Skip to content

Commit

Permalink
Replace loop with sinle select statement
Browse files Browse the repository at this point in the history
  • Loading branch information
jdavcs committed Sep 10, 2024
1 parent 01319d6 commit fbb99ab
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions lib/galaxy/model/security.py
Original file line number Diff line number Diff line change
Expand Up @@ -1519,18 +1519,18 @@ def _set_user_roles(self, user, role_ids):
else:
delete_stmt = delete_stmt.where(UserRoleAssociation.role_id != private_role.id)
role_ids = self._filter_private_roles(role_ids)
# breakpoint()

insert_values = [{"user_id": user.id, "role_id": role_id} for role_id in role_ids]
self._set_associations(user, UserRoleAssociation, delete_stmt, insert_values)

def _filter_private_roles(self, role_ids):
"""Filter out IDs of private roles: those should not be assignable via UI"""
filtered = []
for role_id in role_ids:
stmt = select(Role.id).where(Role.id == role_id).where(Role.type == Role.types.PRIVATE)
is_private = bool(self.sa_session.scalars(stmt).all())
if not is_private:
filtered.append(role_id)
return filtered
stmt = select(Role.id).where(Role.id.in_(role_ids)).where(Role.type == Role.types.PRIVATE)
private_role_ids = self.sa_session.scalars(stmt).all()
# We could simply select only private roles; however, that would get rid of potential duplicates
# and invalid role_ids; which would hide any bugs that should be caught in the _set_associations() method.
return [role_id for role_id in role_ids if role_id not in private_role_ids]

def _set_group_users(self, group, user_ids):
delete_stmt = delete(UserGroupAssociation).where(UserGroupAssociation.group_id == group.id)
Expand Down

0 comments on commit fbb99ab

Please sign in to comment.