From a11bd7a2c7f5b9a82ce70b7baf9eae92561ed905 Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Tue, 15 Nov 2022 13:08:56 +0300 Subject: auth: Return results of calling function directly * gn3/auth/authorisation/checks.py: Return results of calling the function rather than a dict of values that include the results. * gn3/auth/authorisation/groups.py: Use the newer form of `authorised_p` decorator. * tests/unit/auth/test_groups.py: Update tests --- gn3/auth/authorisation/checks.py | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) (limited to 'gn3/auth/authorisation/checks.py') diff --git a/gn3/auth/authorisation/checks.py b/gn3/auth/authorisation/checks.py index f14c5c7..3181655 100644 --- a/gn3/auth/authorisation/checks.py +++ b/gn3/auth/authorisation/checks.py @@ -1,6 +1,6 @@ """Functions to check for authorisation.""" from functools import wraps -from typing import Union, Callable +from typing import Callable from flask import g, current_app as app @@ -9,8 +9,6 @@ from . import privileges as auth_privs def authorised_p( privileges: tuple[str], - success_message: Union[str, bool] = ( - "Successfully authorised requested action"), error_message: str = ( "You lack authorisation to perform requested action")): """Authorisation decorator.""" @@ -20,15 +18,15 @@ def authorised_p( def __authoriser__(*args, **kwargs): if hasattr(g, "user_id") and g.user_id: with db.connection(app.config["AUTH_DB"]) as conn: - user_privileges = auth_privs.user_privileges(conn, g.user_id) + user_privileges = tuple( + priv.privilege_name for priv in + auth_privs.user_privileges(conn, g.user_id)) not_assigned = [ priv for priv in privileges if priv not in user_privileges] if len(not_assigned) == 0: - return { - "status": "success", - "message": success_message, - "results": func(*args, **kwargs)} + return func(*args, **kwargs) + return { "status": "error", "message": f"Unauthorised: {error_message}" -- cgit v1.2.3