auth: Improve authorisation

Retrieve the token, and user in the authorisation decorator to enable checking of privileges.
author: Frederick Muriuki Muriithi 2023-02-02 14:15:29 +0300
committer: Frederick Muriuki Muriithi 2023-02-02 14:15:29 +0300
commit: ecce454ca9d0f374e22da8401206e3b1695dbded (patch)
tree: 70db9cc60df565336b7c37103b39a2d92183d764 /gn3/auth/authorisation/roles
parent: dfe5eb18e3ec8dc570d118bfe95c5d4dcb2c7575 (diff)
download: genenetwork3-ecce454ca9d0f374e22da8401206e3b1695dbded.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/gn3/auth/authorisation/roles/models.py b/gn3/auth/authorisation/roles/models.py
index b1aac75..26b8f0a 100644
--- a/gn3/auth/authorisation/roles/models.py
+++ b/gn3/auth/authorisation/roles/models.py
@@ -27,7 +27,9 @@ class Role(NamedTuple):
             "privileges": tuple(dictify(priv) for priv in self.privileges)
         }
 
-@authorised_p(("group:role:create-role",), error_message="Could not create role")
+@authorised_p(
+    privileges = ("group:role:create-role",),
+    error_description="Could not create role")
 def create_role(
         cursor: db.DbCursor, role_name: str,
         privileges: Iterable[Privilege]) -> Role:
author	Frederick Muriuki Muriithi	2023-02-02 14:15:29 +0300
committer	Frederick Muriuki Muriithi	2023-02-02 14:15:29 +0300
commit	ecce454ca9d0f374e22da8401206e3b1695dbded (patch)
tree	70db9cc60df565336b7c37103b39a2d92183d764 /gn3/auth/authorisation/roles
parent	dfe5eb18e3ec8dc570d118bfe95c5d4dcb2c7575 (diff)
download	genenetwork3-ecce454ca9d0f374e22da8401206e3b1695dbded.tar.gz