minor: >0 user id in bodies

fix: userschema config
Required for Pydantic to map a SQLAlchemy model to it.
2026-06-02 14:40:24 +01:00 · 2026-06-02 14:37:07 +01:00 · 2026-06-02 14:21:05 +01:00 · 2026-06-02 14:18:04 +01:00 · 2026-06-02 13:52:52 +01:00 · 2026-06-02 13:50:13 +01:00
4 changed files with 18 additions and 14 deletions
--- a/src/iam/router.py
+++ b/src/iam/router.py
@ -86,7 +86,7 @@ async def get_group_permissions(group_model: group_model_query_dependency, org_m
@router.get("/group/users", response_model=IAMGetGroupUsersResponse)
 async def get_group_users(group_model: group_model_query_dependency, org_model: org_model_root_claim_query_dependency):
-	if group_model.org_id == org_model.id:
+	if group_model.org_id != org_model.id:
 		raise UnauthorizedException()
 	return {"users": group_model.user_rel}
@ -108,7 +108,7 @@ async def create_group(db: db_dependency, org_model: org_model_root_claim_body_d
@router.put("/group/permission", response_model=IAMPutGroupPermissionResponse)
 async def add_group_permission(db: db_dependency, group_model: group_model_body_dependency, perm_model: perm_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMPutGroupPermissionRequest):
-	if group_model.org_id == org_model.id:
+	if group_model.org_id != org_model.id:
 		raise UnauthorizedException()
 	if perm_model in group_model.permission_rel:
@ -124,7 +124,7 @@ async def add_group_permission(db: db_dependency, group_model: group_model_body_
@router.put("/group/user")
 async def add_group_user(db: db_dependency, group_model: group_model_body_dependency, user_model: user_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMPutGroupUserRequest):
-	if group_model.org_id == org_model.id:
+	if group_model.org_id != org_model.id:
 		raise UnauthorizedException()
 	if user_model in group_model.user_rel:
@ -139,7 +139,7 @@ async def add_group_user(db: db_dependency, group_model: group_model_body_depend
@router.delete("/group/permissions")
 async def remove_group_permissions(db: db_dependency, group_model: group_model_body_dependency, perm_model: perm_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMDeleteGroupPermissionRequest):
-	if group_model.org_id == org_model.id:
+	if group_model.org_id != org_model.id:
 		raise UnauthorizedException()
 	group_model.permission_rel.remove(perm_model)
@ -152,7 +152,7 @@ async def remove_group_permissions(db: db_dependency, group_model: group_model_b
@router.delete("/group/user")
 async def remove_group_user(db: db_dependency, group_model: group_model_body_dependency, user_model: user_model_body_dependency, org_model: org_model_root_claim_body_dependency, request_model: IAMDeleteGroupUserRequest):
-	if group_model.org_id == org_model.id:
+	if group_model.org_id != org_model.id:
 		raise UnauthorizedException()
 	user_model.group_rel.remove(group_model)
--- a/src/iam/schemas.py
+++ b/src/iam/schemas.py
@ -8,7 +8,7 @@ Models follow the nomenclature of:
 """
 from typing import Optional
-from pydantic import EmailStr, ConfigDict
+from pydantic import EmailStr, ConfigDict, Field
 from src.organisation.schemas import OrgIDMixin
 from src.schemas import CustomBaseModel
@ -16,6 +16,8 @@ from user.schemas import UserIDMixin
 class UserSchema(CustomBaseModel):
 	model_config = ConfigDict(from_attributes=True, extra="ignore")
 	id: int
 	first_name: str
 	last_name: str
@ -33,10 +35,10 @@ class GroupSchema(CustomBaseModel):
 	name: str
 class GroupIDMixin(CustomBaseModel):
-	group_id: int
+	group_id: int = Field(gt=0)
 class PermIDMixin(CustomBaseModel):
-	permission_id: int
+	permission_id: int = Field(gt=0)
 class IAMGetGroupPermissionsResponse(CustomBaseModel):
 	permissions: list[PermissionSchema]
@ -45,19 +47,19 @@ class IAMGetGroupUsersResponse(CustomBaseModel):
 	users : list[UserSchema]
 class IAMPostGroupRequest(OrgIDMixin):
-	name: str
+	name: str = Field(min_length=3)
 class IAMPostGroupResponse(CustomBaseModel):
 	group: GroupSchema
-class IAMPutGroupPermissionRequest(GroupIDMixin, PermIDMixin):
+class IAMPutGroupPermissionRequest(GroupIDMixin, PermIDMixin, OrgIDMixin):
 	pass
 class IAMPutGroupPermissionResponse(CustomBaseModel):
 	group: GroupSchema
 	permissions: list[PermissionSchema]
-class IAMPutGroupUserRequest(GroupIDMixin, UserIDMixin):
+class IAMPutGroupUserRequest(GroupIDMixin, UserIDMixin, OrgIDMixin):
 	pass
 class IAMPutGroupUserResponse(CustomBaseModel):
--- a/src/organisation/schemas.py
+++ b/src/organisation/schemas.py
@ -8,7 +8,7 @@ Models follow the nomenclature of:
 """
 from typing import Optional
-from pydantic import EmailStr, ConfigDict
+from pydantic import EmailStr, ConfigDict, Field
 from src.schemas import CustomBaseModel
 from src.contact.schemas import ContactModel
@ -23,7 +23,7 @@ class Questionnaire(CustomBaseModel):
 	question_three: Optional[str] = None
 class OrgIDMixin(CustomBaseModel):
-	organisation_id: int
+	organisation_id: int = Field(gt=0)
 class OrgPostOrgRequest(CustomBaseModel):
--- a/src/user/schemas.py
+++ b/src/user/schemas.py
@ -2,11 +2,13 @@
 Pydantic models for the user module
 """
 from typing import Optional
 from pydantic import Field
 from src.schemas import CustomBaseModel
 class UserIDMixin(CustomBaseModel):
-	user_id: int
+	user_id: int = Field(gt=0)
 class OIDCClaims(CustomBaseModel):
Author	SHA1	Message	Date
luxferre	9403e9291f	minor: >0 user id in bodies	2026-06-02 14:40:24 +01:00
luxferre	3052565258	fix: userschema config Required for Pydantic to map a SQLAlchemy model to it.	2026-06-02 14:37:07 +01:00
luxferre	2f4b7b8733	fix: missing org id in req	2026-06-02 14:21:05 +01:00
luxferre	5ec1f2272a	minor: >0 perm & group id in bodies	2026-06-02 14:18:04 +01:00
luxferre	c6542f48c1	fix: multiple inverted conditionals	2026-06-02 13:52:52 +01:00
luxferre	5104257a50	fix: missing org id in req body	2026-06-02 13:50:13 +01:00
luxferre	3ea782d68f	minor: min length on group name post	2026-06-02 13:37:42 +01:00
luxferre	e4559b8ee4	minor: >0 check on org ids in bodies	2026-06-02 13:34:05 +01:00
luxferre	7d109f0f73	fix: inverted conditional in get group users	2026-06-02 12:22:36 +01:00