Task auth checker (#140)

Fixed Route Matching checks on authorisor --------- Co-authored-by: Scott Alexander <scott.alexander@madetech.com>
nhsconnect · Nov 8, 2023 · b716637 · b716637
1 parent 146b105
commit b716637
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 9 deletions.
diff --git a/lambdas/handlers/authoriser_handler.py b/lambdas/handlers/authoriser_handler.py
@@ -79,27 +79,26 @@ def lambda_handler(event, context):
 
 def validate_access_policy(http_verb, path, user_role):
     logger.info("Validating resource req: %s, http: %s" % (path, http_verb))
+
+    logger.info(f"Path: {path}")
     match path:
         case "/DocumentDelete":
             deny_resource = (
-                user_role is RepositoryRole.GP_CLINICAL.value
-                or user_role is RepositoryRole.GP_ADMIN.value
+                user_role == RepositoryRole.GP_CLINICAL.value
             )
 
         case "/DocumentManifest":
             deny_resource = (
-                user_role is RepositoryRole.GP_CLINICAL.value
-                or user_role is RepositoryRole.GP_ADMIN.value
+                user_role == RepositoryRole.GP_CLINICAL.value
             )
 
         case "/DocumentReference":
             deny_resource = (
-                user_role is RepositoryRole.GP_CLINICAL.value
-                or user_role is RepositoryRole.GP_ADMIN.value
+                user_role == RepositoryRole.GP_CLINICAL.value
             )
 
         case "/SearchDocumentReferences":
-            deny_resource = user_role is RepositoryRole.PCSE.value
+            deny_resource = user_role == RepositoryRole.PCSE.value
 
         case _:
             deny_resource = False
@@ -160,7 +159,6 @@ def find_login_session(ndr_session_id):
         current_session = query_response["Items"][0]
         return current_session
     except (KeyError, IndexError) as error:
-        logger.info(error)
         raise AuthorisationException(
             f"Unable to find session for session ID ending in: {redact_id(ndr_session_id)}"
         )

diff --git a/lambdas/services/mock_pds_service.py b/lambdas/services/mock_pds_service.py
@@ -13,7 +13,7 @@ def pds_request(self, nhs_number: str, *args, **kwargs) -> Response:
         mock_pds_results: list[dict] = []
 
         try:
-            with open("services/mock_data/pds_patient_not_active.json") as f:
+            with open("services/mock_data/pds_patient_gp_clinical_ods_practise.json") as f:
                 mock_pds_results.append(json.load(f))
 
             with open("services/mock_data/pds_patient_restricted.json") as f: