sr2/cloud-api
6
0
Fork 1
Code Issues 8 Pull requests 2 Projects Releases Packages Wiki Activity Actions

feat: remove group permission check if exists

Browse source
This commit is contained in:
Chris Milne 2026-06-12 09:30:34 +01:00
parent c94c26f2a6
commit f06b19340c
1 changed files with 8 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/iam/router.py
View file

@ -25,7 +25,11 @@ from src.iam.exceptions import GroupNotFoundException
from src.organisation.exceptions import OrgNotFoundException from src.organisation.exceptions import OrgNotFoundException
from src.schemas import GroupSummary, OrgSummary, ResourceName from src.schemas import GroupSummary, OrgSummary, ResourceName
from src.service.exceptions import ServiceNotFoundException from src.service.exceptions import ServiceNotFoundException
from src.exceptions import ConflictException, ForbiddenException from src.exceptions import (
ConflictException,
ForbiddenException,
UnprocessableContentException,
)
from src.database import db_dependency from src.database import db_dependency
from src.auth.service import claims_dependency from src.auth.service import claims_dependency
from src.auth.dependencies import ( from src.auth.dependencies import (
@ -400,6 +404,9 @@ async def remove_group_permission(
if group_model.org_id != org_model.id: if group_model.org_id != org_model.id:
raise ForbiddenException("Group does not belong to this organization") raise ForbiddenException("Group does not belong to this organization")
if perm_model not in group_model.permission_rel:
raise UnprocessableContentException("Permission not granted to group")
group_model.permission_rel.remove(perm_model) group_model.permission_rel.remove(perm_model)
db.flush() db.flush()
response = IAMDeleteGroupPermissionResponse( response = IAMDeleteGroupPermissionResponse(