From 535e5a7fdd079a3b6927d412cfece98d5e88f181 Mon Sep 17 00:00:00 2001 From: Stephen McMurtry Date: Wed, 5 Feb 2025 21:19:08 +0000 Subject: [PATCH 1/2] got it working --- app/dao/permissions_dao.py | 4 ++++ app/dao/users_dao.py | 2 +- app/models.py | 6 ++++++ app/service/rest.py | 12 ++++++++++++ 4 files changed, 23 insertions(+), 1 deletion(-) diff --git a/app/dao/permissions_dao.py b/app/dao/permissions_dao.py index 2d5b88618b..a8cc8e5235 100644 --- a/app/dao/permissions_dao.py +++ b/app/dao/permissions_dao.py @@ -67,5 +67,9 @@ def get_permissions_by_user_id_and_service_id(self, user_id, service_id): self.Meta.model.query.filter_by(user_id=user_id).join(Permission.service).filter_by(active=True, id=service_id).all() ) + def get_team_members_with_permission(self, service_id, permission): + permission_objs = self.Meta.model.query.filter_by(service_id=service_id, permission=permission).join(Permission.user).filter_by(state="active").all() + return [p.user for p in permission_objs] + permission_dao = PermissionDAO() diff --git a/app/dao/users_dao.py b/app/dao/users_dao.py index 21f469d5d1..a17e5ec7d0 100644 --- a/app/dao/users_dao.py +++ b/app/dao/users_dao.py @@ -104,7 +104,7 @@ def verify_within_time(user, age=timedelta(seconds=30)): return query.count() -def get_user_by_id(user_id=None): +def get_user_by_id(user_id=None) -> User: if user_id: return User.query.filter_by(id=user_id).one() return User.query.filter_by().all() diff --git a/app/models.py b/app/models.py index dd04d61bf2..c0d8ca2b1d 100644 --- a/app/models.py +++ b/app/models.py @@ -645,6 +645,12 @@ def serialize_for_org_dashboard(self) -> dict: "research_mode": self.research_mode, } + def get_users_with_permission(self, permission): + from app.dao.permissions_dao import permission_dao + + if permission: + return permission_dao.get_team_members_with_permission(self.id, permission) + return [] class AnnualBilling(BaseModel): __tablename__ = "annual_billing" diff --git a/app/service/rest.py b/app/service/rest.py index 1934dabb7d..0a3e2378da 100644 --- a/app/service/rest.py +++ b/app/service/rest.py @@ -90,6 +90,7 @@ EMAIL_TYPE, KEY_TYPE_NORMAL, LETTER_TYPE, + MANAGE_SETTINGS, NOTIFICATION_CANCELLED, SMS_TYPE, EmailBranding, @@ -97,6 +98,7 @@ NotificationType, Permission, Service, + User, ) from app.notifications.process_notifications import ( persist_notification, @@ -490,6 +492,8 @@ def add_user_to_service(service_id, user_id): def remove_user_from_service(service_id, user_id): service = dao_fetch_service_by_id(service_id) user = get_user_by_id(user_id=user_id) + users_with_manage_settings_perm = service.get_users_with_permission(MANAGE_SETTINGS) + if user not in service.users: error = "User not found" raise InvalidRequest(error, status_code=404) @@ -498,6 +502,14 @@ def remove_user_from_service(service_id, user_id): error = "You cannot remove the only user for a service" raise InvalidRequest(error, status_code=400) + elif len(service.users) == 2: + error = "SERVICE_CANNOT_HAVE_LT_2_MEMBERS" + raise InvalidRequest(error, status_code=400) + + elif user in users_with_manage_settings_perm and len(users_with_manage_settings_perm) <= 1: + error = "SERVICE_NEEDS_USER_W_MANAGE_SETTINGS_PERM" + raise InvalidRequest(error, status_code=400) + dao_remove_user_from_service(service, user) if current_app.config["FF_SALESFORCE_CONTACT"]: From 23b81afe4cac433057c65f49d62742ad563d4b53 Mon Sep 17 00:00:00 2001 From: Stephen McMurtry Date: Wed, 5 Feb 2025 21:20:39 +0000 Subject: [PATCH 2/2] remove uneeded import --- app/service/rest.py | 1 - 1 file changed, 1 deletion(-) diff --git a/app/service/rest.py b/app/service/rest.py index 0a3e2378da..bce8065d99 100644 --- a/app/service/rest.py +++ b/app/service/rest.py @@ -98,7 +98,6 @@ NotificationType, Permission, Service, - User, ) from app.notifications.process_notifications import ( persist_notification,