feat(arborist): refactor resource_path_to_project_ids()

uc-cdis · Sep 16, 2019 · 1afa46d · 1afa46d
1 parent 300ddf7
commit 1afa46d
Show file tree

Hide file tree

Showing 2 changed files with 60 additions and 63 deletions.
diff --git a/peregrine/auth/__init__.py b/peregrine/auth/__init__.py
@@ -14,75 +14,76 @@
 from gen3authz.client.arborist.errors import ArboristError
 import flask
 
-from peregrine.errors import AuthNError
+from peregrine.errors import AuthNError, InternalError
 
 
 logger = get_logger(__name__)
 
 
 def resource_path_to_project_ids(resource_path):
     parts = resource_path.strip('/').split('/')
-    if resource_path == "/" or (parts and parts[0] == "programs"):
 
-        if len(parts) > 4 or (len(parts) > 2 and parts[2] != "projects"):
+    # resource path ignored by peregrine
+    if resource_path != "/" and parts[0] != "programs":
+        return []
+
+    if len(parts) > 4 or (len(parts) > 2 and parts[2] != "projects"):
+        logger.warn(
+            "ignoring resource path {} because peregrine cannot handle a permission more granular than program/project level".format(resource_path)
+        )
+        return []
+
+    # "/" or "/programs": access to all programs
+    if len(parts) == 1:
+        programs = (
+            flask.current_app.db
+            .nodes(models.Program)
+            .all()
+        )
+        return [
+            program.name + '-' + project.code
+            for program in programs
+            for project in program.projects
+        ]
+
+    # "/programs/[...]" or "/programs/[...]/projects/":
+    # access to all projects of a program
+    if len(parts) < 4:
+        program_name = parts[1]
+        program = (
+            flask.current_app.db
+            .nodes(models.Program)
+            .props(name=program_name)
+            .first()
+        )
+        if not program:
             logger.warn(
-                "ignoring resource path {} because peregrine cannot handle a permission more granular than program/project level".format(resource_path)
+                "program {} in resource path {} does not exist".format(program_name, resource_path)
             )
             return []
+        return [
+            program.name + '-' + project.code
+            for project in program.projects
+        ]
 
-        #  "/" or "/programs": access to all programs
-        if len(parts) == 1:
-            programs = (
-                flask.current_app.db
-                .nodes(models.Program)
-                .all()
-            )
-            return [
-                program.name + '-' + project.code
-                for program in programs
-                for project in program.projects
-            ]
-
-        #  "/programs/[...]" or "/programs/[...]/projects/":
-        # access to all projects of a program
-        if len(parts) < 4:
-            program_name = parts[1]
-            program = (
-                flask.current_app.db
-                .nodes(models.Program)
-                .props(name=program_name)
-                .first()
-            )
-            if not program:
-                logger.warn(
-                    "program {} in resource path {} does not exist".format(program_name, resource_path)
-                )
-                return []
-            return [
-                program.name + '-' + project.code
-                for project in program.projects
-            ]
-
-        #  "/programs/[...]/projects/[...]": access to a specific project
-        if parts[2] == "projects":
-            project_code = parts[3]
-            project = (
-                flask.current_app.db
-                .nodes(models.Project)
-                .props(code=project_code)
-                .first()
-            )
-            if not project:
-                logger.warn(
-                    "project {} in resource path {} does not exist".format(project_code, resource_path)
-                )
-                return []
-            return [
-                program.name + '-' + project.code
-                for program in project.programs
-            ]
-
-    return []
+    # "/programs/[...]/projects/[...]": access to a specific project
+    # here, len(parts) == 4 and parts[2] == "projects"
+    project_code = parts[3]
+    project = (
+        flask.current_app.db
+        .nodes(models.Project)
+        .props(code=project_code)
+        .first()
+    )
+    if not project:
+        logger.warn(
+            "project {} in resource path {} does not exist".format(project_code, resource_path)
+        )
+        return []
+    return [
+        program.name + '-' + project.code
+        for program in project.programs
+    ]
 
 
 def get_read_access_projects():

diff --git a/tests/conftest.py b/tests/conftest.py
@@ -217,7 +217,7 @@ def mock_arborist_requests(request):
     """
     This fixture returns a function which you call to mock the call to
     arborist client's methods.
-    Parameter "mapping" lets us specify the response for a call to
+    Parameter "auth_mapping" lets us specify the response for a call to
     auth_mapping().
     auth_mapping() is mocked because it is called by peregrine.
     auth_request() and create_resource() are mocked because they are called
@@ -230,14 +230,10 @@ def response(*args, **kwargs):
                 mocked_response = MagicMock(requests.Response)
 
                 if function_name == "auth_mapping":
-                    def mocked_items(*args, **kwargs):
-                        return None
                     mocked_response.items = auth_mapping.items
 
                 if function_name == "create_resource":
-                    def mocked_get(*args, **kwargs):
-                        return None
-                    mocked_response.get = mocked_get
+                    mocked_response.get = lambda *args, **kwargs: None
 
                 return mocked_response
             return response