diff options
author | Frederick Muriuki Muriithi | 2023-03-07 05:49:21 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-03-07 05:49:21 +0300 |
commit | 09c2330e9e8279f6c9fd391a736435ceb4705873 (patch) | |
tree | 38f3f2835cf608d89994da00bf060734de0baa65 /gn3/auth/authorisation/groups | |
parent | 361a934d1c0d75da01bd19d8ac78bf15aa7e2cad (diff) | |
download | genenetwork3-09c2330e9e8279f6c9fd391a736435ceb4705873.tar.gz |
auth: user_by_id: Return a user or raise an exception
Fetching the user by id should return the user, or raise an exception. We get
rid of the Maybe monad here since it is leading to some weird code flows -
probably the wrong monad to use here.
Diffstat (limited to 'gn3/auth/authorisation/groups')
-rw-r--r-- | gn3/auth/authorisation/groups/models.py | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/gn3/auth/authorisation/groups/models.py b/gn3/auth/authorisation/groups/models.py index 777e2d0..b1f307f 100644 --- a/gn3/auth/authorisation/groups/models.py +++ b/gn3/auth/authorisation/groups/models.py @@ -9,7 +9,7 @@ from pymonad.maybe import Just, Maybe, Nothing from gn3.auth import db from gn3.auth.dictify import dictify -from gn3.auth.authentication.users import User, user_by_id, DUMMY_USER +from gn3.auth.authentication.users import User, user_by_id from ..checks import authorised_p from ..privileges import Privilege @@ -286,19 +286,20 @@ def accept_reject_join_request( row = cursor.fetchone() if row: if group.group_id == UUID(row["group_id"]): - the_user = user_by_id(conn, UUID(row["requester_id"])).maybe(# type: ignore[misc] - DUMMY_USER, lambda usr: usr) - if the_user == DUMMY_USER: + try: + the_user = user_by_id(conn, UUID(row["requester_id"])) + if status == "ACCEPTED": + add_user_to_group(cursor, group, the_user) + revoke_user_role_by_name(cursor, the_user, "group-creator") + cursor.execute( + "UPDATE group_join_requests SET status=? " + "WHERE request_id=?", + (status, str(request_id))) + return {"request_id": request_id, "status": status} + except NotFoundError as nfe: raise InconsistencyError( - "Could not find user associated with join request.") - if status == "ACCEPTED": - add_user_to_group(cursor, group, the_user) - revoke_user_role_by_name(cursor, the_user, "group-creator") - cursor.execute( - "UPDATE group_join_requests SET status=? " - "WHERE request_id=?", - (status, str(request_id))) - return {"request_id": request_id, "status": status} + "Could not find user associated with join request." + ) from nfe raise AuthorisationError( "You cannot act on other groups join requests") raise NotFoundError(f"Could not find request with ID '{request_id}'") |