From afa0a9649dacd100c9775d6e33463d8a2bd74a5a Mon Sep 17 00:00:00 2001 From: swve Date: Wed, 22 Mar 2023 23:14:22 +0100 Subject: [PATCH] feat: get only orgs that user has access to --- src/services/orgs.py | 30 ++++++++++++++++++++++++++--- src/services/users/schemas/users.py | 3 +++ 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/src/services/orgs.py b/src/services/orgs.py index 98f516bf..d5576c98 100644 --- a/src/services/orgs.py +++ b/src/services/orgs.py @@ -2,6 +2,7 @@ import json from typing import List from uuid import uuid4 from pydantic import BaseModel +from src.services.users.schemas.users import UserOrganization from src.services.users.users import PublicUser, User from src.services.security import * from fastapi import FastAPI, HTTPException, status, Request, Response, BackgroundTasks @@ -62,6 +63,7 @@ async def get_organization_by_slug(request: Request, org_slug: str): async def create_org(request: Request, org_object: Organization, current_user: PublicUser): orgs = request.app.db["organizations"] + user = request.app.db["users"] # find if org already exists using name isOrgAvailable = await orgs.find_one({"slug": org_object.slug}) @@ -79,6 +81,13 @@ async def create_org(request: Request, org_object: Organization, current_user: P org_in_db = await orgs.insert_one(org.dict()) + user_organization: UserOrganization = UserOrganization( + org_id=org_id, org_role="owner") + + # add org to user + await user.update_one({"user_id": current_user.user_id}, { + "$addToSet": {"orgs": user_organization.dict()}}) + if not org_in_db: raise HTTPException( status_code=status.HTTP_503_SERVICE_UNAVAILABLE, detail="Unavailable database") @@ -125,6 +134,10 @@ async def delete_org(request: Request, org_id: str, current_user: PublicUser): isDeleted = await orgs.delete_one({"org_id": org_id}) + # remove org from all users + users = request.app.db["users"] + await users.update_many({}, {"$pull": {"orgs": {"org_id": org_id}}}) + if isDeleted: return {"detail": "Org deleted"} else: @@ -134,9 +147,20 @@ async def delete_org(request: Request, org_id: str, current_user: PublicUser): async def get_orgs_by_user(request: Request, user_id: str, page: int = 1, limit: int = 10): orgs = request.app.db["organizations"] + user = request.app.db["users"] - # find all orgs where user_id is in owners or admins arrays - all_orgs = orgs.find({"$or": [{"owners": user_id}, {"admins": user_id}]}).sort( + # get user orgs + user_orgs = await user.find_one({"user_id": user_id}) + + org_ids : list[UserOrganization] = [] + + for org in user_orgs["orgs"]: + if org["org_role"] == "owner" or org["org_role"] == "editor" or org["org_role"] == "member": + org_ids.append(org["org_id"]) + + # find all orgs where org_id is in org_ids array + + all_orgs = orgs.find({"org_id": {"$in": org_ids}}).sort( "name", 1).skip(10 * (page - 1)).limit(100) return [json.loads(json.dumps(org, default=str)) for org in await all_orgs.to_list(length=100)] @@ -154,7 +178,7 @@ async def verify_org_rights(request: Request, org_id: str, current_user: Public status_code=status.HTTP_409_CONFLICT, detail="Organization does not exist") isOwner = current_user.user_id in org["owners"] - hasRoleRights = await verify_user_rights_with_roles(request, action, current_user.user_id, org_id) + hasRoleRights = await verify_user_rights_with_roles(request, action, current_user.user_id, org_id, org_id) if not hasRoleRights and not isOwner: raise HTTPException( diff --git a/src/services/users/schemas/users.py b/src/services/users/schemas/users.py index 2f093cce..974d1472 100644 --- a/src/services/users/schemas/users.py +++ b/src/services/users/schemas/users.py @@ -6,6 +6,9 @@ class UserOrganization(BaseModel): org_id: str org_role: Literal['owner', 'editor', 'member'] + def __getitem__(self, item): + return getattr(self, item) + class User(BaseModel): username: str