def user_memberships_by_username_put(username) -> Response:
"""
Update the team and group memberships of a user.
:param username: Username that uniquely identifies a user.
:return: A response object for the PUT API request.
"""
jwt_claims: dict = get_claims(request)
jwt_username = jwt_claims.get('sub')
if username == jwt_username:
current_app.logger.info(
f'User {jwt_username} is updating their memberships.')
else:
current_app.logger.info(
f'User {jwt_username} is not authorized to update the memberships of user {username}.'
)
response = jsonify({
'self':
f'/v2/users/memberships/{username}',
'updated':
False,
'error':
f'User {jwt_username} is not authorized to update the memberships of user {username}.'
})
response.status_code = 400
return response
membership_data: dict = request.get_json()
teams_joined = membership_data.get('teams_joined')
teams_left = membership_data.get('teams_left')
groups_joined = membership_data.get('groups_joined')
groups_left = membership_data.get('groups_left')
committed: bool = False
try:
committed = TeamMemberDao.update_user_memberships(
username, teams_joined, teams_left, groups_joined, groups_left)
except SQLAlchemyError as e:
current_app.logger.error(str(e))
if committed:
response = jsonify({
'self': f'/v2/users/memberships/{username}',
'updated': True,
})
response.status_code = 201
return response
else:
response = jsonify({
'self': f'/v2/users/memberships/{username}',
'updated': False,
'error': "failed to update the user's memberships"
})
response.status_code = 500
return response
def group_members_by_group_id_and_username_delete(group_id: str,
username: str) -> Response:
"""
Soft delete a group membership. The membership is identified by a group's identifier and a user's username.
:param group_id: Unique id which identifies a group within a team.
:param username: Unique name for a user.
:return: A response object for the DELETE API request.
"""
jwt_claims: dict = get_claims(request)
jwt_username = jwt_claims.get('sub')
group_member: GroupMember = GroupMemberDao.get_group_member(
group_id=int(group_id), username=jwt_username)
if group_member is not None and group_member.user == 'admin' and group_member.status == 'accepted':
current_app.logger.info(
f'Admin user {jwt_username} is deleting the group membership for user {username} in group with id '
f'{group_id}.')
else:
current_app.logger.info(
f'User {jwt_username} is not authorized to delete the group membership for user {username} in group with '
f'id {group_id}.')
response = jsonify({
'self':
f'/v2/groups/members/{group_id}/{username}',
'deleted':
False,
'error':
f'User {jwt_username} is not authorized to delete the group membership for user {username} in '
f'group with id {group_id}.'
})
response.status_code = 400
return response
membership_deleted = GroupMemberDao.soft_delete_group_member(
int(group_id), username)
if membership_deleted:
team: Team = TeamDao.get_team_by_group_id(int(group_id))
user_groups: ResultProxy = GroupMemberDao.get_user_groups_in_team(
username, team.name)
# If the user has no more group memberships in this team, remove them from the team.
if user_groups.rowcount == 0:
TeamMemberDao.update_user_memberships(username=username,
teams_joined=[],
teams_left=[team.name],
groups_joined=[],
groups_left=[])
response = jsonify({
'self': f'/v2/groups/members/{group_id}/{username}',
'deleted': True,
})
response.status_code = 204
return response
else:
response = jsonify({
'self': f'/v2/groups/members/{group_id}/{username}',
'deleted': False,
'error': 'Failed to delete the group membership.'
})
response.status_code = 500
return response