Fixes according to previos test cases

Author: kompotkot

brood/actions.py

@@ -1084,6 +1084,14 @@ def get_token(session: Session, token: uuid.UUID) -> Token:
     return token_object
 
 
+def get_tokens(session: Session, user_id: uuid.UUID) -> List[Token]:
+    """
+    Retrieve the list of tokens for user.
+    """
+    objects = session.query(Token).filter(Token.user_id == user_id).all()
+    return objects
+
+
 def update_token(
     session: Session,
     token: uuid.UUID,

brood/api.py

@@ -340,6 +340,7 @@ async def get_tokens_handler(
     active: bool = Query(None),
     token_type: models.TokenType = Query(None),
     restricted: bool = Query(None),
+    db_session=Depends(yield_db_session_from_env),
 ) -> Dict[str, Any]:
     """
     Get list of tokens for current user.
@@ -354,7 +355,7 @@ async def get_tokens_handler(
             detail="Restricted tokens are not authorized to list user tokens.",
         )
 
-    tokens = current_user.tokens
+    tokens = actions.get_tokens(session=db_session, user_id=current_user.id)
     if active is not None:
         tokens = list(filter(lambda token: token.active == active, tokens))
     if token_type is not None:

brood/middleware.py

@@ -193,6 +193,9 @@ async def get_current_user_with_groups(
 
 
 def autogenerated_user_token_check(request: Request) -> bool:
+    """
+    Checks installation token header for autogenerated user access.
+    """
     if BOT_INSTALLATION_TOKEN is None:
         raise ValueError("BOT_INSTALLATION_TOKEN environment variable must be set")
 
@@ -224,17 +227,18 @@ async def get_current_user_or_installation(
     """
     Allow access if Bugout installation token provided, if not
     check user by default.
+
+    Because of oauth2_scheme_manual we could accept None bearer token.
     """
-    token = oauth2[0]
     scheme = oauth2[1]
-    if scheme != "bearer":
+    if scheme != "bearer" and scheme is not None:
         raise HTTPException(status_code=400, detail="Unaccepted scheme")
 
     autogenerated_user = autogenerated_user_token_check(request)
     if autogenerated_user is True:
         return True
     elif autogenerated_user is False:
-        user = await get_current_user(token, db_session)
+        user = await get_current_user(oauth2, db_session)
         return user
 
     raise HTTPException(status_code=400, detail="Access denied")
@@ -247,17 +251,18 @@ async def is_token_restricted_or_installation(
 ) -> bool:
     """
     Allow access if Bugout installation provided.
+
+    Because of oauth2_scheme_manual we could accept None bearer token.
     """
-    token = oauth2[0]
     scheme = oauth2[1]
-    if scheme != "bearer":
+    if scheme != "bearer" and scheme is not None:
         raise HTTPException(status_code=400, detail="Unaccepted scheme")
 
     autogenerated_user = autogenerated_user_token_check(request)
     if autogenerated_user is True:
         return False  # Return token.restricted = False
     elif autogenerated_user is False:
-        token_restricted = await is_token_restricted(token, db_session)
+        token_restricted = await is_token_restricted(oauth2, db_session)
         return token_restricted
 
     raise HTTPException(status_code=400, detail="Access denied")