diff options
Diffstat (limited to 'gn3')
-rw-r--r-- | gn3/auth/authorisation/roles/models.py | 11 | ||||
-rw-r--r-- | gn3/auth/authorisation/roles/views.py | 2 | ||||
-rw-r--r-- | gn3/auth/authorisation/users/views.py | 4 |
3 files changed, 6 insertions, 11 deletions
diff --git a/gn3/auth/authorisation/roles/models.py b/gn3/auth/authorisation/roles/models.py index 26b8f0a..bb7ea73 100644 --- a/gn3/auth/authorisation/roles/models.py +++ b/gn3/auth/authorisation/roles/models.py @@ -3,7 +3,6 @@ from uuid import UUID, uuid4 from functools import reduce from typing import Any, Sequence, Iterable, NamedTuple -from pymonad.maybe import Just, Maybe, Nothing from pymonad.either import Left, Right, Either from gn3.auth import db @@ -80,7 +79,7 @@ def __organise_privileges__(roles_dict, privilege_row): privilege_row["privilege_description"]),)) } -def user_roles(conn: db.DbConnection, user: User) -> Maybe[Sequence[Role]]: +def user_roles(conn: db.DbConnection, user: User) -> Sequence[Role]: """Retrieve non-resource roles assigned to the user.""" with db.cursor(conn) as cursor: cursor.execute( @@ -90,11 +89,9 @@ def user_roles(conn: db.DbConnection, user: User) -> Maybe[Sequence[Role]]: "ON rp.privilege_id=p.privilege_id WHERE ur.user_id=?", (str(user.user_id),)) - results = cursor.fetchall() - if results: - return Just(tuple( - reduce(__organise_privileges__, results, {}).values())) - return Nothing + return tuple( + reduce(__organise_privileges__, cursor.fetchall(), {}).values()) + return tuple() def user_role(conn: db.DbConnection, user: User, role_id: UUID) -> Either: """Retrieve a specific non-resource role assigned to the user.""" diff --git a/gn3/auth/authorisation/roles/views.py b/gn3/auth/authorisation/roles/views.py index 975fb19..3670aab 100644 --- a/gn3/auth/authorisation/roles/views.py +++ b/gn3/auth/authorisation/roles/views.py @@ -13,7 +13,7 @@ from ...authentication.oauth2.resource_server import require_oauth roles = Blueprint("roles", __name__) @roles.route("/view/<uuid:role_id>", methods=["GET"]) -@require_oauth("role") +@require_oauth("profile role") def view_role(role_id: uuid.UUID) -> Response: """Retrieve a user role with id `role_id`""" def __error__(exc: Exception): diff --git a/gn3/auth/authorisation/users/views.py b/gn3/auth/authorisation/users/views.py index 8a29fea..c592a3f 100644 --- a/gn3/auth/authorisation/users/views.py +++ b/gn3/auth/authorisation/users/views.py @@ -46,9 +46,7 @@ def user_roles() -> Response: with require_oauth.acquire("role") as token: with db.connection(current_app.config["AUTH_DB"]) as conn: return jsonify(tuple( - dictify(role) for role in - _user_roles(conn, token.user).maybe(# type: ignore[misc] - tuple(), lambda roles: roles))) + dictify(role) for role in _user_roles(conn, token.user))) def __email_valid__(email: str) -> Tuple[bool, Optional[str]]: """Validate the email address.""" |