async def delete_role(id: int, roles=has_permissions([ManageRoles()])):
role = await Role.fetch(id)
if not role:
raise HTTPException(404, "Role Not Found")
top_role = min(roles, key=lambda role: role.position)
if top_role.position >= role.position:
raise HTTPException(403, "Missing Permissions")
query = """
WITH deleted AS (
DELETE FROM roles r
WHERE r.id = $1
RETURNING r.id
),
to_update AS (
SELECT r.id,
ROW_NUMBER() OVER (ORDER BY r.position) AS position
FROM roles r
WHERE r.id != (SELECT id FROM deleted)
)
UPDATE roles r SET
position = tu.position
FROM to_update tu
WHERE r.id = tu.id
"""
await Role.pool.execute(query, id)
return Response(status_code=204, content="")
async def update_role(
id: int,
body: UpdateRoleBody,
roles=has_permissions([ManageRoles()]),
):
role = await Role.fetch(id)
if not role:
raise HTTPException(404, "Role Not Found")
# Check if the user has administrator permission or all the permissions provided in the role
user_permissions = 0
for r in roles:
user_permissions |= r.permissions
top_role = min(roles, key=lambda role: role.position)
if top_role.position >= role.position:
raise HTTPException(403, "Missing Permissions")
data = body.dict(exclude_unset=True)
if not utils.has_permission(user_permissions, body.permissions):
raise HTTPException(403, "Missing Permissions")
if name := data.get("name", None):
record = await Role.pool.fetchrow(
"SELECT * FROM roles WHERE name = $1", name)
if record:
raise HTTPException(409, "Role with that name already exists")
async def manage_roles_role(db):
query = """
INSERT INTO roles (id, name, color, permissions, position)
VALUES (create_snowflake(), $1, $2, $3, (SELECT COUNT(*) FROM roles) + 1)
RETURNING *;
"""
record = await Role.pool.fetchrow(query, "Roles Manager", 0x0,
ManageRoles().value)
yield Role(**record)
await db.execute("DELETE FROM roles WHERE id = $1;", record["id"])
async def remove_member_from_role(
role_id: int, member_id: int, roles=has_permissions([ManageRoles()])
) -> Union[Response, utils.JSONResponse]:
role = await Role.fetch(role_id)
if not role:
raise HTTPException(404, "Role Not Found")
top_role = min(roles, key=lambda role: role.position)
if top_role.position >= role.position:
raise HTTPException(403, "Missing Permissions")
await UserRole.delete(member_id, role_id)
return Response(status_code=204, content="")
async def add_member_to_role(
role_id: int, member_id: int, roles=has_permissions([ManageRoles()])
) -> Union[Response, utils.JSONResponse]:
role = await Role.fetch(role_id)
if not role:
raise HTTPException(404, "Role Not Found")
top_role = min(roles, key=lambda role: role.position)
if top_role.position >= role.position:
raise HTTPException(403, "Missing Permissions")
try:
await UserRole.create(member_id, role_id)
except asyncpg.exceptions.UniqueViolationError:
raise HTTPException(409, "User already has the role")
except asyncpg.exceptions.ForeignKeyViolationError:
raise HTTPException(404, "Member not found")
return Response(status_code=204, content="")
async def create_role(body: NewRoleBody,
roles=has_permissions([ManageRoles()])):
# Check if the user has administrator permission or all the permissions provided in the role
user_permissions = 0
for role in roles:
user_permissions |= role.permissions
if not utils.has_permission(user_permissions, body.permissions):
raise HTTPException(403, "Missing Permissions")
query = """
INSERT INTO roles (id, name, color, permissions, position)
VALUES (create_snowflake(), $1, $2, $3, (SELECT COUNT(*) FROM roles) + 1)
RETURNING *;
"""
try:
record = await Role.pool.fetchrow(query, body.name, body.color,
body.permissions)
except asyncpg.exceptions.UniqueViolationError:
raise HTTPException(409, "Role with that name already exists")
return utils.JSONResponse(status_code=201, content=dict(record))
(
{
"color": 0x5,
"permissions": 8
},
{
"name": "test update",
"permissions": 0,
"color": 0x0
},
403,
),
(
{
"color": 0x5,
"permissions": ManageRoles().value
},
{
"name": "test update",
"permissions": ManageRoles().value,
"color": 0x5
},
204,
),
],
)
async def test_role_update(app: AsyncClient, db, user, token,
manage_roles_role, request_data, new_data, status):
try:
query = """
INSERT INTO roles (id, name, color, permissions, position)