From 652dfb7b4ae0f0c67476e3f8feb17ffeb0794535 Mon Sep 17 00:00:00 2001 From: luxferre Date: Tue, 26 May 2026 10:16:59 +0100 Subject: [PATCH 1/5] feat: service module req/res models --- src/service/router.py | 62 ++++++++++++++++++++++-------------------- src/service/schemas.py | 32 ++++++++++++++++++++-- 2 files changed, 63 insertions(+), 31 deletions(-) diff --git a/src/service/router.py b/src/service/router.py index 7617dc0..8ce058c 100644 --- a/src/service/router.py +++ b/src/service/router.py @@ -5,59 +5,63 @@ Endpoints: - List: Description - Endpoints: Description """ -from fastapi import APIRouter +from typing import Annotated + +from fastapi import APIRouter, HTTPException, status +from fastapi.params import Path from src.database import db_dependency from src.service.models import Service from src.service.utils import generate_api_key - +from src.service.schemas import ServiceGetServiceResponse, ServicePostServiceRequest, ServicePostServiceResponse, \ + ServiceWithKeyResponse, ServicePatchKeyResponse router = APIRouter( tags=["Service"], prefix="/service", ) -@router.get("/") +@router.get("/", response_model=ServiceGetServiceResponse) async def get_all_services(db: db_dependency): # TODO: user_dependency - # TODO: request model permission_models = db.query(Service).all() - # TODO: Response model - return permission_models + return {"services": permission_models} -@router.post("/") -async def register_service(db: db_dependency, service_name: str): +@router.post("/", response_model=ServicePostServiceResponse) +async def register_service(db: db_dependency, service_request: ServicePostServiceRequest): # TODO: super_admin_dependency - # TODO: request model key = generate_api_key() - service_model = Service(name=service_name, api_key=key) + service_model = Service(name=service_request.name, api_key=key) db.add(service_model) + db.flush() + response = ServiceWithKeyResponse(**service_model.__dict__) db.commit() - # TODO: response model + return {"service": response} -@router.patch("/{service_id}/key") -async def regenerate_api_key(db: db_dependency, service_id: int): +@router.patch("/{service_id}/key", response_model=ServicePatchKeyResponse) +async def regenerate_api_key(db: db_dependency, service_id: Annotated[int, Path(gt=0,description="Service database ID")]): # TODO: super_admin_dependency - # TODO: request model - key = generate_api_key() - service_model = db.query(Service).filter(Service.id==service_id).first() - service_model.api_key = key - - db.add(service_model) - db.commit() - # TODO: response model - -@router.delete("/{service_id}") -async def remove_service(db: db_dependency, service_id: int): - # TODO: super_admin_dependency - # TODO: request model - service_model = db.query(Service).filter(Service.id==service_id).first() + service_model = db.get(Service, service_id) if service_model is None: - return + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Service not found") + + key = generate_api_key() + service_model.api_key = key + db.flush() + response = ServiceWithKeyResponse(**service_model.__dict__) + + db.commit() + return {"service": response} + +@router.delete("/{service_id}", status_code=status.HTTP_204_NO_CONTENT) +async def remove_service(db: db_dependency, service_id: Annotated[int, Path(gt=0,description="Service database ID")]): + # TODO: super_admin_dependency + service_model = db.get(Service, service_id) + if service_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Service not found") db.delete(service_model) db.commit() - # TODO: response model diff --git a/src/service/schemas.py b/src/service/schemas.py index a074c75..f2e4ac0 100644 --- a/src/service/schemas.py +++ b/src/service/schemas.py @@ -1,7 +1,35 @@ """ -Pydantic models for +Pydantic models for the service module Models: - List: Description - Models: Description -""" \ No newline at end of file +""" +from typing import Optional + +from pydantic import EmailStr, ConfigDict + +from src.schemas import CustomBaseModel +from src.organisation.constants import Status, ContactType +from src.contact.schemas import ContactAddress + +class ServiceResponse(CustomBaseModel): + model_config = ConfigDict(from_attributes=True, extra="ignore") + + id: int + name: str + +class ServiceWithKeyResponse(ServiceResponse): + api_key: str + +class ServiceGetServiceResponse(CustomBaseModel): + services: list[ServiceResponse] + +class ServicePostServiceRequest(CustomBaseModel): + name: str + +class ServicePostServiceResponse(CustomBaseModel): + service: ServiceWithKeyResponse + +class ServicePatchKeyResponse(CustomBaseModel): + service: ServiceWithKeyResponse From fa8439cc6c8cc53e99ff5df4c5fc21cda3117f48 Mon Sep 17 00:00:00 2001 From: luxferre Date: Tue, 26 May 2026 11:42:49 +0100 Subject: [PATCH 2/5] feat: auth bypass for dev and testing ENVIRONMENT must be "local" and DISABLE_AUTH set for this to be active. Both of these default to production values to prevent this being enabled accidentally. Resolves #5 --- src/auth/service.py | 3 +++ src/config.py | 1 + src/main.py | 9 +++++++-- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/src/auth/service.py b/src/auth/service.py index 6f9cc97..71a797a 100644 --- a/src/auth/service.py +++ b/src/auth/service.py @@ -28,6 +28,9 @@ from src.organisation.dependencies import org_model_dependency oidc = OpenIdConnect(openIdConnectUrl=auth_settings.OIDC_CONFIG) oidc_dependency = Annotated[str, Depends(oidc)] +def get_dev_user(): + return {"db_id": 1} + async def get_current_user(oidc_auth_string: oidc_dependency) -> dict[str, Any]: config_url = urlopen(auth_settings.OIDC_CONFIG) diff --git a/src/config.py b/src/config.py index e94a808..b1874d3 100644 --- a/src/config.py +++ b/src/config.py @@ -23,6 +23,7 @@ class Config(CustomBaseSettings): APP_VERSION: str = "0.1" ENVIRONMENT: Environment = Environment.PRODUCTION SECRET_KEY: SecretStr = "" + DISABLE_AUTH: bool = False CORS_ORIGINS: list[str] = ["*"] CORS_ORIGINS_REGEX: str | None = None diff --git a/src/main.py b/src/main.py index 4b4d1a9..3995edf 100644 --- a/src/main.py +++ b/src/main.py @@ -12,6 +12,7 @@ from src.config import settings from src.api import api_router from src.auth.config import auth_settings +from src.auth.service import get_current_user, get_dev_user @asynccontextmanager @@ -22,8 +23,8 @@ async def lifespan(_application: FastAPI) -> AsyncGenerator: if settings.ENVIRONMENT.is_deployed: - # Do this only on prod - pass + # Just a precaution, should be False anyway + settings.DISABLE_AUTH = False tags_metadata = [ @@ -57,4 +58,8 @@ app.add_middleware( allow_headers=settings.CORS_HEADERS, ) +if settings.ENVIRONMENT == "local" and settings.DISABLE_AUTH: + app.dependency_overrides[get_current_user] = get_dev_user + + app.include_router(api_router) From d4f1b73debcdbcdcd2a00913492ba9037fdfc6e5 Mon Sep 17 00:00:00 2001 From: luxferre Date: Tue, 26 May 2026 16:25:14 +0100 Subject: [PATCH 3/5] feat: iam endpoint req/res models --- src/iam/models.py | 19 +++++ src/iam/router.py | 182 +++++++++++++++++++++++++-------------------- src/iam/schemas.py | 96 +++++++++++++++++++++++- 3 files changed, 216 insertions(+), 81 deletions(-) diff --git a/src/iam/models.py b/src/iam/models.py index 6e9ca70..83d1ae2 100644 --- a/src/iam/models.py +++ b/src/iam/models.py @@ -22,6 +22,19 @@ class Permission(Base): UniqueConstraint("service_id", "resource", "action", name="uniq_permission_resource_and_action") + service_rel = relationship("Service", foreign_keys=[service_id]) + + @property + def service_name(self): + return self.service_rel.name + + group_rel = relationship( + "Group", + secondary="group_permissions", + back_populates="permission_rel" + ) + + class Group(Base): __tablename__ = "group" @@ -38,6 +51,12 @@ class Group(Base): org_rel = relationship("Organisation", back_populates="group_rel") + permission_rel = relationship( + "Permission", + secondary="group_permissions", + back_populates="group_rel" + ) + class GroupPermissions(Base): __tablename__ = "group_permissions" diff --git a/src/iam/router.py b/src/iam/router.py index 17e6673..b249b34 100644 --- a/src/iam/router.py +++ b/src/iam/router.py @@ -5,11 +5,16 @@ Endpoints: - List: Description - Endpoints: Description """ -from typing import Annotated, Optional +from typing import Annotated -from fastapi import APIRouter, Query, HTTPException +from fastapi import APIRouter, Query, HTTPException, status from src.database import db_dependency +from src.iam.schemas import IAMGetGroupPermissionsResponse, IAMGetGroupUsersResponse, IAMPostGroupRequest, \ + GroupResponse, IAMPostGroupResponse, IAMPutGroupPermissionRequest, IAMPutGroupPermissionResponse, \ + IAMPutGroupUserRequest, IAMPutGroupUserResponse, IAMDeleteGroupPermissionRequest, IAMDeleteGroupPermissionResponse, \ + IAMDeleteGroupUserRequest, IAMDeleteGroupUserResponse, IAMGetPermissionsResponse, IAMPostPermissionRequest, \ + IAMPostPermissionResponse, PermissionResponse, IAMDeletePermissionRequest, IAMGetPermissionsSearchRequest, IAMGetPermissionsSearchResponse from src.schemas import ResourceName from src.auth.service import claims_dependency from src.user.models import User @@ -58,135 +63,154 @@ async def can_act_on_resource(valid_key: service_key_dependency, db: db_dependen raise HTTPException(status_code=500, detail="Internal server error") -@router.get("/group/permissions") +@router.get("/group/permissions", response_model=IAMGetGroupPermissionsResponse) async def get_group_permissions(db: db_dependency, group_id: Annotated[int, Query(gt=0)]): - # TODO: iam_admin_dependency - group_perms = db.query(Perm).join(GPerms).filter(GPerms.group_id==group_id).all() + # TODO: root_user_dependency & org_id query param + group_model = db.get(Group, group_id) + if group_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") - # TODO: Response model - return group_perms + return {"permissions": group_model.permission_rel} -@router.get("/group/users") +@router.get("/group/users", response_model=IAMGetGroupUsersResponse) async def get_group_users(db: db_dependency, group_id: Annotated[int, Query(gt=0)]): - # TODO: iam_admin_dependency - group_users = db.query(User).join(UserGroups).filter(UserGroups.group_id == group_id).all() + # TODO: root_user_dependency & org_id query param + group_model = db.get(Group, group_id) + if group_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") - # TODO: Response model - return group_users + return {"users": group_model.user_rel} -@router.post("/group") -async def create_group(db: db_dependency, group_name: str, org_model: org_model_dependency, org_id: int): - # TODO: iam_admin_dependency - # TODO: Request model - group_model = Group(name=group_name, org_id=org_id) +@router.post("/group", response_model=IAMPostGroupResponse) +async def create_group(db: db_dependency, group_request: IAMPostGroupRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): + # TODO: root_user_dependency + group_model = Group(name=group_request.name, org_id=org_id) db.add(group_model) + db.flush() + response = GroupResponse(**group_model.__dict__) db.commit() - # TODO: Response model + return {"group": response} -@router.put("/group/permissions") -async def add_group_permissions(db: db_dependency, group_id: int, permission_id: int, org_model: org_model_dependency, org_id: int): - # TODO: iam_admin_dependency - # TODO: Request model - g_perm_model = GPerms(group_id=group_id, permission_id=permission_id) +@router.put("/group/permission", response_model=IAMPutGroupPermissionResponse) +async def add_group_permission(db: db_dependency, request_model: IAMPutGroupPermissionRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): + # TODO: root_user_dependency + group_model = db.get(Group, request_model.group_id) + if group_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") + perm_model = db.get(Perm, request_model.permission_id) + if perm_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Permission not found") - db.add(g_perm_model) + group_model.permission_rel.append(perm_model) + + db.flush() + response = IAMPutGroupPermissionResponse(group=GroupResponse(**group_model.__dict__), permissions=group_model.permission_rel) db.commit() - # TODO: Response model + return response -@router.put("/group/users") -async def add_group_users(db: db_dependency, group_id: int, user_ids: list[int], org_model: org_model_dependency, org_id: int): - # TODO: iam_admin_dependency - # TODO: Request model - for user_id in user_ids: - user_group_model = UserGroups(group_id=group_id, user_id=user_id, org_id=org_id) - db.add(user_group_model) +@router.put("/group/user") +async def add_group_user(db: db_dependency, request_model: IAMPutGroupUserRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): + # TODO: root_user_dependency + group_model = db.get(Group, request_model.group_id) + if group_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") + user_model = db.get(User, request_model.user_id) + if user_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found") + group_model.user_rel.append(user_model) + db.flush() + response = IAMPutGroupUserResponse(group=GroupResponse(**group_model.