2026-04-06 12:41:49 +01:00
|
|
|
"""
|
2026-05-28 14:55:44 +01:00
|
|
|
Router endpoints for the user module
|
2026-04-06 12:41:49 +01:00
|
|
|
|
|
|
|
|
Endpoints:
|
2026-05-28 14:55:44 +01:00
|
|
|
- [GET](/user/self/claims): [OIDC claims]: Returns all OIDC claims associated with the currently logged-in user.
|
|
|
|
|
- [GET](/user/self/db): [OIDC claims]: Returns details about the currently logged-in user from the hub db.
|
|
|
|
|
- [GET](/user/): [super admin]: Returns user(id) details.
|
|
|
|
|
- [DELETE](/user/): [super admin]: Removes a User(id) from the hub database.
|
2026-04-06 12:41:49 +01:00
|
|
|
"""
|
2026-06-08 15:31:37 +01:00
|
|
|
|
2026-06-09 12:22:36 +01:00
|
|
|
from fastapi import APIRouter, status, BackgroundTasks
|
2026-04-06 12:41:49 +01:00
|
|
|
|
2026-06-09 14:47:37 +01:00
|
|
|
from src.organisation.exceptions import OrgNotFoundException
|
2026-06-09 12:22:36 +01:00
|
|
|
from src.user.schemas import (
|
|
|
|
|
UserResponse,
|
|
|
|
|
OIDCClaims,
|
|
|
|
|
UserPostInvitationRequest,
|
|
|
|
|
UserPostInvitationAcceptRequest,
|
2026-06-09 15:52:38 +01:00
|
|
|
UserGetSelfOrgsResponse,
|
2026-06-09 12:22:36 +01:00
|
|
|
)
|
2026-06-08 15:31:37 +01:00
|
|
|
from src.user.dependencies import (
|
|
|
|
|
user_model_claims_dependency,
|
|
|
|
|
user_model_query_dependency,
|
|
|
|
|
)
|
2026-06-09 12:22:36 +01:00
|
|
|
from src.user.service import send_invitation
|
|
|
|
|
from src.organisation.models import Organisation as Org
|
2026-04-06 12:41:49 +01:00
|
|
|
|
2026-06-09 12:22:36 +01:00
|
|
|
from src.auth.dependencies import (
|
|
|
|
|
super_admin_dependency,
|
|
|
|
|
org_model_root_claim_body_dependency,
|
|
|
|
|
)
|
2026-04-06 12:41:49 +01:00
|
|
|
from src.auth.service import claims_dependency
|
|
|
|
|
from src.database import db_dependency
|
2026-06-10 14:14:22 +01:00
|
|
|
from src.utils import verify_email_token
|
2026-04-06 12:41:49 +01:00
|
|
|
|
|
|
|
|
router = APIRouter(
|
|
|
|
|
prefix="/user",
|
2026-05-20 15:23:40 +01:00
|
|
|
tags=["User"],
|
2026-04-06 12:41:49 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
2026-06-08 15:31:37 +01:00
|
|
|
@router.get(
|
|
|
|
|
"/self/claims",
|
|
|
|
|
summary="Get current user OIDC claims.",
|
|
|
|
|
response_model=OIDCClaims,
|
|
|
|
|
status_code=status.HTTP_200_OK,
|
|
|
|
|
responses={
|
|
|
|
|
status.HTTP_200_OK: {"description": "Successful retrieval from database"},
|
|
|
|
|
},
|
|
|
|
|
)
|
2026-04-06 12:41:49 +01:00
|
|
|
async def current_user_claims(user: claims_dependency):
|
2026-05-20 15:23:40 +01:00
|
|
|
"""
|
|
|
|
|
Returns the full OIDC claims associated with the currently logged-in user.
|
|
|
|
|
"""
|
|
|
|
|
user["allowed_origins"] = user.get("allowed-origins", [])
|
2026-04-06 12:41:49 +01:00
|
|
|
return user
|
|
|
|
|
|
|
|
|
|
|
2026-06-08 15:31:37 +01:00
|
|
|
@router.get(
|
|
|
|
|
"/self/db",
|
|
|
|
|
summary="Get current user hub details.",
|
|
|
|
|
response_model=UserResponse,
|
|
|
|
|
status_code=status.HTTP_200_OK,
|
|
|
|
|
responses={
|
|
|
|
|
status.HTTP_404_NOT_FOUND: {"description": "User not found"},
|
|
|
|
|
status.HTTP_200_OK: {"description": "Successful retrieval from database"},
|
|
|
|
|
},
|
|
|
|
|
)
|
2026-05-27 13:27:24 +01:00
|
|
|
async def current_user(user_model: user_model_claims_dependency):
|
2026-05-20 15:23:40 +01:00
|
|
|
"""
|
|
|
|
|
Returns the database details associated with the currently logged-in user.
|
|
|
|
|
"""
|
2026-04-06 12:41:49 +01:00
|
|
|
return user_model
|
|
|
|
|
|
|
|
|
|
|
2026-06-08 15:31:37 +01:00
|
|
|
@router.get(
|
|
|
|
|
"/",
|
|
|
|
|
summary="Get user hub details by ID.",
|
|
|
|
|
response_model=UserResponse,
|
|
|
|
|
status_code=status.HTTP_200_OK,
|
|
|
|
|
responses={
|
|
|
|
|
status.HTTP_404_NOT_FOUND: {"description": "User not found"},
|
|
|
|
|
status.HTTP_200_OK: {"description": "Successful retrieval from database"},
|
|
|
|
|
},
|
|
|
|
|
)
|
|
|
|
|
async def get_user_by_id(
|
|
|
|
|
user_model: user_model_query_dependency, su: super_admin_dependency
|
|
|
|
|
):
|
2026-05-20 15:23:40 +01:00
|
|
|
"""
|
|
|
|
|
Returns the database details associated with the provided user ID.
