aboutsummaryrefslogtreecommitdiff
path: root/gn3/auth
diff options
context:
space:
mode:
Diffstat (limited to 'gn3/auth')
-rw-r--r--gn3/auth/authorisation/groups.py8
-rw-r--r--gn3/auth/authorisation/resources.py8
-rw-r--r--gn3/auth/authorisation/views.py11
3 files changed, 24 insertions, 3 deletions
diff --git a/gn3/auth/authorisation/groups.py b/gn3/auth/authorisation/groups.py
index cd7e034..201ed4d 100644
--- a/gn3/auth/authorisation/groups.py
+++ b/gn3/auth/authorisation/groups.py
@@ -163,7 +163,13 @@ def user_group(cursor: db.DbCursor, user: User) -> Either:
def is_group_leader(cursor: db.DbCursor, user: User, group: Group):
"""Check whether the given `user` is the leader of `group`."""
- ugroup = user_group(cursor, user).maybe(False, lambda val: val) # type: ignore[arg-type, misc]
+ def __raise__(exc):
+ if type(exc) == NotFoundError:
+ return False
+ raise exc
+
+ ugroup = user_group(cursor, user).either(
+ __raise__, lambda val: val) # type: ignore[arg-type, misc]
if not group:
# User cannot be a group leader if not a member of ANY group
return False
diff --git a/gn3/auth/authorisation/resources.py b/gn3/auth/authorisation/resources.py
index 1e37d7a..c9cd392 100644
--- a/gn3/auth/authorisation/resources.py
+++ b/gn3/auth/authorisation/resources.py
@@ -136,6 +136,10 @@ def user_resources(conn: db.DbConnection, user: User) -> Sequence[Resource]:
(private_res + gl_resources + public_resources(conn))# type: ignore[operator]
}.values())
+ def __handle_error__(exc):
+ if type(exc) == NotFoundError:
+ return public_resources(conn)
+ raise exc
# Fix the typing here
- return user_group(cursor, user).map(__all_resources__).maybe(# type: ignore[arg-type,misc]
- public_resources(conn), lambda res: res)# type: ignore[arg-type,return-value]
+ return user_group(cursor, user).map(__all_resources__).either(# type: ignore[arg-type,misc]
+ __handle_error__, lambda res: res)# type: ignore[arg-type,return-value]
diff --git a/gn3/auth/authorisation/views.py b/gn3/auth/authorisation/views.py
index 4ff82c9..65b1dc4 100644
--- a/gn3/auth/authorisation/views.py
+++ b/gn3/auth/authorisation/views.py
@@ -11,6 +11,7 @@ from gn3.auth.dictify import dictify
from gn3.auth.blueprint import oauth2
from .errors import UserRegistrationError
+from .resources import user_resources as _user_resources
from .roles import user_role, assign_default_roles, user_roles as _user_roles
from .groups import (
all_groups, GroupCreationError, user_group as _user_group,
@@ -177,3 +178,13 @@ def user_group():
with db.connection(db_uri) as conn, db.cursor(conn) as cursor:
return _user_group(cursor, the_token.user).either(
__raise_error__, lambda grp: jsonify(dictify(grp)))
+
+@oauth2.route("/user-resources")
+@require_oauth("profile resource")
+def user_resources():
+ with require_oauth.acquire("profile resource") as the_token:
+ db_uri = current_app.config["AUTH_DB"]
+ with db.connection(db_uri) as conn, db.cursor(conn) as cursor:
+ return jsonify([
+ dictify(resource) for resource in
+ _user_resources(conn, the_token.user)])