From dc037faabe757b4005ccfc6d060ac70364cca61a Mon Sep 17 00:00:00 2001
From: Lance Edgar <lance@edbob.org>
Date: Thu, 26 Jul 2012 13:59:26 -0700
Subject: [PATCH] add grant_permission() function

---
 edbob/db/auth.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/edbob/db/auth.py b/edbob/db/auth.py
index 7506cea..cf1dec8 100644
--- a/edbob/db/auth.py
+++ b/edbob/db/auth.py
@@ -93,6 +93,18 @@ def guest_role(session):
     return admin
 
 
+def grant_permission(role, permission, session=None):
+    """
+    Grants ``permission`` to ``role``.
+    """
+
+    if not session:
+        session = object_session(role)
+        assert session
+    if permission not in role.permissions:
+        role.permissions.append(permission)
+
+
 def has_permission(obj, perm, session=None):
     """
     Checks the given ``obj`` (which may be either a :class:`edbob.User`` or