auth: Implement `create_resource` function

* gn3/auth/authentication/checks.py: new `authenticated_p` decorator to apply
  on any function that requires the user to be authenticated before it runs.
* gn3/auth/authorisation/checks.py: use a `auth.authentication.users.User`
  object rather than a UUID object in the global `g`.
* gn3/auth/authorisation/groups.py: Implement the `authenticated_user_group`
  function to get the group(s) in which the currently authenticated user
  belongs.
* gn3/auth/authorisation/resources.py: Implement the `create_resource`
  function correctly.
* tests/unit/auth/conftest.py: extract the User objects into a global variable
  for reusability with the tests.
* tests/unit/auth/test_resources.py: Use global user objects from conftest in
  the tests. Set a User object (rather than UUID) in the global `g` variable.

1 files changed, 2 insertions, 2 deletions

diff --git a/gn3/auth/authorisation/checks.py b/gn3/auth/authorisation/checks.py
index 3181655..dd041fe 100644
--- a/gn3/auth/authorisation/checks.py
+++ b/gn3/auth/authorisation/checks.py
@@ -16,11 +16,11 @@ def authorised_p(
     def __build_authoriser__(func: Callable):
         @wraps(func)
         def __authoriser__(*args, **kwargs):
-            if hasattr(g, "user_id") and g.user_id:
+            if hasattr(g, "user") and g.user:
                 with db.connection(app.config["AUTH_DB"]) as conn:
                     user_privileges = tuple(
                         priv.privilege_name for priv in
-                        auth_privs.user_privileges(conn, g.user_id))
+                        auth_privs.user_privileges(conn, g.user))
 
                 not_assigned = [
                     priv for priv in privileges if priv not in user_privileges]