def elevate_user(current_user: User, target_user: User, user_group: UserGroup) -> UserGroup:
"""
Make a user the admin of a group.
:param current_user:
:param target_user:
:param user_group:
:return:
"""
if is_user_group_admin(current_user, user_group):
if not is_user_group_admin(target_user, user_group):
user_group.admins.append(target_user)
if target_user not in user_group.members:
user_group.members.append(target_user)
db.session.commit()
return user_group
raise AuthException(f'User{current_user.email} not authorized to modify group {user_group.id}')
def update_user_attachments(current_user: User, user_group: UserGroup, users: List[User]) -> UserGroup:
"""
Change which members belong to a user group.
:param current_user:
:param user_group:
:param users: The only users of the user group after this is called.
:return:
"""
if is_user_group_admin(current_user, user_group):
user_group.members = users
db.session.commit()
return user_group
raise AuthException(f'User {current_user.id} not authorized to modify group {user_group.id}')
def delete_user_group(user: User, user_group: UserGroup) -> Dict[str, str]:
"""
Delete a user group.
:param user:
:param user_group:
:return:
"""
if is_user_group_admin(user, user_group) or user.admin:
user_group_id = user_group.id
db.session.delete(user_group)
db.session.commit()
return {'message': f'User group {user_group_id} deleted.'}
raise AuthException(f'User {user.email} not permitted to modify user group {user_group.id}')
def detach_user(current_user: User, target_user: User, user_group: UserGroup) -> UserGroup:
"""
Remove a user from a user group.
:param current_user:
:param target_user:
:param user_group:
:return:
"""
if target_user is current_user or is_user_group_admin(current_user, user_group):
if target_user in user_group.members:
user_group.members.remove(target_user)
db.session.commit()
return user_group
raise AuthException(f'User {current_user.email} not permitted to modify group {user_group.id}')
def attach_user(current_user: User, target_user: User, user_group: UserGroup) -> UserGroup:
"""
Make a user a member of a user group.
:param current_user:
:param target_user:
:param user_group:
:return:
"""
if is_user_group_admin(current_user, user_group):
if target_user not in user_group.members:
user_group.members.append(target_user)
db.session.commit()
return user_group
raise AuthException(f'User {current_user.email} is not authorized to attach user '
f'{target_user.email} to group {user_group.id}')
def update_user_group(user: User, user_group: UserGroup, new_data: Dict[str, Any]) -> UserGroup:
"""
Update the user groups information.
:param user:
:param user_group:
:param new_data:
:return:
"""
if is_user_group_admin(user, user_group):
if 'id' in new_data:
if user_group.id != int(new_data['id']) and UserGroup.query.filter_by(id=new_data['id']) is not None:
raise ValueError(f'User group with id {new_data["id"]} already exists!')
user_group.update(new_data)
db.session.commit()
return user_group
raise AuthException(f'User {user.email} is not authorized to modify user group {user_group.id}')
def update_admins(current_user: User, user_group: UserGroup, users: List[User]) -> UserGroup:
if is_user_group_admin(current_user, user_group):
user_group.admins = users
db.session.commit()
return user_group
raise AuthException(f'User {current_user.id} not authorized to modify group {user_group.id}')