Small tweak for Account-Id or business identifier undefined (bcgov#3605)

seeker25 · web-flow · commit 1b151c2e733b · 2026-02-09T17:41:03.000-08:00
diff --git a/auth-api/src/auth_api/services/authorization.py b/auth-api/src/auth_api/services/authorization.py
@@ -239,6 +239,7 @@ def check_auth(**kwargs):
     else:
         business_identifier = kwargs.get("business_identifier", None)
         org_identifier = kwargs.get("org_id", None) or user_from_context.account_id
+        auth = None
         if business_identifier:
             auth = Authorization.get_user_authorizations_for_entity(business_identifier)
         elif org_identifier:
diff --git a/auth-api/tests/unit/services/test_authorization.py b/auth-api/tests/unit/services/test_authorization.py
@@ -258,8 +258,8 @@ def test_check_auth(session, monkeypatch):  # pylint:disable=unused-argument
         ("Test OK when STAFF in one_of_roles.", does_not_raise(), {"one_of_roles": {"STAFF"}}, False),
         ("Test OK when STAFF IS equals_role.", does_not_raise(), {"equals_role": "STAFF"}, False),
         (
-            "Test UnboundLocalError when system_required set to true -- auth variable not set.",
-            pytest.raises(UnboundLocalError),
+            "Test (403) when system_required set to true with no org id provided.",
+            pytest.raises(Forbidden),
             {"equals_role": "STAFF", "system_required": True},
             False,
         ),
@@ -405,8 +405,8 @@ def test_check_auth_system_path(
     "test_desc,test_expect,additional_kwargs,is_org_member,is_entity_affiliated",
     [
         (
-            "Test UnboundLocalError (403) when no role checks provided in kwargs.",
-            pytest.raises(UnboundLocalError),
+            "Test (403) when no role checks provided in kwargs.",
+            pytest.raises(Forbidden),
             {},
             False,
             False,
