about summary refs log tree commit diff
path: root/gn3/auth/authorisation/checks.py
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2022-11-24 13:42:37 +0300
committerFrederick Muriuki Muriithi2022-11-24 13:52:29 +0300
commit021b8dfcb99928b363e4546f626e3deb5793e392 (patch)
tree107182d01dc7e5fd802fadb4e12cd88867748c36 /gn3/auth/authorisation/checks.py
parentbac3865f7c0d625f2932e1c3fb001cc6a0048921 (diff)
downloadgenenetwork3-021b8dfcb99928b363e4546f626e3deb5793e392.tar.gz
auth: Implement `create_resource` function
* gn3/auth/authentication/checks.py: new `authenticated_p` decorator to apply
  on any function that requires the user to be authenticated before it runs.
* gn3/auth/authorisation/checks.py: use a `auth.authentication.users.User`
  object rather than a UUID object in the global `g`.
* gn3/auth/authorisation/groups.py: Implement the `authenticated_user_group`
  function to get the group(s) in which the currently authenticated user
  belongs.
* gn3/auth/authorisation/resources.py: Implement the `create_resource`
  function correctly.
* tests/unit/auth/conftest.py: extract the User objects into a global variable
  for reusability with the tests.
* tests/unit/auth/test_resources.py: Use global user objects from conftest in
  the tests. Set a User object (rather than UUID) in the global `g` variable.
Diffstat (limited to 'gn3/auth/authorisation/checks.py')
-rw-r--r--gn3/auth/authorisation/checks.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/gn3/auth/authorisation/checks.py b/gn3/auth/authorisation/checks.py
index 3181655..dd041fe 100644
--- a/gn3/auth/authorisation/checks.py
+++ b/gn3/auth/authorisation/checks.py
@@ -16,11 +16,11 @@ def authorised_p(
     def __build_authoriser__(func: Callable):
         @wraps(func)
         def __authoriser__(*args, **kwargs):
-            if hasattr(g, "user_id") and g.user_id:
+            if hasattr(g, "user") and g.user:
                 with db.connection(app.config["AUTH_DB"]) as conn:
                     user_privileges = tuple(
                         priv.privilege_name for priv in
-                        auth_privs.user_privileges(conn, g.user_id))
+                        auth_privs.user_privileges(conn, g.user))
 
                 not_assigned = [
                     priv for priv in privileges if priv not in user_privileges]