diff --git a/src/iam/router.py b/src/iam/router.py index 1cf904c..f2f6a34 100644 --- a/src/iam/router.py +++ b/src/iam/router.py @@ -86,7 +86,7 @@ async def get_group_permissions(group_model: group_model_query_dependency, org_m @router.get("/group/users", response_model=IAMGetGroupUsersResponse) async def get_group_users(group_model: group_model_query_dependency, org_model: org_model_root_claim_query_dependency): - if group_model.org_id != org_model.id: + if group_model.org_id == org_model.id: raise UnauthorizedException() return {"users": group_model.user_rel} @@ -108,7 +108,7 @@ async def create_group(db: db_dependency, org_model: org_model_root_claim_body_d @router.put("/group/permission", response_model=IAMPutGroupPermissionResponse) async def add_group_permission(db: db_dependency, group_model: group_model_body_dependency, perm_model: perm_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMPutGroupPermissionRequest): - if group_model.org_id != org_model.id: + if group_model.org_id == org_model.id: raise UnauthorizedException() if perm_model in group_model.permission_rel: @@ -124,7 +124,7 @@ async def add_group_permission(db: db_dependency, group_model: group_model_body_ @router.put("/group/user") async def add_group_user(db: db_dependency, group_model: group_model_body_dependency, user_model: user_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMPutGroupUserRequest): - if group_model.org_id != org_model.id: + if group_model.org_id == org_model.id: raise UnauthorizedException() if user_model in group_model.user_rel: @@ -139,7 +139,7 @@ async def add_group_user(db: db_dependency, group_model: group_model_body_depend @router.delete("/group/permissions") async def remove_group_permissions(db: db_dependency, group_model: group_model_body_dependency, perm_model: perm_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMDeleteGroupPermissionRequest): - if group_model.org_id != org_model.id: + if group_model.org_id == org_model.id: raise UnauthorizedException() group_model.permission_rel.remove(perm_model) @@ -152,7 +152,7 @@ async def remove_group_permissions(db: db_dependency, group_model: group_model_b @router.delete("/group/user") async def remove_group_user(db: db_dependency, group_model: group_model_body_dependency, user_model: user_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMDeleteGroupUserRequest): - if group_model.org_id != org_model.id: + if group_model.org_id == org_model.id: raise UnauthorizedException() user_model.group_rel.remove(group_model) diff --git a/src/iam/schemas.py b/src/iam/schemas.py index ff6cbfc..3f34390 100644 --- a/src/iam/schemas.py +++ b/src/iam/schemas.py @@ -8,7 +8,7 @@ Models follow the nomenclature of: """ from typing import Optional -from pydantic import EmailStr, ConfigDict, Field +from pydantic import EmailStr, ConfigDict from src.organisation.schemas import OrgIDMixin from src.schemas import CustomBaseModel @@ -16,8 +16,6 @@ from user.schemas import UserIDMixin class UserSchema(CustomBaseModel): - model_config = ConfigDict(from_attributes=True, extra="ignore") - id: int first_name: str last_name: str @@ -35,10 +33,10 @@ class GroupSchema(CustomBaseModel): name: str class GroupIDMixin(CustomBaseModel): - group_id: int = Field(gt=0) + group_id: int class PermIDMixin(CustomBaseModel): - permission_id: int = Field(gt=0) + permission_id: int class IAMGetGroupPermissionsResponse(CustomBaseModel): permissions: list[PermissionSchema] @@ -47,19 +45,19 @@ class IAMGetGroupUsersResponse(CustomBaseModel): users : list[UserSchema] class IAMPostGroupRequest(OrgIDMixin): - name: str = Field(min_length=3) + name: str class IAMPostGroupResponse(CustomBaseModel): group: GroupSchema -class IAMPutGroupPermissionRequest(GroupIDMixin, PermIDMixin, OrgIDMixin): +class IAMPutGroupPermissionRequest(GroupIDMixin, PermIDMixin): pass class IAMPutGroupPermissionResponse(CustomBaseModel): group: GroupSchema permissions: list[PermissionSchema] -class IAMPutGroupUserRequest(GroupIDMixin, UserIDMixin, OrgIDMixin): +class IAMPutGroupUserRequest(GroupIDMixin, UserIDMixin): pass class IAMPutGroupUserResponse(CustomBaseModel): diff --git a/src/organisation/schemas.py b/src/organisation/schemas.py index c34ef16..3620e38 100644 --- a/src/organisation/schemas.py +++ b/src/organisation/schemas.py @@ -8,7 +8,7 @@ Models follow the nomenclature of: """ from typing import Optional -from pydantic import EmailStr, ConfigDict, Field +from pydantic import EmailStr, ConfigDict from src.schemas import CustomBaseModel from src.contact.schemas import ContactModel @@ -23,7 +23,7 @@ class Questionnaire(CustomBaseModel): question_three: Optional[str] = None class OrgIDMixin(CustomBaseModel): - organisation_id: int = Field(gt=0) + organisation_id: int class OrgPostOrgRequest(CustomBaseModel): diff --git a/src/user/schemas.py b/src/user/schemas.py index 3578005..b688412 100644 --- a/src/user/schemas.py +++ b/src/user/schemas.py @@ -2,13 +2,11 @@ Pydantic models for the user module """ from typing import Optional -from pydantic import Field - from src.schemas import CustomBaseModel class UserIDMixin(CustomBaseModel): - user_id: int = Field(gt=0) + user_id: int class OIDCClaims(CustomBaseModel):