diff --git a/monitoring/uss_qualifier/resources/astm/f3548/v21/dss.py b/monitoring/uss_qualifier/resources/astm/f3548/v21/dss.py index bfc139559b..b0bc9fbef1 100644 --- a/monitoring/uss_qualifier/resources/astm/f3548/v21/dss.py +++ b/monitoring/uss_qualifier/resources/astm/f3548/v21/dss.py @@ -106,11 +106,15 @@ def _uses_scope(self, *scopes: Tuple[str]) -> None: f"{fullname(type(self))} client called {calling_function_name(1)} which requires the use of the scope `{scope}`, but this DSSInstance is only authorized to perform actions with the scopes {' or '.join(self._scopes_authorized)}" ) - def _uses_any_scope(self, *scopes: str) -> None: - if not any([scope in self._scopes_authorized for scope in scopes]): - raise ValueError( - f"{fullname(type(self))} client called {calling_function_name(1)} which requires the use of any of the scopes `{', '.join(scopes)}`, but this DSSInstance is only authorized to perform actions with the scopes {' or '.join(self._scopes_authorized)}" - ) + def _uses_any_scope(self, *scopes: str) -> str: + """Validates that at least a required scope is authorized for a request. + Additionally, returns a valid scope that may be used for the request.""" + for scope in scopes: + if scope in self._scopes_authorized: + return scope + raise ValueError( + f"{fullname(type(self))} client called {calling_function_name(1)} which requires the use of any of the scopes `{', '.join(scopes)}`, but this DSSInstance is only authorized to perform actions with the scopes {' or '.join(self._scopes_authorized)}" + ) def can_use_scope(self, scope: str) -> bool: return scope in self._scopes_authorized @@ -390,7 +394,7 @@ def make_report( Raises: * QueryError: if request failed, if HTTP status code is different than 201, or if the parsing of the response failed. """ - self._uses_any_scope( + use_scope = self._uses_any_scope( Scope.ConstraintManagement, Scope.ConstraintProcessing, Scope.StrategicCoordination, @@ -406,9 +410,7 @@ def make_report( op.path, QueryType.F3548v21DSSMakeDssReport, self.participant_id, - scope=next( - iter(self._scopes_authorized) - ), # any scope is valid for this endpoint + scope=use_scope, json=req, )