aboutsummaryrefslogtreecommitdiff
path: root/gn_auth
diff options
context:
space:
mode:
Diffstat (limited to 'gn_auth')
-rw-r--r--gn_auth/auth/authorisation/checks.py12
-rw-r--r--gn_auth/auth/authorisation/data/views.py10
2 files changed, 11 insertions, 11 deletions
diff --git a/gn_auth/auth/authorisation/checks.py b/gn_auth/auth/authorisation/checks.py
index bf5e05a..4d5b6bc 100644
--- a/gn_auth/auth/authorisation/checks.py
+++ b/gn_auth/auth/authorisation/checks.py
@@ -32,21 +32,21 @@ def authorised_p(
privileges: tuple[str, ...],
error_description: str = (
"You lack authorisation to perform requested action"),
- oauth2_scope = "profile"):
+ oauth2_scope="profile"):
"""Authorisation decorator."""
assert len(privileges) > 0, "You must provide at least one privilege"
def __build_authoriser__(func: Callable):
@wraps(func)
def __authoriser__(*args, **kwargs):
- with require_oauth.acquire(oauth2_scope) as the_token:
- the_user = the_token.user
- if the_user:
+ with require_oauth.acquire(oauth2_scope) as _token:
+ _user = _token.user
+ if _user:
with db.connection(app.config["AUTH_DB"]) as conn:
user_privileges = tuple(
priv.privilege_id for priv in
- auth_privs.user_privileges(conn, the_user)) + tuple(
+ auth_privs.user_privileges(conn, _user)) + tuple(
priv_id for priv_id in
- __system_privileges_in_roles__(conn, the_user))
+ __system_privileges_in_roles__(conn, _user))
not_assigned = [
priv for priv in privileges if priv not in user_privileges]
diff --git a/gn_auth/auth/authorisation/data/views.py b/gn_auth/auth/authorisation/data/views.py
index 9d59a70..c40b667 100644
--- a/gn_auth/auth/authorisation/data/views.py
+++ b/gn_auth/auth/authorisation/data/views.py
@@ -88,11 +88,11 @@ def authorisation() -> Response:
user = User(uuid.uuid4(), "anon@ymous.user", "Anonymous User")
with db.connection(db_uri) as auth_conn:
try:
- with require_oauth.acquire("profile group resource") as the_token:
- user = the_token.user
+ with require_oauth.acquire("profile group resource") as _token:
+ user = _token.user
resources = attach_resources_data(
- auth_conn, user_resources(auth_conn, the_token.user))
- resources_roles = user_resource_roles(auth_conn, the_token.user)
+ auth_conn, user_resources(auth_conn, _token.user))
+ resources_roles = user_resource_roles(auth_conn, _token.user)
privileges = {
resource_id: tuple(
privilege.privilege_id
@@ -100,7 +100,7 @@ def authorisation() -> Response:
for privilege in roles.privileges)#("group:resource:view-resource",)
for resource_id, is_authorised
in authorised_for(
- auth_conn, the_token.user,
+ auth_conn, _token.user,
("group:resource:view-resource",), tuple(
resource.resource_id for resource in resources)).items()
if is_authorised