Move generalised checker function to the authspec module.

2 files changed, 11 insertions, 11 deletions

diff --git a/gn_libs/privileges/authspec.py b/gn_libs/privileges/authspec.py
index 32c943d..2ae154f 100644
--- a/gn_libs/privileges/authspec.py
+++ b/gn_libs/privileges/authspec.py
@@ -164,3 +164,13 @@ def check(spec: str, privileges: tuple[str, ...]) -> bool:
     """Check that the sequence of `privileges` satisfies `spec`."""
     _spec = parse(spec)
     return _OPERATOR_FUNCTION_[_spec[0]](privileges, *_spec[1:])
+
+
+def privileges_fulfill_specs(
+        queried_privileges: tuple[str, ...],
+        resource_spec: str,
+        system_spec: str
+) -> bool:
+    """Check whether a user's privileges fulfill the given specs."""
+    return (check(resource_spec, queried_privileges) or
+            check(system_spec, queried_privileges))
diff --git a/gn_libs/privileges/checks.py b/gn_libs/privileges/checks.py
index 19fe5c0..a7cc003 100644
--- a/gn_libs/privileges/checks.py
+++ b/gn_libs/privileges/checks.py
@@ -4,22 +4,12 @@ from functools import partial
 
 from gn_libs.sqlite3 import DbConnection
 
-from .authspec import check
+from .authspec import privileges_fulfill_specs
 
 
 logger = logging.getLogger(__name__)
 
 
-def privileges_fulfill_specs(
-        queried_privileges: tuple[str, ...],
-        resource_spec: str,
-        system_spec: str
-) -> bool:
-    """Check whether a user's privileges fulfill the given specs."""
-    return (check(resource_spec, queried_privileges) or
-            check(system_spec, queried_privileges))
-
-
 can_view = partial(
     privileges_fulfill_specs,
     resource_spec="(OR group:resource:view-resource system:resource:view)",