remove listing in users

Signed-off-by: Arvindh <[email protected]>
absmach · Jan 31, 2025 · ca7af6e · ca7af6e
1 parent e08a744
commit ca7af6e
Show file tree

Hide file tree

Showing 41 changed files with 402 additions and 3,879 deletions.
diff --git a/api/http/common.go b/api/http/common.go
@@ -20,74 +20,70 @@ import (
 )
 
 const (
-	MemberKindKey       = "member_kind"
-	PermissionKey       = "permission"
-	RelationKey         = "relation"
-	StatusKey           = "status"
-	OffsetKey           = "offset"
-	OrderKey            = "order"
-	LimitKey            = "limit"
-	MetadataKey         = "metadata"
-	ParentKey           = "parent_id"
-	OwnerKey            = "owner_id"
-	ClientKey           = "client"
-	UsernameKey         = "username"
-	NameKey             = "name"
-	GroupKey            = "group"
+	OffsetKey = "offset"
+	DirKey    = "dir"
+	OrderKey  = "order"
+	LimitKey  = "limit"
+
+	NameOrder = "name"
+	IDOrder   = "id"
+	AscDir    = "asc"
+	DescDir   = "desc"
+
+	MetadataKey = "metadata"
+	NameKey     = "name"
+	TagKey      = "tag"
+	StatusKey   = "status"
+
+	ClientKey   = "client"
+	ChannelKey  = "channel"
+	ConnTypeKey = "connection_type"
+	GroupKey    = "group"
+	DomainKey   = "domain"
+
+	StartLevelKey = "start_level"
+	EndLevelKey   = "end_level"
+	TreeKey       = "tree"
+	ParentKey     = "parent_id"
+	LevelKey      = "level"
+
+	TokenKey   = "token"
+	SubjectKey = "subject"
+	ObjectKey  = "object"
+
 	ActionKey           = "action"
 	ActionsKey          = "actions"
 	RoleIDKey           = "role_id"
 	RoleNameKey         = "role_name"
 	AccessProviderIDKey = "access_provider_id"
 	AccessTypeKey       = "access_type"
-	TagKey              = "tag"
-	FirstNameKey        = "first_name"
-	LastNameKey         = "last_name"
-	TotalKey            = "total"
-	SubjectKey          = "subject"
-	ObjectKey           = "object"
-	LevelKey            = "level"
-	StartLevelKey       = "start_level"
-	EndLevelKey         = "end_level"
-	TreeKey             = "tree"
-	DirKey              = "dir"
-	ListPerms           = "list_perms"
-	VisibilityKey       = "visibility"
-	EmailKey            = "email"
-	SharedByKey         = "shared_by"
-	TokenKey            = "token"
-	UserKey             = "user"
-	DomainKey           = "domain"
-	ChannelKey          = "channel"
-	ConnTypeKey         = "connection_type"
-	DefPermission       = "read_permission"
-	DefTotal            = uint64(100)
-	DefOffset           = 0
-	DefOrder            = "updated_at"
-	DefDir              = "asc"
-	DefLimit            = 10
-	DefLevel            = 0
-	DefStartLevel       = 1
-	DefEndLevel         = 0
-	DefStatus           = "enabled"
-	DefClientStatus     = clients.Enabled
-	DefUserStatus       = users.Enabled
-	DefGroupStatus      = groups.Enabled
-	DefListPerms        = false
-	SharedVisibility    = "shared"
-	MyVisibility        = "mine"
-	AllVisibility       = "all"
+
+	UsernameKey  = "username"
+	UserKey      = "user"
+	EmailKey     = "email"
+	FirstNameKey = "first_name"
+	LastNameKey  = "last_name"
+
+	DefTotal        = uint64(100)
+	DefOffset       = 0
+	DefOrder        = "updated_at"
+	DefDir          = "asc"
+	DefLimit        = 10
+	DefLevel        = 0
+	DefStartLevel   = 1
+	DefEndLevel     = 0
+	DefStatus       = "enabled"
+	DefClientStatus = clients.Enabled
+	DefUserStatus   = users.Enabled
+	DefGroupStatus  = groups.Enabled
+
 	// ContentType represents JSON content type.
 	ContentType = "application/json"
 
 	// MaxNameSize limits name size to prevent making them too complex.
 	MaxLimitSize = 100
 	MaxNameSize  = 1024
 	MaxIDSize    = 36
-	NameOrder    = "name"
-	IDOrder      = "id"
-	AscDir       = "asc"
-	DescDir      = "desc"
 )
 
 // ValidateUUID validates UUID format.

diff --git a/api/http/util/errors.go b/api/http/util/errors.go
@@ -141,7 +141,7 @@ var (
 	// ErrInvalidComparator indicates an invalid comparator.
 	ErrInvalidComparator = errors.New("invalid comparator")
 
-	// ErrMissingMemberIDs indicates missing group member type.
+	// ErrMissingMemberIDs indicates missing member ids.
 	ErrMissingMemberIDs = errors.New("missing member ids")
 
 	// ErrMissingMemberType indicates missing group member type.

diff --git a/apidocs/openapi/clients.yml b/apidocs/openapi/clients.yml
@@ -520,6 +520,36 @@ paths:
         "500":
           $ref: "#/components/responses/ServiceError"
 
