about summary refs log tree commit diff
path: root/gn3
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2022-11-15 13:08:56 +0300
committerFrederick Muriuki Muriithi2022-11-15 13:08:56 +0300
commita11bd7a2c7f5b9a82ce70b7baf9eae92561ed905 (patch)
tree14be1f1fce80f271ad1023be55ee591b3c82ed0a /gn3
parent1f37de222e3f93908f2db3dfef33740aea3c828c (diff)
downloadgenenetwork3-a11bd7a2c7f5b9a82ce70b7baf9eae92561ed905.tar.gz
auth: Return results of calling function directly
* gn3/auth/authorisation/checks.py: Return results of calling the function
  rather than a dict of values that include the results.
* gn3/auth/authorisation/groups.py: Use the newer form of `authorised_p`
  decorator.
* tests/unit/auth/test_groups.py: Update tests
Diffstat (limited to 'gn3')
-rw-r--r--gn3/auth/authorisation/checks.py14
-rw-r--r--gn3/auth/authorisation/groups.py5
2 files changed, 7 insertions, 12 deletions
diff --git a/gn3/auth/authorisation/checks.py b/gn3/auth/authorisation/checks.py
index f14c5c7..3181655 100644
--- a/gn3/auth/authorisation/checks.py
+++ b/gn3/auth/authorisation/checks.py
@@ -1,6 +1,6 @@
 """Functions to check for authorisation."""
 from functools import wraps
-from typing import Union, Callable
+from typing import Callable
 
 from flask import g, current_app as app
 
@@ -9,8 +9,6 @@ from . import privileges as auth_privs
 
 def authorised_p(
         privileges: tuple[str],
-        success_message: Union[str, bool] = (
-            "Successfully authorised requested action"),
         error_message: str = (
             "You lack authorisation to perform requested action")):
     """Authorisation decorator."""
@@ -20,15 +18,15 @@ def authorised_p(
         def __authoriser__(*args, **kwargs):
             if hasattr(g, "user_id") and g.user_id:
                 with db.connection(app.config["AUTH_DB"]) as conn:
-                    user_privileges = auth_privs.user_privileges(conn, g.user_id)
+                    user_privileges = tuple(
+                        priv.privilege_name for priv in
+                        auth_privs.user_privileges(conn, g.user_id))
 
                 not_assigned = [
                     priv for priv in privileges if priv not in user_privileges]
                 if len(not_assigned) == 0:
-                    return {
-                        "status": "success",
-                        "message": success_message,
-                        "results": func(*args, **kwargs)}
+                    return func(*args, **kwargs)
+
             return {
                 "status": "error",
                 "message": f"Unauthorised: {error_message}"
diff --git a/gn3/auth/authorisation/groups.py b/gn3/auth/authorisation/groups.py
index b996d21..f3345c3 100644
--- a/gn3/auth/authorisation/groups.py
+++ b/gn3/auth/authorisation/groups.py
@@ -7,15 +7,12 @@ from .privileges import Privilege
 from .roles import Role, create_role
 from .checks import authorised_p
 
-@authorised_p(
-    ("create-group",), success_message="Successfully created group.",
-    error_message="Failed to create group.")
-def create_group(conn, group_name):
 class Group(NamedTuple):
     """Class representing a group."""
     group_id: UUID
     group_name: str
 
+@authorised_p(("create-group",), error_message="Failed to create group.")
 def create_group(conn: db.DbConnection, group_name: str) -> Group:
     """Create a group"""
     group = Group(uuid4(), group_name)
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-10-06 08:03:42 +0000