From a0d5e679f62032359fc63309bcbb46337ddb7810 Mon Sep 17 00:00:00 2001
From: dandds <dan-ctr@friends.dds.mil>
Date: Wed, 18 Jul 2018 09:27:25 -0400
Subject: [PATCH] put initial permissions fetching in BaseHandler

---
 atst/handler.py                 | 13 ++++++++++++-
 atst/handlers/dev.py            | 16 +---------------
 atst/handlers/login_redirect.py | 11 +----------
 3 files changed, 14 insertions(+), 26 deletions(-)

diff --git a/atst/handler.py b/atst/handler.py
index 2ad1acaf..8c500069 100644
--- a/atst/handler.py
+++ b/atst/handler.py
@@ -6,16 +6,26 @@ helpers = {"assets": environment}
 
 
 class BaseHandler(tornado.web.RequestHandler):
+
     def get_template_namespace(self):
         ns = super(BaseHandler, self).get_template_namespace()
         helpers["config"] = self.application.config
         ns.update(helpers)
         return ns
 
+    @tornado.gen.coroutine
     def login(self, user):
+        user["atat_permissions"] = yield self._get_user_permissions(user["id"])
         session_id = self.sessions.start_session(user)
         self.set_secure_cookie("atat", session_id)
-        self.redirect("/home")
+        return self.redirect("/home")
+
+    @tornado.gen.coroutine
+    def _get_user_permissions(self, user_id):
+        response = yield self.authz_client.post(
+            "/users", json={"id": user_id, "atat_role": "ccpo"}
+        )
+        return response.json["atat_permissions"]
 
     def get_current_user(self):
         cookie = self.get_secure_cookie("atat")
@@ -24,6 +34,7 @@ class BaseHandler(tornado.web.RequestHandler):
                 session = self.application.sessions.get_session(cookie)
             except SessionNotFoundError:
                 return None
+
         else:
             return None
 
diff --git a/atst/handlers/dev.py b/atst/handlers/dev.py
index 8267e1ff..38c71419 100644
--- a/atst/handlers/dev.py
+++ b/atst/handlers/dev.py
@@ -16,18 +16,4 @@ class Dev(BaseHandler):
             "first_name": "Test",
             "last_name": "User",
         }
-        user_permissions = yield self.get_or_fetch_user_permissions(user["id"])
-        user["atat_permissions"] = user_permissions
-        self.login(user)
-
-    @tornado.gen.coroutine
-    def get_or_fetch_user_permissions(self, user_id):
-        response = yield self.authz_client.post(
-            "/users", json={"id": user_id, "atat_role": "ccpo"}, raise_error=False
-        )
-        if response.code == 200:
-            return response.json["atat_permissions"]
-        elif response.code == 409:
-            # User already exists
-            response = yield self.authz_client.get("/users/{}".format(user_id))
-            return response.json["atat_permissions"]
+        yield self.login(user)
diff --git a/atst/handlers/login_redirect.py b/atst/handlers/login_redirect.py
index d535aef7..59fb8751 100644
--- a/atst/handlers/login_redirect.py
+++ b/atst/handlers/login_redirect.py
@@ -14,9 +14,7 @@ class LoginRedirect(BaseHandler):
         if token:
             user = yield self._fetch_user_info(token)
             if user:
-                authz_user = yield self.create_authz_user(user["id"])
-                user["atat_permissions"] = authz_user["atat_permissions"]
-                self.login(user)
+                yield self.login(user)
             else:
                 self.write_error(401)
 
@@ -38,10 +36,3 @@ class LoginRedirect(BaseHandler):
 
             else:
                 raise error
-
-    @tornado.gen.coroutine
-    def create_authz_user(self, user_id):
-        response = yield self.authz_client.post(
-            "/users", json={"id": user_id, "atat_role": "ccpo"}
-        )
-        return response.json