__dict__), users=group_model.user_rel) db.commit() - # TODO: Response model + return response @router.delete("/group/permissions") -async def remove_group_permissions(db: db_dependency, group_id: int, org_model: org_model_dependency, org_id: int, permission_id: int): - # TODO: iam_admin_dependency - # TODO: Request model - g_perm_model = db.query(GPerms).filter(GPerms.group_id == group_id, GPerms.permission_id == permission_id).first() - if g_perm_model is None: - return +async def remove_group_permissions(db: db_dependency, request_model: IAMDeleteGroupPermissionRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): + # TODO: root_user_dependency + group_model = db.get(Group, request_model.group_id) + if group_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") + perm_model = db.get(Perm, request_model.permission_id) + if perm_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Permission not found") - db.delete(g_perm_model) + group_model.permission_rel.remove(perm_model) + db.flush() + response = IAMDeleteGroupPermissionResponse(group=GroupResponse(**group_model.__dict__), + permissions=group_model.permission_rel) db.commit() - return - # TODO: Response model + return response @router.delete("/group/user") -async def remove_group_user(db: db_dependency, group_id: int, user_id: int, org_model: org_model_dependency, org_id: int): - # TODO: iam_admin_dependency - # TODO: Request model - user_group_model = db.query(UserGroups).filter(UserGroups.group_id == group_id, UserGroups.user_id == user_id).first() - if user_group_model is None: - return +async def remove_group_user(db: db_dependency, request_model: IAMDeleteGroupUserRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): + # TODO: root_user_dependency + group_model = db.get(Group, request_model.group_id) + if group_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") + user_model = db.get(User, request_model.user_id) + if user_model is None: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found") - db.delete(user_group_model) + user_model.group_rel.remove(group_model) + db.flush() + response = IAMDeleteGroupUserResponse(group=GroupResponse(**group_model.__dict__), users=group_model.user_rel) db.commit() - return - # TODO: Response model + + return response -@router.get("/permissions") -async def get_permissions(db: db_dependency, org_model: org_model_dependency, org_id: int): - # TODO: iam_admin_dependency - # TODO: request model +@router.get("/permissions", response_model=IAMGetPermissionsResponse) +async def get_permissions(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): + # TODO: root_user_dependency permission_models = db.query(Perm).all() - # TODO: Response model - return permission_models + return {"permissions": permission_models} @router.post("/permission") -async def create_new_permission(db: db_dependency, service_id: int, resource: str, action: str): +async def create_new_permission(db: db_dependency, request_mode: IAMPostPermissionRequest): # TODO: super_admin_dependency - perm_model = Perm(service_id=service_id, resource=resource, action=action) + perm_model = Perm(**request_mode.__dict__) db.add(perm_model) + db.flush() + response = IAMPostPermissionResponse(permission=PermissionResponse(**perm_model.__dict__)) db.commit() + return response -@router.delete("/permission") -async def delete_permission(db: db_dependency, service_id: int, resource: str, action: str, org_model: org_model_dependency, org_id: int): - # TODO: iam_admin_dependency - # TODO: Request model - perm_model = db.query(Perm).filter(Perm.service_id==service_id, Perm.resource==resource, Perm.action==action).first() +@router.delete("/permission", status_code=status.HTTP_204_NO_CONTENT) +async def delete_permission(db: db_dependency, request_model: IAMDeletePermissionRequest): + # TODO: super_admin_dependency + perm_model = db.query(Perm).filter(Perm.service_id==request_model.service_id, Perm.resource==request_model.resource, Perm.action==request_model.action).first() if perm_model is None: - return + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Permission not found") db.delete(perm_model) db.commit() - return - # TODO: Response model -@router.get("/permissions/search") -async def get_permissions(db: db_dependency, org_model: org_model_dependency, org_id: int, service_id: Optional[int] = None, resource: Optional[str] = None, action: Optional[str] = None): - # TODO: iam_admin_dependency - # TODO: request model +@router.get("/permissions/search", response_model=IAMGetPermissionsSearchResponse) +async def get_permissions(db: db_dependency, search: IAMGetPermissionsSearchRequest): + # TODO: super_admin_dependency permission_query = db.query(Perm) - if service_id is not None: - permission_query = permission_query.filter(Perm.service_id == service_id) + if search.service_id is not None: + permission_query = permission_query.filter(Perm.service_id == search.service_id) - if resource is not None: - permission_query = permission_query.filter(Perm.resource == resource) + if search.resource is not None: + permission_query = permission_query.filter(Perm.resource == search.resource) - if action is not None: - permission_query = permission_query.filter(Perm.action == action) + if search.action is not None: + permission_query = permission_query.filter(Perm.action == search. action) permission_models = permission_query.all() - # TODO: Response model - return permission_models + return {"permissions": permission_models} diff --git a/src/iam/schemas.py b/src/iam/schemas.py index a074c75..ef10df8 100644 --- a/src/iam/schemas.py +++ b/src/iam/schemas.py @@ -1,7 +1,99 @@ """ -Pydantic models for +Pydantic models for the IAM module Models: - List: Description - Models: Description -""" \ No newline at end of file +""" +from typing import Optional + +from pydantic import EmailStr, ConfigDict + +from src.schemas import CustomBaseModel +from src.organisation.constants import Status, ContactType +from src.contact.schemas import ContactAddress + +class UserResponse(CustomBaseModel): + id: int + first_name: str + last_name: str + email: EmailStr + +class PermissionResponse(CustomBaseModel): + model_config = ConfigDict(from_attributes=True, extra="ignore") + + service_name: str + resource: str + action: str + +class GroupResponse(CustomBaseModel): + id: int + name: str + +class IAMGetGroupPermissionsResponse(CustomBaseModel): + permissions: list[PermissionResponse] + +class IAMGetGroupUsersResponse(CustomBaseModel): + users : list[UserResponse] + +class IAMPostGroupRequest(CustomBaseModel): + name: str + +class IAMPostGroupResponse(CustomBaseModel): + group: GroupResponse + +class IAMPutGroupPermissionRequest(CustomBaseModel): + group_id: int + permission_id: int + +class IAMPutGroupPermissionResponse(CustomBaseModel): + group: GroupResponse + permissions: list[PermissionResponse] + +class