From dcd09e820ff142a8ca932363a0b67b72182d355c Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Wed, 4 Jan 2023 06:34:30 +0300
Subject: auth: Return only non-resource roles on `/user-roles` endpoint

Resource roles will be returned as part of the resources request.

* gn3/auth/authorisation/roles.py: Simplify query - only get non-resource
  roles
* gn3/auth/authorisation/views.py: update docstring
---
 gn3/auth/authorisation/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'gn3/auth/authorisation/views.py')

diff --git a/gn3/auth/authorisation/views.py b/gn3/auth/authorisation/views.py
index 2481633..2a419af 100644
--- a/gn3/auth/authorisation/views.py
+++ b/gn3/auth/authorisation/views.py
@@ -9,7 +9,7 @@ from ..authentication.oauth2.resource_server import require_oauth
 @oauth2.route("/user-roles")
 @require_oauth
 def user_roles():
-    """Return the roles assigned to the user."""
+    """Return the non-resource roles assigned to the user."""
     with require_oauth.acquire("role") as token:
         with db.connection(current_app.config["AUTH_DB"]) as conn:
             return jsonify(_user_roles(conn, token.user))
-- 
cgit v1.2.3