Remove revoked_by arg

ministryofjustice · Oct 18, 2023 · e075f92 · e075f92
1 parent 69b7fba
commit e075f92
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 18 deletions.
diff --git a/controlpanel/api/models/apps3bucket.py b/controlpanel/api/models/apps3bucket.py
@@ -43,6 +43,5 @@ def __repr__(self):
     def grant_bucket_access(self):
         tasks.S3BucketGrantToApp(self, self.current_user).create_task()
 
-    def revoke_bucket_access(self, revoked_by=None):
-        revoked_by = revoked_by or None
-        tasks.S3BucketRevokeAppAccess(self, revoked_by).create_task()
+    def revoke_bucket_access(self):
+        tasks.S3BucketRevokeAppAccess(self, self.current_user).create_task()
diff --git a/controlpanel/api/models/policys3bucket.py b/controlpanel/api/models/policys3bucket.py
@@ -38,8 +38,8 @@ def grant_bucket_access(self):
             self.resources,
         )
 
-    def revoke_bucket_access(self, revoked_by=None):
-        # TODO update to use a Task to revoke access, to match user/app access{{
+    def revoke_bucket_access(self):
+        # TODO update to use a Task to revoke access, to match user/app access
         if self.s3bucket.is_folder:
             return cluster.RoleGroup(self.policy).revoke_folder_access(
                 root_folder_path=self.s3bucket.name

diff --git a/controlpanel/api/models/users3bucket.py b/controlpanel/api/models/users3bucket.py
@@ -47,9 +47,8 @@ def __repr__(self):
     def grant_bucket_access(self):
         tasks.S3BucketGrantToUser(self, self.current_user).create_task()
 
-    def revoke_bucket_access(self, revoked_by=None):
+    def revoke_bucket_access(self):
         # TODO when soft delete is added, this should be updated to use the user that
         # has deleted the parent S3bucket to ensure we store the user that has sent the
         # task in the case of cascading deletes
-        revoked_by = revoked_by or self.current_user
-        tasks.S3BucketRevokeUserAccess(self, revoked_by).create_task()
+        tasks.S3BucketRevokeUserAccess(self, self.current_user).create_task()
diff --git a/controlpanel/api/tasks/handlers/s3.py b/controlpanel/api/tasks/handlers/s3.py
@@ -93,4 +93,5 @@ def handle(self, *args, **kwargs):
             if not issubclass(model, AccessToS3Bucket):
                 continue
 
-            instance.revoke_bucket_access(revoked_by=task_user)
+            instance.current_user = task_user
+            instance.revoke_bucket_access()
diff --git a/tests/api/tasks/test_s3.py b/tests/api/tasks/test_s3.py
@@ -130,12 +130,6 @@ def test_revoke_all_access(users):
 
     revoke_all_access_s3bucket(bucket.pk, task.user_id)
 
-    user_access.revoke_bucket_access.assert_called_once_with(
-        revoked_by=users["superuser"],
-    )
-    app_access.revoke_bucket_access.assert_called_once_with(
-        revoked_by=users["superuser"],
-    )
-    policy_access.revoke_bucket_access.assert_called_once_with(
-        revoked_by=users["superuser"],
-    )
+    user_access.revoke_bucket_access.assert_called_once()
+    app_access.revoke_bucket_access.assert_called_once()
+    policy_access.revoke_bucket_access.assert_called_once()