IAMPutGroupUserRequest(CustomBaseModel): + group_id: int + user_id: int + +class IAMPutGroupUserResponse(CustomBaseModel): + group: GroupResponse + users: list[UserResponse] + +class IAMDeleteGroupPermissionRequest(CustomBaseModel): + group_id: int + permission_id: int + +class IAMDeleteGroupPermissionResponse(CustomBaseModel): + group: GroupResponse + permissions: list[PermissionResponse] + +class IAMDeleteGroupUserRequest(CustomBaseModel): + group_id: int + user_id: int + +class IAMDeleteGroupUserResponse(CustomBaseModel): + group: GroupResponse + users: list[UserResponse] + +class IAMGetPermissionsResponse(CustomBaseModel): + permissions: list[PermissionResponse] + +class IAMPostPermissionRequest(CustomBaseModel): + service_id: int + resource: str + action: str + +class IAMPostPermissionResponse(CustomBaseModel): + permission: PermissionResponse + +class IAMDeletePermissionRequest(CustomBaseModel): + service_id: int + resource: str + action: str + +class IAMGetPermissionsSearchRequest(CustomBaseModel): + service_id: Optional[int] = None + resource: Optional[str] = None + action: Optional[str] = None + +class IAMGetPermissionsSearchResponse(CustomBaseModel): + permissions: list[PermissionResponse] From c6a2b301dce0473c1cb25a4c12ccaf061b434346 Mon Sep 17 00:00:00 2001 From: luxferre Date: Wed, 27 May 2026 11:11:19 +0100 Subject: [PATCH 4/5] feat: iam dependencies IAM endpoints now use dependencies to perform most initial database get requests. Issue #6 --- src/iam/dependencies.py | 49 ++++++++++++++++++++++++++++++++-- src/iam/exceptions.py | 25 +++++++++++++++-- src/iam/router.py | 59 +++++++++++------------------------------ src/iam/schemas.py | 28 +++++++++---------- 4 files changed, 100 insertions(+), 61 deletions(-) diff --git a/src/iam/dependencies.py b/src/iam/dependencies.py index 7447aaf..d5632c7 100644 --- a/src/iam/dependencies.py +++ b/src/iam/dependencies.py @@ -1,5 +1,5 @@ """ -Router dependencies for +Router dependencies for the IAM module Classes: - List: Description @@ -8,4 +8,49 @@ Classes: Functions: - List: Description - Functions: Description -""" \ No newline at end of file +""" +from typing import Annotated, Optional + +from fastapi import Depends, Query + +from src.database import db_dependency + +from src.iam.models import Group +from src.iam.exceptions import GroupNotFoundException, PermNotFoundException +from src.iam.schemas import GroupIDMixin, PermIDMixin + + +def get_group_model_query(db: db_dependency, group_id: Annotated[int, Query(gt=0)]) -> type[Group]: + group_model = db.get(Group, group_id) + if group_model is None: + raise GroupNotFoundException(group_id) + + return group_model + +group_model_query_dependency = Annotated[type[Group], Depends(get_group_model_query)] + + +def get_group_model_body(db: db_dependency, request_model: Optional[GroupIDMixin] = None) -> type[Group]: + group_id = getattr(request_model, "group_id", None) + if group_id is None: + raise GroupNotFoundException() + group_model = db.get(Group, group_id) + if group_model is None: + raise GroupNotFoundException(group_id) + + return group_model + +group_model_body_dependency = Annotated[type[Group], Depends(get_group_model_body)] + + +def get_perm_model_body(db: db_dependency, request_model: Optional[PermIDMixin] = None) -> type[Group]: + perm_id = getattr(request_model, "permission_id", None) + if perm_id is None: + raise PermNotFoundException + group_model = db.get(Group, perm_id) + if group_model is None: + raise PermNotFoundException(perm_id) + + return group_model + +perm_model_body_dependency = Annotated[type[Group], Depends(get_perm_model_body)] diff --git a/src/iam/exceptions.py b/src/iam/exceptions.py index 5debbb4..5c97b9a 100644 --- a/src/iam/exceptions.py +++ b/src/iam/exceptions.py @@ -1,7 +1,28 @@ """ -Module specific exceptions for +Module specific exceptions for the IAM module Exceptions: - List: Description - Exceptions: Description -""" \ No newline at end of file +""" +from typing import Optional + +from fastapi import HTTPException, status + + +class GroupNotFoundException(HTTPException): + def __init__(self, group_id: Optional[int] = None) -> None: + detail = "Group not found" if group_id is None else f"User with ID '{group_id}' was not found." + super().__init__( + status_code=status.HTTP_404_NOT_FOUND, + detail=detail, + ) + + +class PermNotFoundException(HTTPException): + def __init__(self, perm_id: Optional[int] = None) -> None: + detail = "Permission not found" if perm_id is None else f"User with ID '{perm_id}' was not found." + super().__init__( + status_code=status.HTTP_404_NOT_FOUND, + detail=detail, + ) diff --git a/src/iam/router.py b/src/iam/router.py index b249b34..d874570 100644 --- a/src/iam/router.py +++ b/src/iam/router.py @@ -17,6 +17,7 @@ from src.iam.schemas import IAMGetGroupPermissionsResponse, IAMGetGroupUsersResp IAMPostPermissionResponse, PermissionResponse, IAMDeletePermissionRequest, IAMGetPermissionsSearchRequest, IAMGetPermissionsSearchResponse from src.schemas import ResourceName from src.auth.service import claims_dependency +from src.user.exceptions import UserNotFoundException from src.user.models import User from src.organisation.models import Organisation as Org from src.service.models import Service @@ -24,6 +25,7 @@ from src.organisation.dependencies import org_model_dependency from src.iam.service import service_key_dependency from src.iam.models import Permission as Perm, GroupPermissions as GPerms, Group, UserGroups +from src.iam.dependencies import group_model_query_dependency, group_model_body_dependency, perm_model_body_dependency router = APIRouter( tags=["IAM"], @@ -64,28 +66,21 @@ async def can_act_on_resource(valid_key: service_key_dependency, db: db_dependen @router.get("/group/permissions", response_model=IAMGetGroupPermissionsResponse) -async def get_group_permissions(db: db_dependency, group_id: Annotated[int, Query(gt=0)]): - # TODO: root_user_dependency & org_id query param - group_model = db.get(Group, group_id) - if group_model is None: - raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") - +async def get_group_permissions(db: db_dependency, group_model: group_model_query_dependency): + # TODO: root_user_dependency return {"permissions": group_model.permission_rel} @router.get("/group/users", response_model=IAMGetGroupUsersResponse) -async def get_group_users(db: db_dependency, group_id: Annotated[int, Query(gt=0)]): - # TODO: root_user_dependency & org_id query param - group_model = db.get(Group, group_id) - if group_model is None: - raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") - +async def get_group_users(db: