feat: get only orgs that user has access to

src/services/orgs.py

@@ -2,6 +2,7 @@ import json
 from typing import List
 from uuid import uuid4
 from pydantic import BaseModel
+from src.services.users.schemas.users import UserOrganization
 from src.services.users.users import PublicUser, User
 from src.services.security import *
 from fastapi import FastAPI, HTTPException, status, Request, Response, BackgroundTasks
@@ -62,6 +63,7 @@ async def get_organization_by_slug(request: Request, org_slug: str):
 
 async def create_org(request: Request, org_object: Organization, current_user: PublicUser):
     orgs = request.app.db["organizations"]
+    user = request.app.db["users"]
 
     # find if org already exists using name
     isOrgAvailable = await orgs.find_one({"slug": org_object.slug})
@@ -79,6 +81,13 @@ async def create_org(request: Request, org_object: Organization, current_user: P
 
     org_in_db = await orgs.insert_one(org.dict())
 
+    user_organization: UserOrganization = UserOrganization(
+        org_id=org_id, org_role="owner")
+    
+    # add org to user
+    await user.update_one({"user_id": current_user.user_id}, {
+        "$addToSet": {"orgs": user_organization.dict()}})
+
     if not org_in_db:
         raise HTTPException(
             status_code=status.HTTP_503_SERVICE_UNAVAILABLE, detail="Unavailable database")
@@ -125,6 +134,10 @@ async def delete_org(request: Request, org_id: str, current_user: PublicUser):
 
     isDeleted = await orgs.delete_one({"org_id": org_id})
 
+    # remove org from all users
+    users = request.app.db["users"]
+    await users.update_many({}, {"$pull": {"orgs": {"org_id": org_id}}})
+
     if isDeleted:
         return {"detail": "Org deleted"}
     else:
@@ -134,9 +147,20 @@ async def delete_org(request: Request, org_id: str, current_user: PublicUser):
 
 async def get_orgs_by_user(request: Request, user_id: str, page: int = 1, limit: int = 10):
     orgs = request.app.db["organizations"]
+    user = request.app.db["users"]
 
-    # find all orgs where user_id is in owners or admins arrays
+    # get user orgs 
-    all_orgs = orgs.find({"$or": [{"owners": user_id}, {"admins": user_id}]}).sort(
+    user_orgs = await user.find_one({"user_id": user_id})
+
+    org_ids : list[UserOrganization] = []
+
+    for org in user_orgs["orgs"]:
+        if org["org_role"] == "owner" or org["org_role"] == "editor" or org["org_role"] == "member":
+            org_ids.append(org["org_id"])
+
+    # find all orgs where org_id is in org_ids array
+
+    all_orgs = orgs.find({"org_id": {"$in": org_ids}}).sort(
         "name", 1).skip(10 * (page - 1)).limit(100)
 
     return [json.loads(json.dumps(org, default=str)) for org in await all_orgs.to_list(length=100)]
@@ -154,7 +178,7 @@ async def verify_org_rights(request: Request, org_id: str,  current_user: Public
             status_code=status.HTTP_409_CONFLICT, detail="Organization does not exist")
 
     isOwner = current_user.user_id in org["owners"]
-    hasRoleRights = await verify_user_rights_with_roles(request, action, current_user.user_id, org_id)
+    hasRoleRights = await verify_user_rights_with_roles(request, action, current_user.user_id, org_id, org_id)
 
     if not hasRoleRights and not isOwner:
         raise HTTPException(

src/services/users/schemas/users.py

@@ -6,6 +6,9 @@ class UserOrganization(BaseModel):
     org_id: str
     org_role: Literal['owner', 'editor', 'member'] 
 
+    def __getitem__(self, item):
+        return getattr(self, item)
+
 
 class User(BaseModel):
     username: str