auth: Return results of calling function directly

* gn3/auth/authorisation/checks.py: Return results of calling the function rather than a dict of values that include the results. * gn3/auth/authorisation/groups.py: Use the newer form of `authorised_p` decorator. * tests/unit/auth/test_groups.py: Update tests
author: Frederick Muriuki Muriithi 2022-11-15 13:08:56 +0300
committer: Frederick Muriuki Muriithi 2022-11-15 13:08:56 +0300
commit: a11bd7a2c7f5b9a82ce70b7baf9eae92561ed905 (patch)
tree: 14be1f1fce80f271ad1023be55ee591b3c82ed0a
parent: 1f37de222e3f93908f2db3dfef33740aea3c828c (diff)
download: genenetwork3-a11bd7a2c7f5b9a82ce70b7baf9eae92561ed905.tar.gz
3 files changed, 11 insertions, 19 deletions
diff --git a/gn3/auth/authorisation/checks.py b/gn3/auth/authorisation/checks.py
index f14c5c7..3181655 100644
--- a/gn3/auth/authorisation/checks.py
+++ b/gn3/auth/authorisation/checks.py
@@ -1,6 +1,6 @@
 """Functions to check for authorisation."""
 from functools import wraps
-from typing import Union, Callable
+from typing import Callable
 
 from flask import g, current_app as app
 
@@ -9,8 +9,6 @@ from . import privileges as auth_privs
 
 def authorised_p(
         privileges: tuple[str],
-        success_message: Union[str, bool] = (
-            "Successfully authorised requested action"),
         error_message: str = (
             "You lack authorisation to perform requested action")):
     """Authorisation decorator."""
@@ -20,15 +18,15 @@ def authorised_p(
         def __authoriser__(*args, **kwargs):
             if hasattr(g, "user_id") and g.user_id:
                 with db.connection(app.config["AUTH_DB"]) as conn:
-                    user_privileges = auth_privs.user_privileges(conn, g.user_id)
+                    user_privileges = tuple(
+                        priv.privilege_name for priv in
+                        auth_privs.user_privileges(conn, g.user_id))
 
                 not_assigned = [
                     priv for priv in privileges if priv not in user_privileges]
                 if len(not_assigned) == 0:
-                    return {
-                        "status": "success",
-                        "message": success_message,
-                        "results": func(*args, **kwargs)}
+                    return func(*args, **kwargs)
+
             return {
                 "status": "error",
                 "message": f"Unauthorised: {error_message}"
diff --git a/gn3/auth/authorisation/groups.py b/gn3/auth/authorisation/groups.py
index b996d21..f3345c3 100644
--- a/gn3/auth/authorisation/groups.py
+++ b/gn3/auth/authorisation/groups.py
@@ -7,15 +7,12 @@ from .privileges import Privilege
 from .roles import Role, create_role
 from .checks import authorised_p
 
-@authorised_p(
-    ("create-group",), success_message="Successfully created group.",
-    error_message="Failed to create group.")
-def create_group(conn, group_name):
 class Group(NamedTuple):
     """Class representing a group."""
     group_id: UUID
     group_name: str
 
+@authorised_p(("create-group",), error_message="Failed to create group.")
 def create_group(conn: db.DbConnection, group_name: str) -> Group:
     """Create a group"""
     group = Group(uuid4(), group_name)
diff --git a/tests/unit/auth/test_groups.py b/tests/unit/auth/test_groups.py
index d83431e..1db7a7c 100644
--- a/tests/unit/auth/test_groups.py
+++ b/tests/unit/auth/test_groups.py
@@ -4,7 +4,7 @@ from uuid import UUID
 import pytest
 
 from gn3.auth import db
-from gn3.auth.authorisation.groups import create_group
+from gn3.auth.authorisation.groups import Group, create_group
 
 create_group_failure = {
     "status": "error",
@@ -16,11 +16,8 @@ group_leader_id = lambda : UUID("d32611e3-07fc-4564-b56c-786c6db6de2b")
 @pytest.mark.unit_test
 @pytest.mark.parametrize(
     "user_id,expected", (
-    ("ecb52977-3004-469e-9428-2a1856725c7f", {
-        "status": "success",
-        "message": "Successfully created group.",
-        "results": UUID("d32611e3-07fc-4564-b56c-786c6db6de2b")
-    }),
+    ("ecb52977-3004-469e-9428-2a1856725c7f", Group(
+        UUID("d32611e3-07fc-4564-b56c-786c6db6de2b"), "a_test_group")),
     ("21351b66-8aad-475b-84ac-53ce528451e3", create_group_failure),
     ("ae9c6245-0966-41a5-9a5e-20885a96bea7", create_group_failure),
     ("9a0c7ce5-2f40-4e78-979e-bf3527a59579", create_group_failure),
@@ -33,7 +30,7 @@ def test_create_group(# pylint: disable=[too-many-arguments]
     THEN: verify they are only able to create the group if they have the
           appropriate privileges
     """
-    mocker.patch("gn3.auth.authorisation.groups.uuid.uuid4", group_leader_id)
+    mocker.patch("gn3.auth.authorisation.groups.uuid4", group_leader_id)
     with test_app.app_context() as flask_context:
         flask_context.g.user_id = UUID(user_id)
         with db.connection(auth_testdb_path) as conn:
author	Frederick Muriuki Muriithi	2022-11-15 13:08:56 +0300
committer	Frederick Muriuki Muriithi	2022-11-15 13:08:56 +0300
commit	a11bd7a2c7f5b9a82ce70b7baf9eae92561ed905 (patch)
tree	14be1f1fce80f271ad1023be55ee591b3c82ed0a
parent	1f37de222e3f93908f2db3dfef33740aea3c828c (diff)
download	genenetwork3-a11bd7a2c7f5b9a82ce70b7baf9eae92561ed905.tar.gz