Better error for missing permissions in the database

[hugolarzabal]

When developing with cornflow, it can happen that a permission is well configured in cornflow but not in the permision_view table of the database. This can happen when:

• Change where made in endpoint without doing a flask access_init
• flask access_init do not update permissions for endpoint which are already in the database.

In those case, the authentication is validated in cornflow but generate an error when checking the database. The resulting error is an internal sever error and the message is:
AttributeError: 'NoneType' object has no attribute 'id'

Instead of that, the error should be an authentication error.

The function generating the error is the following:

@staticmethod
    def _get_permission_for_request(req, user_id):
        method, url = Auth._get_request_info(req)
        user_roles = UserModel.get_one_user(user_id).roles
        if user_roles is None or user_roles == {}:
            raise NoPermission(
                error="You do not have permission to access this endpoint",
                status_code=403,
            )

        action_id = PERMISSION_METHOD_MAP[method]
        view_id = ViewBaseModel.query.filter_by(url_rule=url).first().id

        for role in user_roles:
            has_permission = PermissionViewRoleBaseModel.get_permission(
                role_id=role, api_view_id=view_id, action_id=action_id
            )

            if has_permission:
                return True

        raise NoPermission(
            error="You do not have permission to access this endpoint", status_code=403
        )

I suggest putting view_id = ViewBaseModel.query.filter_by(url_rule=url).first().id in a try except and returning a NoPermission error if it fails.

It would be nice to get a different error message suggesting that the database is not up to date but I am not sure it is good practice.

[ggsdc]

raise a NoPermission exception with the same message as the rest.