def elevate_user(current_user: User, target_user: User, user_group: UserGroup) -> UserGroup: """ Make a user the admin of a group. :param current_user: :param target_user: :param user_group: :return: """ if is_user_group_admin(current_user, user_group): if not is_user_group_admin(target_user, user_group): user_group.admins.append(target_user) if target_user not in user_group.members: user_group.members.append(target_user) db.session.commit() return user_group raise AuthException(f'User{current_user.email} not authorized to modify group {user_group.id}')
def update_user_attachments(current_user: User, user_group: UserGroup, users: List[User]) -> UserGroup: """ Change which members belong to a user group. :param current_user: :param user_group: :param users: The only users of the user group after this is called. :return: """ if is_user_group_admin(current_user, user_group): user_group.members = users db.session.commit() return user_group raise AuthException(f'User {current_user.id} not authorized to modify group {user_group.id}')
def delete_user_group(user: User, user_group: UserGroup) -> Dict[str, str]: """ Delete a user group. :param user: :param user_group: :return: """ if is_user_group_admin(user, user_group) or user.admin: user_group_id = user_group.id db.session.delete(user_group) db.session.commit() return {'message': f'User group {user_group_id} deleted.'} raise AuthException(f'User {user.email} not permitted to modify user group {user_group.id}')
def detach_user(current_user: User, target_user: User, user_group: UserGroup) -> UserGroup: """ Remove a user from a user group. :param current_user: :param target_user: :param user_group: :return: """ if target_user is current_user or is_user_group_admin(current_user, user_group): if target_user in user_group.members: user_group.members.remove(target_user) db.session.commit() return user_group raise AuthException(f'User {current_user.email} not permitted to modify group {user_group.id}')
def attach_user(current_user: User, target_user: User, user_group: UserGroup) -> UserGroup: """ Make a user a member of a user group. :param current_user: :param target_user: :param user_group: :return: """ if is_user_group_admin(current_user, user_group): if target_user not in user_group.members: user_group.members.append(target_user) db.session.commit() return user_group raise AuthException(f'User {current_user.email} is not authorized to attach user ' f'{target_user.email} to group {user_group.id}')
def update_user_group(user: User, user_group: UserGroup, new_data: Dict[str, Any]) -> UserGroup: """ Update the user groups information. :param user: :param user_group: :param new_data: :return: """ if is_user_group_admin(user, user_group): if 'id' in new_data: if user_group.id != int(new_data['id']) and UserGroup.query.filter_by(id=new_data['id']) is not None: raise ValueError(f'User group with id {new_data["id"]} already exists!') user_group.update(new_data) db.session.commit() return user_group raise AuthException(f'User {user.email} is not authorized to modify user group {user_group.id}')
def update_admins(current_user: User, user_group: UserGroup, users: List[User]) -> UserGroup: if is_user_group_admin(current_user, user_group): user_group.admins = users db.session.commit() return user_group raise AuthException(f'User {current_user.id} not authorized to modify group {user_group.id}')