diff --git a/src/organisation/router.py b/src/organisation/router.py index 8d6b692..1131c40 100644 --- a/src/organisation/router.py +++ b/src/organisation/router.py @@ -12,25 +12,26 @@ Endpoints: - [delete]/{org_id} - Deletes an organisation by ID - [get]/{org_id}/contact/{contact_type} - Retrieves the contact of a specific type (owner, billing, security) for an organisation """ -from typing import Annotated +from typing import Annotated, Optional from fastapi import APIRouter, HTTPException, status from fastapi.params import Path, Query -from sqlalchemy.sql import exists - from src.contact.schemas import ContactAddress from src.database import db_dependency from src.contact.models import Contact -from src.iam.models import Group -from src.auth.service import root_user_dependency +from src.user.models import User +from src.user.exceptions import UserNotFoundException +from src.auth.service import root_user_dependency, claims_dependency from src.organisation.dependencies import org_model_dependency from src.organisation.constants import ContactType -from src.organisation.models import Organisation as Org, OrgUsers +from src.organisation.models import Organisation as Org from src.organisation.schemas import OrgOrgPostRequest, OrgQuestionnairePatchRequest, OrgStatusPatchRequest, \ OrgContactPatchRequest, \ - OrgUserPostRequest, OrgUserGetResponse, OrgContactGetResponse, OrgOrgGetResponse + OrgUserPostRequest, OrgUserGetResponse, OrgContactGetResponse, OrgOrgGetResponse, OrgRootPatchRequest, \ + OrgGroupGetResponse, OrgUserDeleteRequest + router = APIRouter( prefix="/org", @@ -39,7 +40,7 @@ router = APIRouter( @router.get("/id/{org_id}", response_model=OrgOrgGetResponse) -async def get_org_by_id(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)]): +async def get_org_by_id(org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)]): response = { "name": org_model.name, "status": org_model.status, @@ -53,14 +54,21 @@ async def get_org_by_id(db: db_dependency, org_model: org_model_dependency, org_ @router.post("/") -async def create_org(db: db_dependency, org_request: OrgOrgPostRequest): - # TODO: Root user from current user - org_model = Org(name=org_request.name, intake_questionnaire=org_request.intake_questionnaire) +async def create_org(db: db_dependency, user: claims_dependency, org_request: OrgOrgPostRequest): + db_id: Optional[int] = user.get("db_id", None) + if db_id is None: + raise UserNotFoundException() + + org_model = Org(name=org_request.name, intake_questionnaire=org_request.intake_questionnaire.model_dump()) org_model.status = "partial" # Status is always set to partial at first, see update_questionnaire() doc db.add(org_model) db.flush() + # Adds currently logged-in user to org users list and sets them as root_user + user_model = db.get(User, db_id) + org_model.user_rel.append(user_model) + org_model.root_user_rel = user_model for contact_type in ["billing_contact_id", "security_contact_id", "owner_contact_id"]: contact_model = Contact(org_id=org_model.id) db.add(contact_model) @@ -70,139 +78,111 @@ async def create_org(db: db_dependency, org_request: OrgOrgPostRequest): @router.patch("/{org_id}/questionnaire") -async def update_questionnaire(db: db_dependency, q_request: OrgQuestionnairePatchRequest, org_id: Annotated[int, Path(gt=0)]): +async def update_questionnaire(db: db_dependency, org_model: org_model_dependency, q_request: OrgQuestionnairePatchRequest, org_id: Annotated[int, Path(gt=0)]): """ Route for updating questionnaire. The partial bool allows for submission of partially completed questionnaire and/or final "are you sure" check before setting the org to be in "submitted" status, awaiting admin approval. """ - org_model = db.query(Org).filter(Org.id == org_id).first() - if org_model is None: - raise HTTPException(status_code=404, detail="Organisation not found") - org_model.intake_questionnaire = q_request.intake_questionnaire.model_dump() # Allows for partially