content-Type": "application/json", "x-authorizer-admin-secret": AUTH_SECRET}
+    variables = {"params": {"roles": "author, reader"}}
+    gql = {
+        "query": f"mutation {operation}($params: UpdateUserInput!) {{ {query_name}(params: $params) {{ id roles }} }}",
+        "variables": variables,
+        "operationName": operation,
+    }
+    try:
+        # Asynchronous HTTP request to the authentication server
+        async with ClientSession() as session:
+            async with session.post(AUTH_URL, json=gql, headers=headers) as response:
+                if response.status == 200:
+                    data = await response.json()
+                    errors = data.get("errors")
+                    if errors:
+                        print(f"[services.auth] errors: {errors}")
+                    else:
+                        user_id = data.get("data", {}).get(query_name, {}).get("id")
+                        return user_id
+    except Exception as e:
+        print(f"[services.auth] {e}")


 def login_required(f):
--- a/services/db.py
+++ b/services/db.py
@ -29,7 +29,7 @@ def before_cursor_execute(conn, cursor, statement, parameters, context, executem
 def after_cursor_execute(conn, cursor, statement, parameters, context, executemany):
    total = time.time() - conn.info["query_start_time"].pop(-1)
    total = math.floor(total * 10000) / 10
-    if total > 100:
+    if total > 35:
        print(f"\n{statement}\n----------------- Finished in {total} ms ")