Use the form's json attribute to retrieve sent data

The system uses JSON as the default communication format, so we use the form's json attribute to get any data sent.
author: Frederick Muriuki Muriithi 2024-06-17 10:57:17 -0500
committer: Frederick Muriuki Muriithi 2024-06-17 10:57:17 -0500
commit: 03bbb4df4e7a6a6b0bbccfabe8a28b380d12bd80 (patch)
tree: 41981115fa36a1bf36ba56d012e45da3c69216af
parent: 9f1b11d2756010647051bf213ceed3f374524bbb (diff)
download: gn-auth-03bbb4df4e7a6a6b0bbccfabe8a28b380d12bd80.tar.gz
4 files changed, 21 insertions, 21 deletions
diff --git a/gn_auth/auth/authorisation/data/views.py b/gn_auth/auth/authorisation/data/views.py
index 83f4e4b..86dafe5 100644
--- a/gn_auth/auth/authorisation/data/views.py
+++ b/gn_auth/auth/authorisation/data/views.py
@@ -186,16 +186,16 @@ def __search_mrna__():
 def __request_key__(key: str, default: Any = ""):
     if bool(request.json):
         return request.json.get(#type: ignore[union-attr]
-            key, request.args.get(key, request.form.get(key, default)))
-    return request.args.get(key, request.form.get(key, default))
+            key, request.args.get(key, request.json.get(key, default)))
+    return request.args.get(key, request.json.get(key, default))
 
 def __request_key_list__(key: str, default: tuple[Any, ...] = tuple()):
     if bool(request.json):
         return (request.json.get(key,[])#type: ignore[union-attr]
-                or request.args.getlist(key) or request.form.getlist(key)
+                or request.args.getlist(key) or request.json.getlist(key)
                 or list(default))
     return (request.args.getlist(key)
-            or request.form.getlist(key) or list(default))
+            or request.json.getlist(key) or list(default))
 
 def __search_genotypes__():
     query = __request_key__("query", "")
diff --git a/gn_auth/auth/authorisation/resources/groups/views.py b/gn_auth/auth/authorisation/resources/groups/views.py
index ef6bb0d..beb2b42 100644
--- a/gn_auth/auth/authorisation/resources/groups/views.py
+++ b/gn_auth/auth/authorisation/resources/groups/views.py
@@ -50,7 +50,7 @@ def list_groups():
 def create_group():
     """Create a new group."""
     with require_oauth.acquire("profile group") as the_token:
-        group_name=request.form.get("group_name", "").strip()
+        group_name=request.json.get("group_name", "").strip()
         if not bool(group_name):
             raise GroupCreationError("Could not create the group.")
 
@@ -58,7 +58,7 @@ def create_group():
         with db.connection(db_uri) as conn:
             user = the_token.user
             new_group = _create_group(
-                conn, group_name, user, request.form.get("group_description"))
+                conn, group_name, user, request.json.get("group_description"))
             return jsonify({
                 **asdict(new_group), "group_leader": asdict(user)
             })
@@ -107,7 +107,7 @@ def request_to_join(group_id: uuid.UUID) -> Response:
             }
 
