diff options
author | Frederick Muriuki Muriithi | 2022-11-15 13:08:56 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2022-11-15 13:08:56 +0300 |
commit | a11bd7a2c7f5b9a82ce70b7baf9eae92561ed905 (patch) | |
tree | 14be1f1fce80f271ad1023be55ee591b3c82ed0a /gn3/auth/authorisation/checks.py | |
parent | 1f37de222e3f93908f2db3dfef33740aea3c828c (diff) | |
download | genenetwork3-a11bd7a2c7f5b9a82ce70b7baf9eae92561ed905.tar.gz |
auth: Return results of calling function directly
* gn3/auth/authorisation/checks.py: Return results of calling the function
rather than a dict of values that include the results.
* gn3/auth/authorisation/groups.py: Use the newer form of `authorised_p`
decorator.
* tests/unit/auth/test_groups.py: Update tests
Diffstat (limited to 'gn3/auth/authorisation/checks.py')
-rw-r--r-- | gn3/auth/authorisation/checks.py | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/gn3/auth/authorisation/checks.py b/gn3/auth/authorisation/checks.py index f14c5c7..3181655 100644 --- a/gn3/auth/authorisation/checks.py +++ b/gn3/auth/authorisation/checks.py @@ -1,6 +1,6 @@ """Functions to check for authorisation.""" from functools import wraps -from typing import Union, Callable +from typing import Callable from flask import g, current_app as app @@ -9,8 +9,6 @@ from . import privileges as auth_privs def authorised_p( privileges: tuple[str], - success_message: Union[str, bool] = ( - "Successfully authorised requested action"), error_message: str = ( "You lack authorisation to perform requested action")): """Authorisation decorator.""" @@ -20,15 +18,15 @@ def authorised_p( def __authoriser__(*args, **kwargs): if hasattr(g, "user_id") and g.user_id: with db.connection(app.config["AUTH_DB"]) as conn: - user_privileges = auth_privs.user_privileges(conn, g.user_id) + user_privileges = tuple( + priv.privilege_name for priv in + auth_privs.user_privileges(conn, g.user_id)) not_assigned = [ priv for priv in privileges if priv not in user_privileges] if len(not_assigned) == 0: - return { - "status": "success", - "message": success_message, - "results": func(*args, **kwargs)} + return func(*args, **kwargs) + return { "status": "error", "message": f"Unauthorised: {error_message}" |