update handlers to user Users repo for managing authorization

This commit is contained in:
dandds 2018-07-30 14:04:05 -04:00
parent 4baa5fdd8c
commit 202f88bae5
10 changed files with 36 additions and 50 deletions

View File

@ -35,7 +35,7 @@ def make_app(config, deps, **kwargs):
{
"sessions": deps["sessions"],
"authnid_client": deps["authnid_client"],
"authz_client": deps["authz_client"],
"db_session": deps["db_session"],
},
name="login_redirect",
),
@ -50,7 +50,7 @@ def make_app(config, deps, **kwargs):
url(
r"/workspaces",
Workspaces,
{"page": "workspaces", "authz_client": deps["authz_client"]},
{"page": "workspaces", "db_session": deps["db_session"]},
name="workspaces",
),
url(
@ -136,7 +136,7 @@ def make_app(config, deps, **kwargs):
{
"action": "login",
"sessions": deps["sessions"],
"authz_client": deps["authz_client"],
"db_session": deps["db_session"],
},
name="dev-login",
)
@ -167,11 +167,6 @@ def make_deps(config):
return {
"db_session": make_db(config),
"authz_client": ApiClient(
config["default"]["AUTHZ_BASE_URL"],
api_version="v1",
validate_cert=validate_cert,
),
"authnid_client": ApiClient(
config["default"]["AUTHNID_BASE_URL"],
api_version="v1",

View File

@ -5,15 +5,16 @@ from .exceptions import NotFoundError
class Roles(object):
@classmethod
def get(cls, role_name):
def __init__(self, db_session):
self.db_session = db_session
def get(self, role_name):
try:
role = Role.query.filter_by(name=role_name).one()
role = self.db_session.query(Role).filter_by(name=role_name).one()
except NoResultFound:
raise NotFoundError("role")
return role
@classmethod
def get_all(cls):
return Role.query.all()
def get_all(self):
return self.db_session.query(Role).all()

View File

@ -11,18 +11,19 @@ class Users(object):
def __init__(self, db_session):
self.db_session = db_session
self.roles_repo = Roles(db_session)
def get(self, user_id):
try:
user = User.query.filter_by(id=user_id).one()
user = self.db_session.query(User).filter_by(id=user_id).one()
except NoResultFound:
raise NotFoundError("user")
return user
def create(self, user_id, atat_role_name):
atat_role = Roles.get(atat_role_name)
atat_role = self.roles_repo.get(atat_role_name)
try:
user = User(id=user_id, atat_role=atat_role)
@ -34,22 +35,19 @@ class Users(object):
return user
def get_or_create(self, user_id, *args, **kwargs):
created = False
try:
user = Users.get(user_id)
user = self.get(user_id)
except NotFoundError:
user = Users.create(user_id, *args, **kwargs)
user = self.create(user_id, *args, **kwargs)
self.db_session.add(user)
self.db_session.commit()
created = True
return user, created
return user
def update(self, user_id, atat_role_name):
user = Users.get(user_id)
atat_role = Roles.get(atat_role_name)
user = self.get(user_id)
atat_role = self.roles_repo.get(atat_role_name)
user.atat_role = atat_role
self.db_session.add(user)

View File

@ -1,6 +1,7 @@
import tornado.web
from atst.assets import environment
from atst.sessions import SessionNotFoundError
from atst.domain.users import Users
helpers = {"assets": environment}
@ -15,26 +16,18 @@ class BaseHandler(tornado.web.RequestHandler):
@tornado.gen.coroutine
def login(self, user):
user_permissions = yield self._get_user_permissions(user["id"])
user["atat_permissions"] = user_permissions["atat_permissions"]
user["atat_role"] = user_permissions["atat_role"]
db_user = yield self._get_user_permissions(user["id"])
user["atat_permissions"] = db_user.atat_permissions
user["atat_role"] = db_user.atat_role.name
session_id = self.sessions.start_session(user)
self.set_secure_cookie("atat", session_id)
return self.redirect("/home")
@tornado.gen.coroutine
def _get_user_permissions(self, user_id):
response = yield self.authz_client.get(
"/users/{}".format(user_id), raise_error=False
)
if response.code == 404:
response = yield self.authz_client.post(
"/users", json={"id": user_id, "atat_role": "developer"}
)
return response.json
else:
return response.json
user_repo = Users(self.db_session)
user = user_repo.get_or_create(user_id, atat_role_name="developer")
return user
def get_current_user(self):
cookie = self.get_secure_cookie("atat")

View File

@ -1,6 +1,7 @@
import tornado.gen
from atst.handler import BaseHandler
from atst.domain.users import Users
_DEV_USERS = {
"sam": {
@ -9,7 +10,6 @@ _DEV_USERS = {
"last_name": "Seeceepio",
"atat_role": "ccpo"
},
"amanda": {
"id": "cce17030-4109-4719-b958-ed109dbb87c8",
"first_name": "Amanda",
@ -44,10 +44,11 @@ _DEV_USERS = {
class Dev(BaseHandler):
def initialize(self, action, sessions, authz_client):
def initialize(self, action, sessions, db_session):
self.db_session = db_session
self.action = action
self.sessions = sessions
self.authz_client = authz_client
self.users_repo = Users(db_session)
@tornado.gen.coroutine
def get(self):
@ -58,7 +59,4 @@ class Dev(BaseHandler):
@tornado.gen.coroutine
def _set_user_permissions(self, user_id, role):
response = yield self.authz_client.post(
"/users", json={"id": user_id, "atat_role": role}
)
return response.json
return self.users_repo.get_or_create(user_id, atat_role_name=role)

View File

@ -3,10 +3,10 @@ from atst.handler import BaseHandler
class LoginRedirect(BaseHandler):
def initialize(self, authnid_client, sessions, authz_client):
def initialize(self, authnid_client, sessions, db_session):
self.db_session = db_session
self.authnid_client = authnid_client
self.sessions = sessions
self.authz_client = authz_client
@tornado.gen.coroutine
def get(self):

View File

@ -22,6 +22,7 @@ def map_request(user, request):
class Request(BaseHandler):
def initialize(self, page, db_session):
self.page = page
self.db_session = db_session
self.requests = Requests(db_session)
@tornado.web.authenticated

View File

@ -6,6 +6,7 @@ from atst.domain.requests import Requests
class RequestsSubmit(BaseHandler):
def initialize(self, db_session):
self.db_session = db_session
self.requests_repo = Requests(db_session)
@tornado.web.authenticated

View File

@ -12,9 +12,9 @@ mock_workspaces = [
class Workspaces(BaseHandler):
def initialize(self, page, authz_client):
def initialize(self, page, db_session):
self.page = page
self.authz_client = authz_client
self.db_session = db_session
@tornado.gen.coroutine
@tornado.web.authenticated

View File

@ -10,7 +10,6 @@ from atst.sessions import DictSessions
@pytest.fixture
def app(db):
TEST_DEPS = {
"authz_client": MockAuthzClient("authz"),
"authnid_client": MockApiClient("authnid"),
"fundz_client": MockFundzClient("fundz"),
"sessions": DictSessions(),