     with require_oauth.acquire("profile group") as the_token:
-        form = request.form
+        form = request.json
         results = with_db_connection(partial(
             __request__, user=the_token.user, group_id=group_id, message=form.get(
                 "message", "I hereby request that you add me to your group.")))
@@ -126,7 +126,7 @@ def list_join_requests() -> Response:
 def accept_join_requests() -> Response:
     """Accept a join request."""
     with require_oauth.acquire("profile group") as the_token:
-        form = request.form
+        form = request.json
         request_id = uuid.UUID(form.get("request_id"))
         return jsonify(with_db_connection(partial(
             accept_reject_join_request, request_id=request_id,
@@ -137,7 +137,7 @@ def accept_join_requests() -> Response:
 def reject_join_requests() -> Response:
     """Reject a join request."""
     with require_oauth.acquire("profile group") as the_token:
-        form = request.form
+        form = request.json
         request_id = uuid.UUID(form.get("request_id"))
         return jsonify(with_db_connection(partial(
             accept_reject_join_request, request_id=request_id,
@@ -268,7 +268,7 @@ def unlinked_data(resource_type: str) -> Response:
 def link_data() -> Response:
     """Link selected data to specified group."""
     with require_oauth.acquire("profile group resource") as _the_token:
-        form = request.form
+        form = request.json
         group_id = uuid.UUID(form["group_id"])
         dataset_ids = form.getlist("dataset_ids")
         dataset_type = form.get("dataset_type")
@@ -322,7 +322,7 @@ def create_group_role():
                       oauth2_scope="profile group role")
         def __create__(conn: db.DbConnection) -> GroupRole:
             ## TODO: Check user cannot assign any privilege they don't have.
-            form = request.form
+            form = request.json
             role_name = form.get("role_name", "").strip()
             privileges_ids = form.getlist("privileges[]")
             if len(role_name) == 0:
@@ -374,7 +374,7 @@ def __add_remove_priv_to_from_role__(conn: db.DbConnection,
         raise AuthorisationError(
             "You need to be a member of a group to edit roles.")
     try:
-        privilege_id = request.form.get("privilege_id", "")
+        privilege_id = request.json.get("privilege_id", "")
         assert bool(privilege_id), "Privilege to add must be provided."
         privileges = privileges_by_ids(conn, (privilege_id,))
         if len(privileges) == 0:
diff --git a/gn_auth/auth/authorisation/resources/views.py b/gn_auth/auth/authorisation/resources/views.py
index a98f404..4583346 100644
--- a/gn_auth/auth/authorisation/resources/views.py
+++ b/gn_auth/auth/authorisation/resources/views.py
@@ -53,7 +53,7 @@ def list_resource_categories() -> Response:
 def create_resource() -> Response:
     """Create a new resource"""
     with require_oauth.acquire("profile group resource") as the_token:
-        form = request.form
+        form = request.json
         resource_name = form.get("resource_name")
         resource_category_id = UUID(form.get("resource_category"))
         db_uri = app.config["AUTH_DB"]
@@ -126,7 +126,7 @@ def view_resource_data(resource_id: UUID) -> Response:
 def link_data():
     """Link group data to a specific resource."""
     try:
-        form = request.form
+        form = request.json
         assert "resource_id" in form, "Resource ID not provided."
         assert "data_link_id" in form, "Data Link ID not provided."
         assert "dataset_type" in form, "Dataset type not specified"
@@ -150,7 +150,7 @@ def link_data():
 def unlink_data():
     """Unlink data bound to a specific resource."""
     try:
-        form = request.form
+        form = request.json
         assert "resource_id" in form, "Resource ID not provided."
         assert "data_link_id" in form, "Data Link ID not provided."
 
@@ -239,7 +239,7 @@ def assign_role_to_user(resource_id: UUID) -> Response:
     """Assign a role on the specified resource to a user."""
     with require_oauth.acquire("profile group resource role") as the_token:
         try:
-            form = request.form
+            form = request.json
             group_role_id = form.get("group_role_id", "")
             user_email = form.get("user_email", "")
             assert bool(group_role_id), "The role must be provided."
@@ -264,7 +264,7 @@ def unassign_role_to_user(resource_id: UUID) -> Response:
     """Unassign a role on the specified resource from a user."""
     with require_oauth.acquire("profile group resource role") as the_token:
         try:
-            form = request.form
+            form = request.json
             group_role_id = form.get("group_role_id", "")
             user_id = form.get("user_id", "")
             assert bool(group_role_id), "The role must be provided."
diff --git a/gn_auth/auth/authorisation/users/views.py b/gn_auth/auth/authorisation/users/views.py
index 1d3b128..cc70d76 100644
--- a/gn_auth/auth/authorisation/users/views.py
+++ b/gn_auth/auth/authorisation/users/views.py
@@ -166,7 +166,7 @@ def register_user() -> Response:
         __assert_not_logged_in__(conn)
 
         try:
-            form = request.form
+            form = request.json
             email = validate_email(form.get("email", "").strip(),
                                    check_deliverability=True)
             password = validate_password(
@@ -204,7 +204,7 @@ def delete_verification_code(cursor, code: str):
 @users.route("/verify", methods=["GET", "POST"])
 def verify_user():
     """Verify users are not bots."""
-    form = request.form
+    form = request.json
     loginuri = redirect(url_for(
         "oauth2.auth.authorise",
         response_type=(request.args.get("response_type")
@@ -308,7 +308,7 @@ def list_all_users() -> Response:
 @users.route("/handle-unverified", methods=["POST"])
 def handle_unverified():
     """Handle case where user tries to login but is unverified"""
-    form = request.form
+    form = request.json
     # TODO: Maybe have a GN2_URI setting here?
     #       or pass the client_id here?
     return render_template(
@@ -321,7 +321,7 @@ def handle_unverified():
 @users.route("/send-verification", methods=["POST"])
 def send_verification_code():
     """Send verification code email."""
-    form = request.form
+    form = request.json
     with (db.connection(current_app.config["AUTH_DB"]) as conn,
           db.cursor(conn) as cursor):
         user = user_by_email(conn, form["user_email"])
author	Frederick Muriuki Muriithi	2024-06-17 10:57:17 -0500
committer	Frederick Muriuki Muriithi	2024-06-17 10:57:17 -0500
commit	03bbb4df4e7a6a6b0bbccfabe8a28b380d12bd80 (patch)
tree	41981115fa36a1bf36ba56d012e45da3c69216af
parent	9f1b11d2756010647051bf213ceed3f374524bbb (diff)
download	gn-auth-03bbb4df4e7a6a6b0bbccfabe8a28b380d12bd80.tar.gz