Move blueshirt scope to constant

Author: RealOrangeOne

code_submitter/auth.py

@@ -19,6 +19,8 @@
 
 logger = logging.getLogger(__name__)
 
+BLUESHIRT_SCOPE = 'blueshirt'
+
 
 class User(SimpleUser):
     def __init__(self, username: str, team: Optional[str]) -> None:
@@ -156,7 +158,7 @@ def get_scopes(self, info: NemesisUserInfo) -> List[str]:
         scopes = ['authenticated']
 
         if info['is_blueshirt']:
-            scopes.append('blueshirt')
+            scopes.append(BLUESHIRT_SCOPE)
 
         return scopes
 
@@ -227,7 +229,7 @@ def get_scopes(self, username: str) -> List[str]:
         scopes = ['authenticated']
 
         if username == self.BLUESHIRT_TEAM:
-            scopes.append('blueshirt')
+            scopes.append(BLUESHIRT_SCOPE)
 
         return scopes
 
@@ -242,6 +244,6 @@ async def validate(self, username: str, password: str) -> ValidationResult:
 
         scopes = self.get_scopes(username)
 
-        if 'blueshirt' in scopes:
+        if BLUESHIRT_SCOPE in scopes:
             return scopes, User("SR", None)
         return scopes, User(f"Team {username}", username)

code_submitter/server.py

@@ -15,7 +15,7 @@
 from starlette.middleware.authentication import AuthenticationMiddleware
 
 from . import auth, utils, config
-from .auth import User
+from .auth import User, BLUESHIRT_SCOPE
 from .tables import Archive, ChoiceHistory
 
 database = databases.Database(config.DATABASE_URL, force_rollback=config.TESTING)
@@ -53,6 +53,7 @@ async def homepage(request: Request) -> Response:
         'request': request,
         'chosen': chosen,
         'uploads': uploads,
+        'BLUESHIRT_SCOPE': BLUESHIRT_SCOPE,
     })
 
 
@@ -121,7 +122,7 @@ async def upload(request: Request) -> Response:
     )
 
 
-@requires(['authenticated', 'blueshirt'])
+@requires(['authenticated', BLUESHIRT_SCOPE])
 async def download_submissions(request: Request) -> Response:
     buffer = io.BytesIO()
     with zipfile.ZipFile(buffer, mode='w') as zf:

templates/index.html

@@ -31,7 +31,7 @@
   <body>
     <div class="container">
       <h1>Virtual Competition Code Submission</h1>
-      {% if 'blueshirt' in request.auth.scopes %}
+      {% if BLUESHIRT_SCOPE in request.auth.scopes %}
       <div class="row">
         <div class="col-sm-6">
           <a href="{{ url_for('download_submissions') }}">

tests/tests_app.py

@@ -6,6 +6,7 @@
 import test_utils
 from starlette.testclient import TestClient
 
+from code_submitter.auth import BLUESHIRT_SCOPE
 from code_submitter.tables import Archive, ChoiceHistory
 
 
@@ -286,7 +287,7 @@ def test_no_download_link_for_non_blueshirt(self) -> None:
         self.assertNotIn(download_url, html)
 
     def test_shows_download_link_for_blueshirt(self) -> None:
-        self.session.auth = ('blueshirt', 'blueshirt')
+        self.session.auth = (BLUESHIRT_SCOPE, BLUESHIRT_SCOPE)
 
         download_url = self.url_for('download_submissions')
 
@@ -299,7 +300,7 @@ def test_download_submissions_requires_blueshirt(self) -> None:
         self.assertEqual(403, response.status_code)
 
     def test_download_submissions_when_none(self) -> None:
-        self.session.auth = ('blueshirt', 'blueshirt')
+        self.session.auth = (BLUESHIRT_SCOPE, BLUESHIRT_SCOPE)
 
         response = self.session.get(self.url_for('download_submissions'))
         self.assertEqual(200, response.status_code)
@@ -311,7 +312,7 @@ def test_download_submissions_when_none(self) -> None:
             )
 
     def test_download_submissions(self) -> None:
-        self.session.auth = ('blueshirt', 'blueshirt')
+        self.session.auth = (BLUESHIRT_SCOPE, BLUESHIRT_SCOPE)
 
         self.await_(self.database.execute(
             Archive.insert().values(

tests/tests_auth.py

@@ -6,7 +6,12 @@
 from starlette.applications import Starlette
 from starlette.authentication import AuthenticationError
 
-from code_submitter.auth import FileBackend, NemesisBackend, NemesisUserInfo
+from code_submitter.auth import (
+    FileBackend,
+    NemesisBackend,
+    BLUESHIRT_SCOPE,
+    NemesisUserInfo,
+)
 
 
 class NemesisAuthTests(test_utils.AsyncTestCase):
@@ -91,7 +96,7 @@ async def endpoint(request: Request) -> Response:
         self.assertEqual('user', user.username, "Wrong username for user")
 
         self.assertEqual(
-            ['authenticated', 'blueshirt'],
+            ['authenticated', BLUESHIRT_SCOPE],
             scopes,
             "Wrong scopes for user",
         )
@@ -131,7 +136,7 @@ def test_blueshirt(self) -> None:
         self.assertEqual('SR', user.username, "Wrong username for user")
 
         self.assertEqual(
-            ['authenticated', 'blueshirt'],
+            ['authenticated', BLUESHIRT_SCOPE],
             scopes,
             "Wrong scopes for user",
         )