completed questionnaires to be saved without being submitted for review if not q_request.partial: org_model.status = "submitted" - db.add(org_model) db.commit() @router.patch("/{org_id}/status") -async def update_status(db: db_dependency, status_request: OrgStatusPatchRequest, org_id: Annotated[int, Path(gt=0)]): - org_model = db.query(Org).filter(Org.id == org_id).first() - if org_model is None: - raise HTTPException(status_code=404, detail="Organisation not found") - +async def update_status(db: db_dependency, org_model: org_model_dependency, status_request: OrgStatusPatchRequest, org_id: Annotated[int, Path(gt=0)]): org_model.status = status_request.status - db.add(org_model) db.commit() -@router.get("/{org_id}/users", response_model=list[OrgUserGetResponse]) -async def get_users(db: db_dependency, org_id: Annotated[int, Path(gt=0)]): - org_exists = db.query(exists().where(Org.id == org_id)).scalar() - if not org_exists: - raise HTTPException(status_code=404, detail="Organisation not found") - - org_user_models = db.query(OrgUsers).filter(OrgUsers.org_id == org_id).all() - - return org_user_models +@router.get("/{org_id}/users", response_model=OrgUserGetResponse) +async def get_users(org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)]): + return {"users": [user.email for user in org_model.user_rel]} @router.post("/{org_id}/users") -async def add_user_to_org(db: db_dependency, user_request: OrgUserPostRequest, org_id: Annotated[int, Path(gt=0)]): - org_model = (db.query(Org).filter(Org.id == org_id).first()) - if org_model is None: - raise HTTPException(status_code=404, detail="Organisation not found") - - org_user_model = OrgUsers(**user_request.model_dump(), org_id=org_id) - - db.add(org_user_model) +async def add_user_to_org(db: db_dependency, org_model: org_model_dependency, user_request: OrgUserPostRequest, org_id: Annotated[int, Path(gt=0)]): + user_model = db.get(User, user_request.user_id) + if user_model in org_model.user_rel: + return + org_model.user_rel.append(user_model) db.commit() -@router.delete("/{org_id}") -async def delete_organisation_by_id(db: db_dependency, org_id: Annotated[int, Path(gt=0)]): - org_model = (db.query(Org).filter(Org.id == org_id).first()) - if org_model is None: - raise HTTPException(status_code=404, detail="Organisation not found") +@router.delete("/{org_id}", status_code=status.HTTP_204_NO_CONTENT) +async def delete_organisation_by_id(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)]): db.delete(org_model) db.commit() -@router.patch("/{org_id}/root_user") -async def update_root_user(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)], root_user: Annotated[int, Query(gt=0)]): - # TODO: Request model, ditch query - # TODO: Verify root_user exists, possibly with a user_model_dependency - org_model.root_user_id = root_user - db.add(org_model) +@router.patch("/{org_id}/root_user", status_code=status.HTTP_204_NO_CONTENT) +async def update_root_user(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)], user_request: OrgRootPatchRequest): + root_user_model = db.get(User, user_request.user_id) + if root_user_model is None: + raise UserNotFoundException(user_id=user_request.user_id) + + org_model.root_user_rel = root_user_model db.commit() - # TODO: Response model -@router.get("/{org_id}/groups") -async def get_org_groups(db: db_dependency, org_id: Annotated[int, Path(gt=0)]): - org_group_models = db.query(Group).filter(Group.org_id == org_id).all() +@router.get("/{org_id}/groups", response_model=OrgGroupGetResponse) +async def get_org_groups(org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)]): + return {"groups": [group.name for group in org_model.group_rel]} - # TODO: Response model - return org_group_models -@router.delete("/{org_id}/user") -async def remove_user_from_org(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)], user_id: Annotated[int, Query(gt=0)]): - orguser_model = db.query(OrgUsers).filter(OrgUsers.org_id == org_id, OrgUsers.user_id == user_id).first() +@router.delete("/{org_id}/user", status_code=status.HTTP_204_NO_CONTENT) +async def remove_user_from_org(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)], user_request: OrgUserDeleteRequest): + user_id = user_request.user_id + user = db.get(User, user_id) - if orguser_model is None: - raise HTTPException(status_code=status.HTTP_204_NO_CONTENT) + if user is None: + raise UserNotFoundException(user_id=user_id) - db.delete(orguser_model) + if user not in org_model.user_rel: + raise HTTPException(status_code=status.HTTP_204_NOT_FOUND) + + org_model.user_rel.remove(user) db.commit() - pass - @router.get("/{org_id}/contact", response_model=OrgContactGetResponse) -async def get_contact(db: db_dependency, org_model: org_model_dependency, contact_type: Annotated[ContactType, Query()], org_id: Annotated[int, Path(gt=0)]): +async def get_contact(org_model: org_model_dependency, contact_type: Annotated[ContactType, Query()], org_id: Annotated[int, Path(gt=0)]): match contact_type: case "billing": - contact_id = org_model.billing_contact_id + contact_model = org_model.billing_contact_rel case "security": - contact_id = org_model.security_contact_id + contact_model = org_model.security_contact_rel case "owner": - contact_id = org_model.owner_contact_id + contact_model = org_model.owner_contact_rel case _: raise HTTPException(status_code=422, detail="Invalid contact type") - contact_model = (db.query(Contact).filter(Contact.id == contact_id).first()) if contact_model is None: raise HTTPException(status_code=404, detail="Contact not found") - address = ContactAddress.model_validate(contact_model) - - response = OrgContactGetResponse.model_construct( + return OrgContactGetResponse.model_construct( **contact_model.__dict__, - address=address + address=ContactAddress.model_validate(contact_model) ) - return response - -@router.patch("/{org_id}/contact") +@router.patch("/{org_id}/contact", response_model=OrgContactGetResponse) async def update_contact(db: db_dependency, org_model: org_model_dependency, contact_type: Annotated[ContactType, Query()], contact_request: OrgContactPatchRequest, org_id: Annotated[int, Path(gt=0)]): match contact_type: case "billing": - contact_id = org_model.billing_contact_id + contact_model = org_model.billing_contact_rel case "security": - contact_id = org_model.security_contact_id + contact_model = org_model.security_contact_rel case "owner": - contact_id = org_model.owner_contact_id + contact_model = org_model.owner_contact_rel case _: raise HTTPException(status_code=422, detail="Invalid contact type") - contact_model = (db.query(Contact).filter(Contact.id == contact_id).first()) if contact_model is None: raise HTTPException(status_code=404, detail="Contact not found") @@ -212,5 +192,13 @@ async def update_contact(db: db_dependency, org_model: org_model_dependency, con setattr(contact_model, key, value) else: raise HTTPException(status_code=422, detail="Invalid keys in update request") - db.add(org_model) - db.commit() \ No newline at end of file + db.flush() + + response = OrgContactGetResponse.model_construct( + **contact_model.__dict__, + address=ContactAddress.model_validate(contact_model) + ) + + db.commit() + + return response diff --git a/src/organisation/schemas.py b/src/organisation/schemas.py index 13c9689..ae7322c 100644 --- a/src/organisation/schemas.py +++ b/src/organisation/schemas.py @@ -47,9 +47,18 @@ class OrgContactPatchRequest(CustomBaseModel): class OrgUserPostRequest(CustomBaseModel): user_id: int -class OrgUserGetResponse(CustomBaseModel): +class OrgUserDeleteRequest(CustomBaseModel): user_id: int +class OrgRootPatchRequest(CustomBaseModel): + user_id: int + +class OrgUserGetResponse(CustomBaseModel): + users: list[str] + +class OrgGroupGetResponse(CustomBaseModel): + groups: list[str] + class OrgContactGetResponse(CustomBaseModel): model_config = ConfigDict(from_attributes=True, extra="ignore")