|
|
|
|
|
"""
|
2026-04-06 12:41:49 +01:00
|
|
|
return user_model
|
|
|
|
|
|
|
|
|
|
|
2026-06-08 15:31:37 +01:00
|
|
|
@router.delete(
|
|
|
|
|
"/",
|
|
|
|
|
summary="Delete user from hub by ID.",
|
|
|
|
|
status_code=status.HTTP_204_NO_CONTENT,
|
|
|
|
|
responses={
|
|
|
|
|
status.HTTP_204_NO_CONTENT: {"description": "User deleted"},
|
|
|
|
|
status.HTTP_404_NOT_FOUND: {"description": "User not found"},
|
|
|
|
|
},
|
|
|
|
|
)
|
|
|
|
|
async def delete_user_by_id(
|
|
|
|
|
db: db_dependency,
|
2026-06-09 09:09:41 +01:00
|
|
|
user_model: user_model_query_dependency,
|
2026-06-08 15:31:37 +01:00
|
|
|
su: super_admin_dependency,
|
|
|
|
|
):
|
2026-05-20 15:23:40 +01:00
|
|
|
"""
|
|
|
|
|
Deletes the user with the provided ID from the database. This will not remove them from OIDC, and they will be automatically readded on next login.
|
|
|
|
|
"""
|
2026-04-06 12:41:49 +01:00
|
|
|
db.delete(user_model)
|
|
|
|
|
db.commit()
|
2026-06-09 12:22:36 +01:00
|
|
|
|
|
|
|
|
|
2026-06-09 15:52:38 +01:00
|
|
|
@router.get(
|
|
|
|
|
"/self/orgs",
|
|
|
|
|
summary="Get all orgs the current user is a member of",
|
|
|
|
|
status_code=status.HTTP_200_OK,
|
|
|
|
|
response_model=UserGetSelfOrgsResponse,
|
|
|
|
|
responses={},
|
|
|
|
|
)
|
|
|
|
|
async def get_user_orgs(user_model: user_model_claims_dependency):
|
|
|
|
|
user_orgs = user_model.organisation_rel
|
|
|
|
|
response = []
|
|
|
|
|
for org in user_orgs:
|
|
|
|
|
response.append(
|
|
|
|
|
{
|
|
|
|
|
"organisation_id": org.id,
|
|
|
|
|
"name": org.name,
|
|
|
|
|
"status": org.status,
|
|
|
|
|
"intake_questionnaire": org.intake_questionnaire,
|
|
|
|
|
"root_user_email": org.root_user_email,
|
|
|
|
|
"billing_contact": {
|
|
|
|
|
"id": org.billing_contact_id,
|
2026-06-09 16:06:28 +01:00
|
|
|
"email": org.billing_contact_rel.email,
|
2026-06-09 15:52:38 +01:00
|
|
|
},
|
|
|
|
|
"owner_contact": {
|
|
|
|
|
"id": org.owner_contact_id,
|
|
|
|
|
"email": org.owner_contact_rel.email,
|
|
|
|
|
},
|
|
|
|
|
"security_contact": {
|
|
|
|
|
"id": org.security_contact_id,
|
|
|
|
|
"email": org.security_contact_rel.email,
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return {"organisations": response}
|
|
|
|
|
|
|
|
|
|
|
2026-06-09 12:22:36 +01:00
|
|
|
@router.post(
|
|
|
|
|
"/invitation",
|
|
|
|
|
summary="Send an email invitation for a user to join an org",
|
|
|
|
|
status_code=status.HTTP_200_OK,
|
|
|
|
|
)
|
|
|
|
|
async def invitation(
|
|
|
|
|
background_tasks: BackgroundTasks,
|
|
|
|
|
org_model: org_model_root_claim_body_dependency,
|
|
|
|
|
request_model: UserPostInvitationRequest,
|
|
|
|
|
):
|
|
|
|
|
org_id = org_model.id
|
|
|
|
|
org_name = org_model.name
|
|
|
|
|
user_email = request_model.user_email
|
|
|
|
|
|
|
|
|
|
background_tasks.add_task(
|
|
|
|
|
send_invitation, org_id=org_id, org_name=org_name, user_email=user_email
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
return "Invitation sent"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.post(
|
|
|
|
|
"/invitation/accept",
|
|
|
|
|
summary="Accept email invitation to join an org",
|
|
|
|
|
status_code=status.HTTP_200_OK,
|
|
|
|
|
)
|
|
|
|
|
async def accept_invitation(
|
|
|
|
|
db: db_dependency,
|
|
|
|
|
user_model: user_model_claims_dependency,
|
|
|
|
|
request_model: UserPostInvitationAcceptRequest,
|
|
|
|
|
):
|
2026-06-10 14:14:22 +01:00
|
|
|
email_claims = await verify_email_token(
|
|
|
|
|
token=request_model.jwt, user_model=user_model
|
|
|
|
|
)
|
2026-06-09 12:22:36 +01:00
|
|
|
|
|
|
|
|
org_model = db.get(Org, email_claims["org_id"])
|
|
|
|
|
if org_model is None:
|
|
|
|
|
raise OrgNotFoundException()
|
|
|
|
|
|
|
|
|
|
org_model.user_rel.append(user_model)
|
|
|
|
|
db.commit()
|
|
|
|
|
|
|
|
|
|
return "Invitation accepted"
|