db_dependency, group_model: group_model_query_dependency): + # TODO: root_user_dependency return {"users": group_model.user_rel} @router.post("/group", response_model=IAMPostGroupResponse) async def create_group(db: db_dependency, group_request: IAMPostGroupRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): # TODO: root_user_dependency + # TODO: get org ID from dependency instead of query (needs updated dep first) group_model = Group(name=group_request.name, org_id=org_id) db.add(group_model) @@ -96,15 +91,8 @@ async def create_group(db: db_dependency, group_request: IAMPostGroupRequest, or @router.put("/group/permission", response_model=IAMPutGroupPermissionResponse) -async def add_group_permission(db: db_dependency, request_model: IAMPutGroupPermissionRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): +async def add_group_permission(db: db_dependency, group_model: group_model_body_dependency, perm_model: perm_model_body_dependency, request_model: IAMPutGroupPermissionRequest): # TODO: root_user_dependency - group_model = db.get(Group, request_model.group_id) - if group_model is None: - raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") - perm_model = db.get(Perm, request_model.permission_id) - if perm_model is None: - raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Permission not found") - group_model.permission_rel.append(perm_model) db.flush() @@ -114,14 +102,12 @@ async def add_group_permission(db: db_dependency, request_model: IAMPutGroupPerm @router.put("/group/user") -async def add_group_user(db: db_dependency, request_model: IAMPutGroupUserRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): +async def add_group_user(db: db_dependency, group_model: group_model_body_dependency, request_model: IAMPutGroupUserRequest): # TODO: root_user_dependency - group_model = db.get(Group, request_model.group_id) - if group_model is None: - raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") + # TODO: user_model_dependency user_model = db.get(User, request_model.user_id) if user_model is None: - raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found") + raise UserNotFoundException(user_id=request_model.user_id) group_model.user_rel.append(user_model) db.flush() @@ -131,15 +117,8 @@ async def add_group_user(db: db_dependency, request_model: IAMPutGroupUserReques @router.delete("/group/permissions") -async def remove_group_permissions(db: db_dependency, request_model: IAMDeleteGroupPermissionRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): +async def remove_group_permissions(db: db_dependency, group_model: group_model_body_dependency, perm_model: perm_model_body_dependency, request_model: IAMDeleteGroupPermissionRequest): # TODO: root_user_dependency - group_model = db.get(Group, request_model.group_id) - if group_model is None: - raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") - perm_model = db.get(Perm, request_model.permission_id) - if perm_model is None: - raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Permission not found") - group_model.permission_rel.remove(perm_model) db.flush() response = IAMDeleteGroupPermissionResponse(group=GroupResponse(**group_model.__dict__), @@ -149,11 +128,9 @@ async def remove_group_permissions(db: db_dependency, request_model: IAMDeleteGr @router.delete("/group/user") -async def remove_group_user(db: db_dependency, request_model: IAMDeleteGroupUserRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): +async def remove_group_user(db: db_dependency, group_model: group_model_body_dependency, request_model: IAMDeleteGroupUserRequest): # TODO: root_user_dependency - group_model = db.get(Group, request_model.group_id) - if group_model is None: - raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Group not found") + # TODO: User model dependency user_model = db.get(User, request_model.user_id) if user_model is None: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found") @@ -167,7 +144,7 @@ async def remove_group_user(db: db_dependency, request_model: IAMDeleteGroupUser @router.get("/permissions", response_model=IAMGetPermissionsResponse) -async def get_permissions(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): +async def get_permissions(db: db_dependency): # TODO: root_user_dependency permission_models = db.query(Perm).all() @@ -187,12 +164,8 @@ async def create_new_permission(db: db_dependency, request_mode: IAMPostPermissi @router.delete("/permission", status_code=status.HTTP_204_NO_CONTENT) -async def delete_permission(db: db_dependency, request_model: IAMDeletePermissionRequest): +async def delete_permission(db: db_dependency, perm_model: perm_model_body_dependency, request_model: IAMDeletePermissionRequest): # TODO: super_admin_dependency - perm_model = db.query(Perm).filter(Perm.service_id==request_model.service_id, Perm.resource==request_model.resource, Perm.action==request_model.action).first() - if perm_model is None: - raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Permission not found") - db.delete(perm_model) db.commit() diff --git a/src/iam/schemas.py b/src/iam/schemas.py index ef10df8..b73500b 100644 --- a/src/iam/schemas.py +++ b/src/iam/schemas.py @@ -30,6 +30,12 @@ class GroupResponse(CustomBaseModel): id: int name: str +class GroupIDMixin(CustomBaseModel): + group_id: int + +class PermIDMixin(CustomBaseModel): + permission_id: int + class IAMGetGroupPermissionsResponse(CustomBaseModel): permissions: list[PermissionResponse] @@ -42,32 +48,28 @@ class IAMPostGroupRequest(CustomBaseModel): class IAMPostGroupResponse(CustomBaseModel): group: GroupResponse -class IAMPutGroupPermissionRequest(CustomBaseModel): - group_id: int - permission_id: int +class IAMPutGroupPermissionRequest(GroupIDMixin, PermIDMixin): + pass class IAMPutGroupPermissionResponse(CustomBaseModel): group: GroupResponse permissions: list[PermissionResponse] -class IAMPutGroupUserRequest(CustomBaseModel): - group_id: int +class IAMPutGroupUserRequest(GroupIDMixin): user_id: int class IAMPutGroupUserResponse(CustomBaseModel): group: GroupResponse users: list[UserResponse] -class IAMDeleteGroupPermissionRequest(CustomBaseModel): - group_id: int - permission_id: int +class IAMDeleteGroupPermissionRequest(GroupIDMixin, PermIDMixin): + pass class IAMDeleteGroupPermissionResponse(CustomBaseModel): group: GroupResponse permissions: list[PermissionResponse] -class IAMDeleteGroupUserRequest(CustomBaseModel): - group_id: int +class IAMDeleteGroupUserRequest(GroupIDMixin): user_id: int class IAMDeleteGroupUserResponse(CustomBaseModel): @@ -85,10 +87,8 @@ class IAMPostPermissionRequest(CustomBaseModel): class