+  /{domainID}/clients/{clientID}/roles/members:
+    get:
+      operationId: getClientMembers
+      tags:
+        - Roles
+      summary: Retrieves client members from all roles.
+      description: |
+        Retrieves members from role for the specific client.
+      parameters:
+        - $ref: "auth.yml#/components/parameters/DomainID"
+        - $ref: "#/components/parameters/clientID"
+      security:
+        - bearerAuth: []
+      responses:
+        "200":
+          $ref: "./schemas/roles.yml#/components/responses/ListEntityMembersRes"
+        "400":
+          description: Failed due to malformed query parameters.
+        "401":
+          description: |
+            Missing or invalid access token provided.
+        "403":
+          description: Failed to perform authorization over the entity.
+        "404":
+          description: A non-existent entity request.
+        "422":
+          description: Database can't process request.
+        "500":
+          $ref: "#/components/responses/ServiceError"
+
   /{domainID}/clients/{clientID}/roles/{roleID}:
     get:
       operationId: getClientRole

diff --git a/apidocs/openapi/domains.yml b/apidocs/openapi/domains.yml
@@ -379,6 +379,35 @@ paths:
         "500":
           $ref: "#/components/responses/ServiceError"
 
+  /domain/{domainID}/roles/members:
+    get:
+      operationId: getDomainMembers
+      tags:
+        - Roles
+      summary: Retrieves domain members from all roles.
+      description: |
+        Retrieves members from role for the specific domain.
+      parameters:
+        - $ref: "auth.yml#/components/parameters/DomainID"
+      security:
+        - bearerAuth: []
+      responses:
+        "200":
+          $ref: "./schemas/roles.yml#/components/responses/ListEntityMembersRes"
+        "400":
+          description: Failed due to malformed query parameters.
+        "401":
+          description: |
+            Missing or invalid access token provided.
+        "403":
+          description: Failed to perform authorization over the entity.
+        "404":
+          description: A non-existent entity request.
+        "422":
+          description: Database can't process request.
+        "500":
+          $ref: "#/components/responses/ServiceError"
+
   /domains/{domainID}/roles/{roleID}/actions:
     post:
       operationId: addDomainRoleAction

diff --git a/apidocs/openapi/groups.yml b/apidocs/openapi/groups.yml
@@ -564,6 +564,36 @@ paths:
         "500":
           $ref: "#/components/responses/ServiceError"
 
+  /{domainID}/groups/{groupID}/roles/members:
+    get:
+      operationId: getGroupMembers
+      tags:
+        - Roles
+      summary: Retrieves group members from all roles.
+      description: |
+        Retrieves members from role for the specific group.
+      parameters:
+        - $ref: "auth.yml#/components/parameters/DomainID"
+        - $ref: "#/components/parameters/GroupID"
+      security:
+        - bearerAuth: []
+      responses:
+        "200":
+          $ref: "./schemas/roles.yml#/components/responses/ListEntityMembersRes"
+        "400":
+          description: Failed due to malformed query parameters.
+        "401":
+          description: |
+            Missing or invalid access token provided.
+        "403":
+          description: Failed to perform authorization over the entity.
+        "404":
+          description: A non-existent entity request.
+        "422":
+          description: Database can't process request.
+        "500":
+          $ref: "#/components/responses/ServiceError"
+
   /{domainID}/groups/{groupID}/roles/{roleID}:
     get:
       operationId: getGroupRole

diff --git a/apidocs/openapi/schemas/roles.yml b/apidocs/openapi/schemas/roles.yml
@@ -135,6 +135,31 @@ components:
           example: 10
           description: Maximum number of items to return in one page.
 
+    EntityMembersPage:
+      type: object
+      properties:
+        groups:
+          type: array
+          minItems: 0
+          uniqueItems: true
+          items:
+            $ref: "#/components/schemas/EntityMembersObj"
+        total:
+          type: integer
+          example: 1
+          description: Total number of items.
+        offset:
+          type: integer
+          description: Number of items to skip during retrieval.
+        limit:
+          type: integer
+          example: 10
+          description: Maximum number of items to return in one page.
+      required:
+        - groups
+        - total
+        - offset
+
     RoleActionsObj:
       type: object
       properties:
@@ -163,6 +188,57 @@ components:
               "c01ed106-e52d-4aa4-bed3-39f360177cfa",
             ]
 
+    EntityMembersObj:
+      type: object
+      properties:
+        members:
+          type: array
+          description: List of members with assigned roles and actions.
+          items:
+            type: object
+            properties:
+              id:
+                type: string
+                format: uuid
+                description: Unique identifier of the member.
+              roles:
+                type: array
+                description: List of roles assigned to the member.
+                items:
+                  type: object
+                  properties:
+                    id:
+                      type: string
+                      format: uuid
+                      description: Unique identifier of the role.
+                    name:
+                      type: string
+                      description: Name of the role.
+                    actions:
+                      type: array
+                      description: List of actions the member can perform.
+                      items:
+                        type: string
+                    access_type:
+                      type: string
+                      description: Type of access granted.
+                      enum: [read, write, admin] # Adjust based on your actual access types.
+          example:
+            members:
+              - id: "5dc1ce4b-7cc9-4f12-98a6-9d74cc4980bb"
+                roles:
+                  - id: "a1b2c3d4-e5f6-7890-1234-56789abcdef0"
+                    name: "Admin"
+                    actions: ["create", "update", "delete"]
+                    access_type: "admin"
+              - id: "c01ed106-e52d-4aa4-bed3-39f360177cfa"
+                roles:
+                  - id: "b2c3d4e5-f678-9012-3456-789abcdef012"
+                    name: "Editor"
+                    actions: ["read", "update"]
+                    access_type: "write"
+
+
     AvailableActionsObj:
       type: object
       properties:
@@ -284,3 +360,11 @@ components:
         application/json:
           schema:
             $ref: '#/components/schemas/AvailableActionsObj'
+
+
+    ListEntityMembersRes:
+      description: Entity members retrieved successfully.
+      content:
+        application/json:
+          schema:
+            $ref: '#/components/schemas/EntityMembersObj'