cleaning authorization function

dsullivan7 · dsullivan7 · commit 1b99a25c4fc9 · 2025-02-04T15:33:16.000-05:00
diff --git a/src/authorization/mod.rs b/src/authorization/mod.rs
@@ -1,14 +1,7 @@
 use mockall::*;
 use serde::{Deserialize, Serialize};
-use thiserror::Error;
 use uuid::Uuid;
 
-#[derive(Error, Debug)]
-pub enum AuthorizationError {
-    #[error("authorization error")]
-    Error,
-}
-
 #[derive(Clone)]
 pub struct User {
     pub user_id: Uuid,
@@ -17,34 +10,28 @@ pub struct User {
 
 #[automock]
 pub trait IAuthorization: Send + Sync {
-    fn can_get_user(&self, actor: User, resource_id: Uuid) -> Result<bool, AuthorizationError>;
+    fn can_get_user(&self, actor: User, resource_id: Uuid) -> bool;
     // fn can_modify_user(&self, actor: User, resource_id: Uuid) -> Result<bool, AuthorizationError>;
     // fn can_delete_user(&self, actor: User, resource_id: Uuid) -> Result<bool, AuthorizationError>;
-    fn can_list_users(&self, actor: User) -> Result<bool, AuthorizationError>;
+    fn can_list_users(&self, actor: User) -> bool;
     // fn can_create_user(&self, actor: User) -> Result<bool, AuthorizationError>;
 }
 
 #[derive(Clone, Serialize, Deserialize)]
 pub struct Authorization;
 
 impl Authorization {
-    fn is_user_admin(&self, actor: User) -> Result<bool, AuthorizationError> {
-        if actor.role == "admin" {
-            return Ok(true);
-        }
-        Err(AuthorizationError::Error)
+    fn is_user_admin(&self, actor: User) -> bool {
+        return actor.role == "admin";
     }
 }
 
 impl IAuthorization for Authorization {
-    fn can_get_user(&self, actor: User, resource_id: Uuid) -> Result<bool, AuthorizationError> {
-        self.is_user_admin(actor.clone())
-            .or(match actor.user_id == resource_id {
-                true => Ok(true),
-                false => Err(AuthorizationError::Error),
-            })
+    fn can_get_user(&self, actor: User, resource_id: Uuid) -> bool {
+        return self.is_user_admin(actor.clone()) || actor.user_id == resource_id;
     }
-    fn can_list_users(&self, actor: User) -> Result<bool, AuthorizationError> {
+
+    fn can_list_users(&self, actor: User) -> bool {
         self.is_user_admin(actor)
     }
 }
diff --git a/src/handlers/authorization.rs b/src/handlers/authorization.rs
@@ -33,15 +33,14 @@ pub async fn can_list_users(
         .map_err(|err| errors::ServerError::Internal(anyhow!(err)))?
         .ok_or(errors::ServerError::Unauthorized)?;
 
-    let is_authorized = authorization
-        .can_list_users(AuthzUser {
-            user_id: user.user_id.to_owned(),
-            role: user.role.to_owned(),
-        })
-        .or(Err(errors::ServerError::Unauthorized))?;
+    let is_authorized = authorization.can_list_users(AuthzUser {
+        user_id: user.user_id.to_owned(),
+        role: user.role.to_owned(),
+    });
 
     if is_authorized {
         return Ok(next.run(req).await);
     }
+
     Err(errors::ServerError::Unauthorized)
 }