IAMPostPermissionResponse(CustomBaseModel): permission: PermissionResponse -class IAMDeletePermissionRequest(CustomBaseModel): - service_id: int - resource: str - action: str +class IAMDeletePermissionRequest(PermIDMixin): + pass class IAMGetPermissionsSearchRequest(CustomBaseModel): service_id: Optional[int] = None From 657f91d73d3a6d88a43acac64c9f644273acadb0 Mon Sep 17 00:00:00 2001 From: luxferre Date: Wed, 27 May 2026 12:21:03 +0100 Subject: [PATCH 5/5] feat: org dependencies Org endpoints use query/body model dependencies to perform initial db lookups. Issue #6 Org ID path params have been replaced with either query params (get endpoints) or body values. Resolves #10 Endpoints in other modules that rely on an org model lookup have also been updated. --- src/auth/service.py | 8 +-- src/iam/router.py | 16 +++--- src/iam/schemas.py | 5 +- src/organisation/dependencies.py | 25 ++++++++-- src/organisation/exceptions.py | 14 +++++- src/organisation/router.py | 84 +++++++++++++++++--------------- src/organisation/schemas.py | 19 +++++--- src/service/schemas.py | 8 +-- src/user/models.py | 1 - 9 files changed, 106 insertions(+), 74 deletions(-) diff --git a/src/auth/service.py b/src/auth/service.py index 71a797a..8f27902 100644 --- a/src/auth/service.py +++ b/src/auth/service.py @@ -22,7 +22,7 @@ from src.user.service import add_user_to_db from src.organisation.models import OrgUsers, Organisation as Org from src.user.models import User from src.database import db_dependency -from src.organisation.dependencies import org_model_dependency +from src.organisation.dependencies import org_model_query_dependency oidc = OpenIdConnect(openIdConnectUrl=auth_settings.OIDC_CONFIG) @@ -54,7 +54,7 @@ async def get_current_user(oidc_auth_string: oidc_dependency) -> dict[str, Any]: try: claims_requests.validate(token.claims) - except ExpiredTokenError as e: + except ExpiredTokenError: raise HTTPException(status_code=401, detail="Token expired") db_id = await add_user_to_db(token.claims) @@ -93,7 +93,7 @@ async def is_org_user(claims: claims_dependency, db: db_dependency, org_id: int org_user_dependency = Annotated[dict[str, Any], Depends(is_org_user)] -async def is_org_root(claims: claims_dependency, db: db_dependency, org_model: org_model_dependency, org_id: int = Path(gt=0)): +async def is_org_root_query(claims: claims_dependency, db: db_dependency, org_model: org_model_query_dependency): db_id = claims.get("db_id", None) if db_id is None: raise HTTPException(status_code=404, detail="User not found in db") @@ -104,7 +104,7 @@ async def is_org_root(claims: claims_dependency, db: db_dependency, org_model: o raise HTTPException(status_code=401, detail="Not authorised") -root_user_dependency = Annotated[dict[str, Any], Depends(is_org_root)] +root_user_query_dependency = Annotated[dict[str, Any], Depends(is_org_root_query)] async def is_super_admin(claims: claims_dependency): diff --git a/src/iam/router.py b/src/iam/router.py index d874570..2e2ad7c 100644 --- a/src/iam/router.py +++ b/src/iam/router.py @@ -5,9 +5,7 @@ Endpoints: - List: Description - Endpoints: Description """ -from typing import Annotated - -from fastapi import APIRouter, Query, HTTPException, status +from fastapi import APIRouter, HTTPException, status from src.database import db_dependency from src.iam.schemas import IAMGetGroupPermissionsResponse, IAMGetGroupUsersResponse, IAMPostGroupRequest, \ @@ -21,7 +19,7 @@ from src.user.exceptions import UserNotFoundException from src.user.models import User from src.organisation.models import Organisation as Org from src.service.models import Service -from src.organisation.dependencies import org_model_dependency +from src.organisation.dependencies import org_model_body_dependency from src.iam.service import service_key_dependency from src.iam.models import Permission as Perm, GroupPermissions as GPerms, Group, UserGroups @@ -66,22 +64,22 @@ async def can_act_on_resource(valid_key: service_key_dependency, db: db_dependen @router.get("/group/permissions", response_model=IAMGetGroupPermissionsResponse) -async def get_group_permissions(db: db_dependency, group_model: group_model_query_dependency): +async def get_group_permissions(group_model: group_model_query_dependency): # TODO: root_user_dependency return {"permissions": group_model.permission_rel} @router.get("/group/users", response_model=IAMGetGroupUsersResponse) -async def get_group_users(db: db_dependency, group_model: group_model_query_dependency): +async def get_group_users(group_model: group_model_query_dependency): # TODO: root_user_dependency return {"users": group_model.user_rel} @router.post("/group", response_model=IAMPostGroupResponse) -async def create_group(db: db_dependency, group_request: IAMPostGroupRequest, org_model: org_model_dependency, org_id: Annotated[int, Query(gt=0)]): +async def create_group(db: db_dependency, request_model: IAMPostGroupRequest, org_model: org_model_body_dependency): # TODO: root_user_dependency # TODO: get org ID from dependency instead of query (needs updated dep first) - group_model = Group(name=group_request.name, org_id=org_id) + group_model = Group(name=request_model.name, org_id=org_model.id) db.add(group_model) db.flush() @@ -172,7 +170,7 @@ async def delete_permission(db: db_dependency, perm_model: perm_model_body_depen @router.get("/permissions/search", response_model=IAMGetPermissionsSearchResponse) async def get_permissions(db: db_dependency, search: IAMGetPermissionsSearchRequest): - # TODO: super_admin_dependency + # TODO: root_user_dependency permission_query = db.query(Perm) if search.service_id is not None: diff --git a/src/iam/schemas.py b/src/iam/schemas.py index b73500b..70af0f8 100644 --- a/src/iam/schemas.py +++ b/src/iam/schemas.py @@ -9,9 +9,8 @@ from typing import Optional from pydantic import EmailStr, ConfigDict +from src.organisation.schemas import OrgIDMixin from src.schemas import CustomBaseModel -from src.organisation.constants import Status, ContactType -from src.contact.schemas import ContactAddress class UserResponse(CustomBaseModel): id: int @@ -42,7 +41,7 @@ class IAMGetGroupPermissionsResponse(CustomBaseModel): class IAMGetGroupUsersResponse(CustomBaseModel): users : list[UserResponse] -class IAMPostGroupRequest(CustomBaseModel): +class IAMPostGroupRequest(OrgIDMixin): name: str class IAMPostGroupResponse(CustomBaseModel): diff --git a/src/organisation/dependencies.py b/src/organisation/dependencies.py index 26a7036..ecbb22a 100644 --- a/src/organisation/dependencies.py +++ b/src/organisation/dependencies.py @@ -11,18 +11,33 @@ Functions: """ from typing import Annotated -from fastapi import HTTPException, Depends +from fastapi import Depends, Query from src.database import db_dependency +from src.organisation.schemas import OrgIDMixin from src.organisation.models import Organisation as Org +from src.organisation.exceptions import OrgNotFoundException -def get_org_model(db: db_dependency, org_id: int) -> type[Org]: - org_model = db.query(Org).filter(Org.id == org_id).first() +def get_org_model_query(db: db_dependency, org_id: Annotated[int, Query(gt=0)]) -> type[Org]: + org_model = db.get(Org, org_id) if org_model is None: - raise HTTPException(status_code=404, detail="Organisation not found") + raise OrgNotFoundException(org_id) return org_model -org_model_dependency = Annotated[type[Org], Depends(get_org_model)] +org_model_query_dependency = Annotated[type[Org], Depends(get_org_model_query)] + + +def get_org_model_body(db: db_dependency, request_model: OrgIDMixin) -> type[Org]: + org_id = getattr(request_model, "organisation_id", None) + if org_id is None: + raise OrgNotFoundException + org_model = db.get(Org, org_id) + if org_model is None: + raise OrgNotFoundException(org_id) + + return org_model + +org_model_body_dependency = Annotated[type[Org], Depends(get_org_model_body)] diff --git a/src/organisation/exceptions.py b/src/organisation/exceptions.py index 6a3d38b..772ec2b 100644 --- a/src/organisation/exceptions.py +++ b/src/organisation/exceptions.py @@ -4,4 +4,16 @@ Module specific exceptions for organisation module Exceptions: - List: Description - Exceptions: Description -""" \ No newline at end of file +""" +from typing import Optional + +from fastapi import HTTPException, status + + +class OrgNotFoundException(HTTPException): + def __init__(self, org_id: Optional[int] = None) -> None: + detail = "Organisation not found" if org_id is None else f"User with ID '{org_id}' was not found." + super().__init__( + status_code=status.HTTP_404_NOT_FOUND, + detail=detail, + ) \ No newline at end of file diff --git a/src/organisation/router.py b/src/organisation/router.py index 1131c40..6cf8d87 100644 --- a/src/organisation/router.py +++ b/src/organisation/router.py @@ -15,23 +15,22 @@ Endpoints: from typing import Annotated, Optional from fastapi import APIRouter, HTTPException, status -from fastapi.params import Path, Query +from fastapi.params import Query from src.contact.schemas import ContactAddress from src.database import db_dependency from src.contact.models import Contact from src.user.models import User from src.user.exceptions import UserNotFoundException -from src.auth.service import root_user_dependency, claims_dependency +from src.auth.service import root_user_query_dependency, claims_dependency -from src.organisation.dependencies import org_model_dependency +from src.organisation.dependencies import org_model_query_dependency, org_model_body_dependency from src.organisation.constants import ContactType from src.organisation.models import Organisation as Org from src.organisation.schemas import OrgOrgPostRequest, OrgQuestionnairePatchRequest, OrgStatusPatchRequest, \ OrgContactPatchRequest, \ OrgUserPostRequest, OrgUserGetResponse, OrgContactGetResponse, OrgOrgGetResponse, OrgRootPatchRequest, \ - OrgGroupGetResponse, OrgUserDeleteRequest - + OrgGroupGetResponse, OrgUserDeleteRequest, OrgDeleteOrgRequest router = APIRouter( prefix="/org", @@ -39,8 +38,8 @@ router = APIRouter( ) -@router.get("/id/{org_id}", response_model=OrgOrgGetResponse) -async def get_org_by_id(org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)]): +@router.get("/id", response_model=OrgOrgGetResponse) +async def get_org_by_id(org_model: org_model_query_dependency): response = { "name": org_model.name, "status": org_model.status, @@ -54,12 +53,16 @@ async def get_org_by_id(org_model: org_model_dependency, org_id: Annotated[int, @router.post("/") -async def create_org(db: db_dependency, user: claims_dependency, org_request: OrgOrgPostRequest): +async def create_org(db: db_dependency, user: claims_dependency, request_model: OrgOrgPostRequest): db_id: Optional[int] = user.get("db_id", None) if db_id is None: raise UserNotFoundException() - org_model = Org(name=org_request.name, intake_questionnaire=org_request.intake_questionnaire.model_dump()) + if request_model.intake_questionnaire: + intake_questionnaire = request_model.intake_questionnaire.model_dump() + else: + intake_questionnaire = None + org_model = Org(name=request_model.name, intake_questionnaire=intake_questionnaire) org_model.status = "partial" # Status is always set to partial at first, see update_questionnaire() doc @@ -77,67 +80,70 @@ async def create_org(db: db_dependency, user: claims_dependency, org_request: Or db.commit() -@router.patch("/{org_id}/questionnaire") -async def update_questionnaire(db: db_dependency, org_model: org_model_dependency, q_request: OrgQuestionnairePatchRequest, org_id: Annotated[int, Path(gt=0)]): +@router.patch("/questionnaire") +async def update_questionnaire(db: db_dependency, org_model: org_model_body_dependency, request_model: OrgQuestionnairePatchRequest): """ Route for updating questionnaire. The partial bool allows for submission of partially completed questionnaire and/or final "are you sure" check before setting the org to be in "submitted" status, awaiting admin approval. """ - org_model.intake_questionnaire = q_request.intake_questionnaire.model_dump() + org_model.intake_questionnaire = request_model.intake_questionnaire.model_dump() # Allows for partially completed questionnaires to be saved without being submitted for review - if not q_request.partial: + if not request_model.partial: org_model.status = "submitted" db.commit() -@router.patch("/{org_id}/status") -async def update_status(db: db_dependency, org_model: org_model_dependency, status_request: OrgStatusPatchRequest, org_id: Annotated[int, Path(gt=0)]): - org_model.status = status_request.status +@router.patch("/status") +async def update_status(db: db_dependency, org_model: org_model_body_dependency, request_model: OrgStatusPatchRequest): + org_model.status = request_model.status db.commit() -@router.get("/{org_id}/users", response_model=OrgUserGetResponse) -async def get_users(org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)]): +@router.get("/users", response_model=OrgUserGetResponse) +async def get_users(org_model: org_model_query_dependency): return {"users": [user.email for user in org_model.user_rel]} -@router.post("/{org_id}/users") -async def add_user_to_org(db: db_dependency, org_model: org_model_dependency, user_request: OrgUserPostRequest, org_id: Annotated[int, Path(gt=0)]): - user_model = db.get(User, user_request.user_id) +@router.post("/users") +async def