diff options
Diffstat (limited to 'gn3/auth/authorisation')
| -rw-r--r-- | gn3/auth/authorisation/roles.py | 12 | ||||
| -rw-r--r-- | gn3/auth/authorisation/views.py | 5 |
2 files changed, 10 insertions, 7 deletions
diff --git a/gn3/auth/authorisation/roles.py b/gn3/auth/authorisation/roles.py index 9e2e83e..e84eb71 100644 --- a/gn3/auth/authorisation/roles.py +++ b/gn3/auth/authorisation/roles.py @@ -1,7 +1,9 @@ """Handle management of roles""" from uuid import UUID, uuid4 from functools import reduce -from typing import Iterable, NamedTuple +from typing import Sequence, Iterable, NamedTuple + +from pymonad.maybe import Just, Maybe, Nothing from gn3.auth import db from gn3.auth.authentication.users import User @@ -68,7 +70,7 @@ def __organise_privileges__(roles_dict, privilege_row): privilege_row["privilege_description"]),)) } -def user_roles(conn: db.DbConnection, user: User): +def user_roles(conn: db.DbConnection, user: User) -> Maybe[Sequence[Role]]: """Retrieve non-resource roles assigned to the user.""" with db.cursor(conn) as cursor: cursor.execute( @@ -80,9 +82,9 @@ def user_roles(conn: db.DbConnection, user: User): results = cursor.fetchall() if results: - return tuple( - reduce(__organise_privileges__, results, {}).values()) - return tuple() + return Just(tuple( + reduce(__organise_privileges__, results, {}).values())) + return Nothing def assign_default_roles(cursor: db.DbCursor, user: User): """Assign `user` some default roles.""" diff --git a/gn3/auth/authorisation/views.py b/gn3/auth/authorisation/views.py index 1c59ed1..9f0b68b 100644 --- a/gn3/auth/authorisation/views.py +++ b/gn3/auth/authorisation/views.py @@ -33,12 +33,13 @@ def user_details(): }) @oauth2.route("/user-roles", methods=["GET"]) -@require_oauth +@require_oauth("role") def user_roles(): """Return the non-resource roles assigned to the user.""" with require_oauth.acquire("role") as token: with db.connection(current_app.config["AUTH_DB"]) as conn: - return jsonify(_user_roles(conn, token.user)) + return jsonify(_user_roles(conn, token.user).maybe( + tuple(), lambda rls: rls)) def __email_valid__(email: str) -> Tuple[bool, Optional[str]]: """Validate the email address.""" |