diff --git a/src/iam/router.py b/src/iam/router.py index f2f6a34..1cf904c 100644 --- a/src/iam/router.py +++ b/src/iam/router.py @@ -86,7 +86,7 @@ async def get_group_permissions(group_model: group_model_query_dependency, org_m @router.get("/group/users", response_model=IAMGetGroupUsersResponse) async def get_group_users(group_model: group_model_query_dependency, org_model: org_model_root_claim_query_dependency): - if group_model.org_id == org_model.id: + if group_model.org_id != org_model.id: raise UnauthorizedException() return {"users": group_model.user_rel} @@ -108,7 +108,7 @@ async def create_group(db: db_dependency, org_model: org_model_root_claim_body_d @router.put("/group/permission", response_model=IAMPutGroupPermissionResponse) async def add_group_permission(db: db_dependency, group_model: group_model_body_dependency, perm_model: perm_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMPutGroupPermissionRequest): - if group_model.org_id == org_model.id: + if group_model.org_id != org_model.id: raise UnauthorizedException() if perm_model in group_model.permission_rel: @@ -124,7 +124,7 @@ async def add_group_permission(db: db_dependency, group_model: group_model_body_ @router.put("/group/user") async def add_group_user(db: db_dependency, group_model: group_model_body_dependency, user_model: user_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMPutGroupUserRequest): - if group_model.org_id == org_model.id: + if group_model.org_id != org_model.id: raise UnauthorizedException() if user_model in group_model.user_rel: @@ -139,7 +139,7 @@ async def add_group_user(db: db_dependency, group_model: group_model_body_depend @router.delete("/group/permissions") async def remove_group_permissions(db: db_dependency, group_model: group_model_body_dependency, perm_model: perm_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMDeleteGroupPermissionRequest): - if group_model.org_id == org_model.id: + if group_model.org_id != org_model.id: raise UnauthorizedException() group_model.permission_rel.remove(perm_model) @@ -152,7 +152,7 @@ async def remove_group_permissions(db: db_dependency, group_model: group_model_b @router.delete("/group/user") async def remove_group_user(db: db_dependency, group_model: group_model_body_dependency, user_model: user_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMDeleteGroupUserRequest): - if group_model.org_id == org_model.id: + if group_model.org_id != org_model.id: raise UnauthorizedException() user_model.group_rel.remove(group_model) diff --git a/src/iam/schemas.py b/src/iam/schemas.py index 3f34390..ff6cbfc 100644 --- a/src/iam/schemas.py +++ b/src/iam/schemas.py @@ -8,7 +8,7 @@ Models follow the nomenclature of: """ from typing import Optional -from pydantic import EmailStr, ConfigDict +from pydantic import EmailStr, ConfigDict, Field from src.organisation.schemas import OrgIDMixin from src.schemas import CustomBaseModel @@ -16,6 +16,8 @@ from user.schemas import UserIDMixin class UserSchema(CustomBaseModel): + model_config = ConfigDict(from_attributes=True, extra="ignore") + id: int first_name: str last_name: str @@ -33,10 +35,10 @@ class GroupSchema(CustomBaseModel): name: str class GroupIDMixin(CustomBaseModel): - group_id: int + group_id: int = Field(gt=0) class PermIDMixin(CustomBaseModel): - permission_id: int + permission_id: int = Field(gt=0) class IAMGetGroupPermissionsResponse(CustomBaseModel): permissions: list[PermissionSchema] @@ -45,19 +47,19 @@ class IAMGetGroupUsersResponse(CustomBaseModel): users : list[UserSchema] class IAMPostGroupRequest(OrgIDMixin): - name: str + name: str = Field(min_length=3) class IAMPostGroupResponse(CustomBaseModel): group: GroupSchema -class IAMPutGroupPermissionRequest(GroupIDMixin, PermIDMixin): +class IAMPutGroupPermissionRequest(GroupIDMixin, PermIDMixin, OrgIDMixin): pass class IAMPutGroupPermissionResponse(CustomBaseModel): group: GroupSchema permissions: list[PermissionSchema] -class IAMPutGroupUserRequest(GroupIDMixin, UserIDMixin): +class IAMPutGroupUserRequest(GroupIDMixin, UserIDMixin, OrgIDMixin): pass class IAMPutGroupUserResponse(CustomBaseModel): diff --git a/src/organisation/schemas.py b/src/organisation/schemas.py index 3620e38..c34ef16 100644 --- a/src/organisation/schemas.py +++ b/src/organisation/schemas.py @@ -8,7 +8,7 @@ Models follow the nomenclature of: """ from typing import Optional -from pydantic import EmailStr, ConfigDict +from pydantic import EmailStr, ConfigDict, Field from src.schemas import CustomBaseModel from src.contact.schemas import ContactModel @@ -23,7 +23,7 @@ class Questionnaire(CustomBaseModel): question_three: Optional[str] = None class OrgIDMixin(CustomBaseModel): - organisation_id: int + organisation_id: int = Field(gt=0) class OrgPostOrgRequest(CustomBaseModel): diff --git a/src/user/schemas.py b/src/user/schemas.py index b688412..3578005 100644 --- a/src/user/schemas.py +++ b/src/user/schemas.py @@ -2,11 +2,13 @@ Pydantic models for the user module """ from typing import Optional +from pydantic import Field + from src.schemas import CustomBaseModel class UserIDMixin(CustomBaseModel): - user_id: int + user_id: int = Field(gt=0) class OIDCClaims(CustomBaseModel):