add_user_to_org(db: db_dependency, org_model: org_model_body_dependency, request_model: OrgUserPostRequest): + # TODO: user_model_body_dependency + user_model = db.get(User, request_model.user_id) if user_model in org_model.user_rel: return org_model.user_rel.append(user_model) db.commit() -@router.delete("/{org_id}", status_code=status.HTTP_204_NO_CONTENT) -async def delete_organisation_by_id(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)]): +@router.delete("/", status_code=status.HTTP_204_NO_CONTENT) +async def delete_organisation_by_id(db: db_dependency, org_model: org_model_body_dependency, request_model: OrgDeleteOrgRequest): db.delete(org_model) db.commit() -@router.patch("/{org_id}/root_user", status_code=status.HTTP_204_NO_CONTENT) -async def update_root_user(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)], user_request: OrgRootPatchRequest): - root_user_model = db.get(User, user_request.user_id) +@router.patch("/root_user", status_code=status.HTTP_204_NO_CONTENT) +async def update_root_user(db: db_dependency, org_model: org_model_body_dependency, request_model: OrgRootPatchRequest): + # TODO: user_model_body_dependency + root_user_model = db.get(User, request_model.user_id) if root_user_model is None: - raise UserNotFoundException(user_id=user_request.user_id) + raise UserNotFoundException(user_id=request_model.user_id) org_model.root_user_rel = root_user_model db.commit() -@router.get("/{org_id}/groups", response_model=OrgGroupGetResponse) -async def get_org_groups(org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)]): +@router.get("/groups", response_model=OrgGroupGetResponse) +async def get_org_groups(org_model: org_model_query_dependency): return {"groups": [group.name for group in org_model.group_rel]} -@router.delete("/{org_id}/user", status_code=status.HTTP_204_NO_CONTENT) -async def remove_user_from_org(db: db_dependency, org_model: org_model_dependency, org_id: Annotated[int, Path(gt=0)], user_request: OrgUserDeleteRequest): - user_id = user_request.user_id +@router.delete("/user", status_code=status.HTTP_204_NO_CONTENT) +async def remove_user_from_org(db: db_dependency, org_model: org_model_body_dependency, request_model: OrgUserDeleteRequest): + # TODO: user_model_body_dependency + user_id = request_model.user_id user = db.get(User, user_id) if user is None: @@ -149,8 +155,9 @@ async def remove_user_from_org(db: db_dependency, org_model: org_model_dependenc org_model.user_rel.remove(user) db.commit() -@router.get("/{org_id}/contact", response_model=OrgContactGetResponse) -async def get_contact(org_model: org_model_dependency, contact_type: Annotated[ContactType, Query()], org_id: Annotated[int, Path(gt=0)]): + +@router.get("/contact", response_model=OrgContactGetResponse) +async def get_contact(org_model: org_model_query_dependency, contact_type: Annotated[ContactType, Query()]): match contact_type: case "billing": contact_model = org_model.billing_contact_rel @@ -170,10 +177,9 @@ async def get_contact(org_model: org_model_dependency, contact_type: Annotated[C ) - -@router.patch("/{org_id}/contact", response_model=OrgContactGetResponse) -async def update_contact(db: db_dependency, org_model: org_model_dependency, contact_type: Annotated[ContactType, Query()], contact_request: OrgContactPatchRequest, org_id: Annotated[int, Path(gt=0)]): - match contact_type: +@router.patch("/contact", response_model=OrgContactGetResponse) +async def update_contact(db: db_dependency, org_model: org_model_body_dependency, request_model: OrgContactPatchRequest): + match request_model.contact_type: case "billing": contact_model = org_model.billing_contact_rel case "security": @@ -186,7 +192,7 @@ async def update_contact(db: db_dependency, org_model: org_model_dependency, con if contact_model is None: raise HTTPException(status_code=404, detail="Contact not found") - update_data = contact_request.model_dump(exclude_none=True) + update_data = request_model.model_dump(exclude_none=True) for key, value in update_data.items(): if hasattr(contact_model, key): setattr(contact_model, key, value) diff --git a/src/organisation/schemas.py b/src/organisation/schemas.py index ae7322c..3efb67d 100644 --- a/src/organisation/schemas.py +++ b/src/organisation/schemas.py @@ -18,19 +18,23 @@ class OrgQuestionnaire(CustomBaseModel): question_two: str question_three: str +class OrgIDMixin(CustomBaseModel): + organisation_id: int class OrgOrgPostRequest(CustomBaseModel): name: str intake_questionnaire: Optional[OrgQuestionnaire] = None -class OrgQuestionnairePatchRequest(CustomBaseModel): +class OrgQuestionnairePatchRequest(OrgIDMixin): intake_questionnaire: OrgQuestionnaire partial: bool -class OrgStatusPatchRequest(CustomBaseModel): +class OrgStatusPatchRequest(OrgIDMixin): status: Status -class OrgContactPatchRequest(CustomBaseModel): +class OrgContactPatchRequest(OrgIDMixin): + contact_type: ContactType + email: Optional[EmailStr] = None first_name: Optional[str] = None last_name: Optional[str] = None @@ -44,13 +48,13 @@ class OrgContactPatchRequest(CustomBaseModel): country_code: Optional[str] = None postal_code: Optional[str] = None -class OrgUserPostRequest(CustomBaseModel): +class OrgUserPostRequest(OrgIDMixin): user_id: int -class OrgUserDeleteRequest(CustomBaseModel): +class OrgUserDeleteRequest(OrgIDMixin): user_id: int -class OrgRootPatchRequest(CustomBaseModel): +class OrgRootPatchRequest(OrgIDMixin): user_id: int class OrgUserGetResponse(CustomBaseModel): @@ -77,3 +81,6 @@ class OrgOrgGetResponse(CustomBaseModel): owner_contact: Optional[str] = None billing_contact: Optional[str] = None security_contact: Optional[str] = None + +class OrgDeleteOrgRequest(OrgIDMixin): + pass \ No newline at end of file diff --git a/src/service/schemas.py b/src/service/schemas.py index f2e4ac0..c316919 100644 --- a/src/service/schemas.py +++ b/src/service/schemas.py @@ -5,17 +5,13 @@ Models: - List: Description - Models: Description """ -from typing import Optional - -from pydantic import EmailStr, ConfigDict +from pydantic import ConfigDict from src.schemas import CustomBaseModel -from src.organisation.constants import Status, ContactType -from src.contact.schemas import ContactAddress class ServiceResponse(CustomBaseModel): model_config = ConfigDict(from_attributes=True, extra="ignore") - + id: int name: str diff --git a/src/user/models.py b/src/user/models.py index eac4684..964bed6 100644 --- a/src/user/models.py +++ b/src/user/models.py @@ -10,7 +10,6 @@ from sqlalchemy import Column, Integer, String from sqlalchemy.orm import relationship from src.database import Base -from src.iam.models import Group class User(Base):