sr2/cloud-api
6
0
Fork 1
Code Issues 8 Pull requests 2 Projects Releases Packages Wiki Activity Actions

Compare commits

base: sr2:d3400f53e43e1f47b0c31a60a91884efbe376271
Branches Tags
sr2:main
sr2:renovate/configure
...
compare: sr2:9403e9291fba2a75212d5155f11235e6e2f2c219
Branches Tags
sr2:main
sr2:renovate/configure

9 commits
d3400f53e4 ... 9403e9291f

Author SHA1 Message Date
luxferre
9403e9291f minor: >0 user id in bodies 2026-06-02 14:40:24 +01:00
luxferre
3052565258 fix: userschema config 
Required for Pydantic to map a SQLAlchemy model to it.
 2026-06-02 14:37:07 +01:00
luxferre
2f4b7b8733 fix: missing org id in req 2026-06-02 14:21:05 +01:00
luxferre
5ec1f2272a minor: >0 perm & group id in bodies 2026-06-02 14:18:04 +01:00
luxferre
c6542f48c1 fix: multiple inverted conditionals 2026-06-02 13:52:52 +01:00
luxferre
5104257a50 fix: missing org id in req body 2026-06-02 13:50:13 +01:00
luxferre
3ea782d68f minor: min length on group name post 2026-06-02 13:37:42 +01:00
luxferre
e4559b8ee4 minor: >0 check on org ids in bodies 2026-06-02 13:34:05 +01:00
luxferre
7d109f0f73 fix: inverted conditional in get group users 2026-06-02 12:22:36 +01:00
4 changed files with 18 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/iam/router.py
View file

@ -86,7 +86,7 @@ async def get_group_permissions(group_model: group_model_query_dependency, org_m
@router.get("/group/users", response_model=IAMGetGroupUsersResponse)
async def get_group_users(group_model: group_model_query_dependency, org_model: org_model_root_claim_query_dependency):
if group_model.org_id == org_model.id:
if group_model.org_id != org_model.id:
raise UnauthorizedException()
return {"users": group_model.user_rel}
@ -108,7 +108,7 @@ async def create_group(db: db_dependency, org_model: org_model_root_claim_body_d
@router.put("/group/permission", response_model=IAMPutGroupPermissionResponse)
async def add_group_permission(db: db_dependency, group_model: group_model_body_dependency, perm_model: perm_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMPutGroupPermissionRequest):
if group_model.org_id == org_model.id:
if group_model.org_id != org_model.id:
raise UnauthorizedException()
if perm_model in group_model.permission_rel:
@ -124,7 +124,7 @@ async def add_group_permission(db: db_dependency, group_model: group_model_body_
@router.put("/group/user")
async def add_group_user(db: db_dependency, group_model: group_model_body_dependency, user_model: user_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMPutGroupUserRequest):
if group_model.org_id == org_model.id:
if group_model.org_id != org_model.id:
raise UnauthorizedException()
if user_model in group_model.user_rel:
@ -139,7 +139,7 @@ async def add_group_user(db: db_dependency, group_model: group_model_body_depend
@router.delete("/group/permissions")
async def remove_group_permissions(db: db_dependency, group_model: group_model_body_dependency, perm_model: perm_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMDeleteGroupPermissionRequest):
if group_model.org_id == org_model.id:
if group_model.org_id != org_model.id:
raise UnauthorizedException()
group_model.permission_rel.remove(perm_model)
@ -152,7 +152,7 @@ async def remove_group_permissions(db: db_dependency, group_model: group_model_b
@router.delete("/group/user")
async def remove_group_user(db: db_dependency, group_model: group_model_body_dependency, user_model: user_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMDeleteGroupUserRequest):
if group_model.org_id == org_model.id:
if group_model.org_id != org_model.id:
raise UnauthorizedException()
user_model.group_rel.remove(group_model)

14
src/iam/schemas.py
View file

@ -8,7 +8,7 @@ Models follow the nomenclature of:
"""
from typing import Optional
from pydantic import EmailStr, ConfigDict
from pydantic import EmailStr, ConfigDict, Field
from src.organisation.schemas import OrgIDMixin
from src.schemas import CustomBaseModel
@ -16,6 +16,8 @@ from user.schemas import UserIDMixin
class UserSchema(CustomBaseModel):
model_config = ConfigDict(from_attributes=True, extra="ignore")
id: int
first_name: str
last_name: str
@ -33,10 +35,10 @@ class GroupSchema(CustomBaseModel):
name: str
class GroupIDMixin(CustomBaseModel):
group_id: int
group_id: int = Field(gt=0)
class PermIDMixin(CustomBaseModel):
permission_id: int
permission_id: int = Field(gt=0)
class IAMGetGroupPermissionsResponse(CustomBaseModel):
permissions: list[PermissionSchema]
@ -45,19 +47,19 @@ class IAMGetGroupUsersResponse(CustomBaseModel):
users : list[UserSchema]
class IAMPostGroupRequest(OrgIDMixin):
name: str
name: str = Field(min_length=3)
class IAMPostGroupResponse(CustomBaseModel):
group: GroupSchema
class IAMPutGroupPermissionRequest(GroupIDMixin, PermIDMixin):
class IAMPutGroupPermissionRequest(GroupIDMixin, PermIDMixin, OrgIDMixin):
pass
class IAMPutGroupPermissionResponse(CustomBaseModel):
group: GroupSchema
permissions: list[PermissionSchema]
class IAMPutGroupUserRequest(GroupIDMixin, UserIDMixin):
class IAMPutGroupUserRequest(GroupIDMixin, UserIDMixin, OrgIDMixin):
pass
class IAMPutGroupUserResponse(CustomBaseModel):

4
src/organisation/schemas.py
View file

@ -8,7 +8,7 @@ Models follow the nomenclature of:
"""
from typing import Optional
from pydantic import EmailStr, ConfigDict
from pydantic import EmailStr, ConfigDict, Field
from src.schemas import CustomBaseModel
from src.contact.schemas import ContactModel
@ -23,7 +23,7 @@ class Questionnaire(CustomBaseModel):
question_three: Optional[str] = None
class OrgIDMixin(CustomBaseModel):
organisation_id: int
organisation_id: int = Field(gt=0)
class OrgPostOrgRequest(CustomBaseModel):

4
src/user/schemas.py
View file

@ -2,11 +2,13 @@
Pydantic models for the user module
"""
from typing import Optional
from pydantic import Field
from src.schemas import CustomBaseModel
class UserIDMixin(CustomBaseModel):
user_id: int
user_id: int = Field(gt=0)
class OIDCClaims(CustomBaseModel):