auth: Fix user registration

The code checking for errors was buggy and would let empty values through.
The sqlite3.IntegrityError exception was not being handled correctly, and
would cause a failure in the application.

This commit fixes the issues noted above.

* gn3/auth/authorisation/roles.py: fix bug in generating query params
* gn3/auth/authorisation/views.py: fix error checking code. Raise exception if
  email is already registered.

2 files changed, 27 insertions, 18 deletions

diff --git a/gn3/auth/authorisation/roles.py b/gn3/auth/authorisation/roles.py
index 606403e..9e2e83e 100644
--- a/gn3/auth/authorisation/roles.py
+++ b/gn3/auth/authorisation/roles.py
@@ -91,8 +91,8 @@ def assign_default_roles(cursor: db.DbCursor, user: User):
         '("group-creator")')
     role_ids = cursor.fetchall()
     str_user_id = str(user.user_id)
-    params = (
-        {"user_id": str_user_id, "role_id": role_id} for role_id in role_ids)
+    params = tuple(
+        {"user_id": str_user_id, "role_id": row["role_id"]} for row in role_ids)
     cursor.executemany(
         ("INSERT INTO user_roles VALUES (:user_id, :role_id)"),
         params)
diff --git a/gn3/auth/authorisation/views.py b/gn3/auth/authorisation/views.py
index 2c47bd9..1c59ed1 100644
--- a/gn3/auth/authorisation/views.py
+++ b/gn3/auth/authorisation/views.py
@@ -1,5 +1,8 @@
 """Endpoints for the authorisation stuff."""
+import traceback
 from typing import Tuple, Optional
+
+import sqlite3
 from flask import request, jsonify, current_app
 
 from gn3.auth import db
@@ -80,28 +83,34 @@ def register_user():
         __assert_not_logged_in__(conn)
 
         form = request.form
-        email = form.get("email", "")
-        password = form.get("password", "")
-        user_name = form.get("user_name", "")
+        email = form.get("email", "").strip()
+        password = form.get("password", "").strip()
+        user_name = form.get("user_name", "").strip()
         errors = tuple(
-                error[1] for error in
+                error for valid,error in
             [__email_valid__(email),
-             __password_valid__(password, form.get("confirm_password", "")),
+             __password_valid__(
+                 password, form.get("confirm_password", "").strip()),
              __user_name_valid__(user_name)]
-            if error[0])
+            if not valid)
         if len(errors) > 0:
             raise UserRegistrationError(*errors)
 
-        with db.cursor(conn) as cursor:
-            user, _hashed_password = set_user_password(
-                cursor, save_user(cursor, email, user_name), password)
-            assign_default_roles(cursor, user)
-            return jsonify(
-                {
-                    "user_id": user.user_id,
-                    "email": user.email,
-                    "name": user.name
-                }), 200
+        try:
+            with db.cursor(conn) as cursor:
+                user, _hashed_password = set_user_password(
+                    cursor, save_user(cursor, email, user_name), password)
+                assign_default_roles(cursor, user)
+                return jsonify(
+                    {
+                        "user_id": user.user_id,
+                        "email": user.email,
+                        "name": user.name
+                    }), 200
+        except sqlite3.IntegrityError as sq3ie:
+            current_app.logger.debug(traceback.format_exc())
+            raise UserRegistrationError(
+                "A user with that email already exists") from sq3ie
 
     raise Exception(
         "unknown_error", "The system experienced an unexpected error.")