@sanderegg review:drop organization and renames

Author: pcrespov

packages/models-library/src/models_library/api_schemas_webserver/groups.py

@@ -20,8 +20,8 @@
     AccessRightsDict,
     Group,
     GroupMember,
-    OrganizationCreate,
-    OrganizationUpdate,
+    StandardGroupCreate,
+    StandardGroupUpdate,
 )
 from ..users import UserID
 from ..utils.common_validators import create__check_only_one_is_set__root_validator
@@ -147,25 +147,25 @@ class GroupCreate(InputSchema):
     description: str
     thumbnail: AnyUrl | None = None
 
-    def to_model(self) -> OrganizationCreate:
+    def to_model(self) -> StandardGroupCreate:
         data = _rename_keys(
             self.model_dump(mode="json", exclude_unset=True),
             name_map={"label": "name"},
         )
-        return OrganizationCreate(**data)
+        return StandardGroupCreate(**data)
 
 
 class GroupUpdate(InputSchema):
     label: str | None = None
     description: str | None = None
     thumbnail: AnyUrl | None = None
 
-    def to_model(self) -> OrganizationUpdate:
+    def to_model(self) -> StandardGroupUpdate:
         data = _rename_keys(
             self.model_dump(mode="json", exclude_unset=True),
             name_map={"label": "name"},
         )
-        return OrganizationUpdate(**data)
+        return StandardGroupUpdate(**data)
 
 
 class MyGroupsGet(OutputSchema):

packages/models-library/src/models_library/groups.py

@@ -78,13 +78,13 @@ class GroupMember(BaseModel):
     model_config = ConfigDict(from_attributes=True)
 
 
-class OrganizationCreate(BaseModel):
+class StandardGroupCreate(BaseModel):
     name: str
     description: str | None = None
     thumbnail: str | None = None
 
 
-class OrganizationUpdate(BaseModel):
+class StandardGroupUpdate(BaseModel):
     name: str | None = None
     description: str | None = None
     thumbnail: str | None = None

packages/pytest-simcore/src/pytest_simcore/simcore_webserver_groups_fixtures.py

@@ -16,13 +16,13 @@
 from aiohttp import web
 from aiohttp.test_utils import TestClient
 from models_library.api_schemas_webserver.groups import GroupGet
-from models_library.groups import GroupsByTypeTuple, OrganizationCreate
+from models_library.groups import GroupsByTypeTuple, StandardGroupCreate
 from models_library.users import UserID
 from pytest_simcore.helpers.webserver_login import NewUser, UserInfoDict
 from simcore_service_webserver.groups._groups_api import (
     add_user_in_group,
     create_standard_group,
-    delete_group,
+    delete_standard_group,
     list_user_groups_with_read_access,
 )
 
@@ -37,7 +37,7 @@ async def _create_organization(
     group, access_rights = await create_standard_group(
         app,
         user_id=user_id,
-        create=OrganizationCreate.model_validate(new_group),
+        create=StandardGroupCreate.model_validate(new_group),
     )
     return _groupget_model_dump(group=group, access_rights=access_rights)
 
@@ -107,10 +107,10 @@ async def standard_groups_owner(
         yield owner_user
 
         # clean groups
-        await delete_group(
+        await delete_standard_group(
             client.app, user_id=owner_user["id"], group_id=sparc_group["gid"]
         )
-        await delete_group(
+        await delete_standard_group(
             client.app, user_id=owner_user["id"], group_id=team_black_group["gid"]
         )
 

services/web/server/src/simcore_service_webserver/groups/_groups_api.py

@@ -6,8 +6,8 @@
     Group,
     GroupMember,
     GroupsByTypeTuple,
-    OrganizationCreate,
-    OrganizationUpdate,
+    StandardGroupCreate,
+    StandardGroupUpdate,
 )
 from models_library.products import ProductName
 from models_library.users import GroupID, UserID
@@ -87,19 +87,20 @@ async def get_product_group_for_user(
 
 
 #
-# ORGANIZATIONS CRUD operations
+# CRUD operations on groups linked to a user
 #
 
 
 async def create_standard_group(
     app: web.Application,
     *,
     user_id: UserID,
-    create: OrganizationCreate,
+    create: StandardGroupCreate,
 ) -> tuple[Group, AccessRightsDict]:
-    """
+    """NOTE: creation/update and deletion restricted to STANDARD groups
+
     raises GroupNotFoundError
-    raises UserInsufficientRightsError
+    raises UserInsufficientRightsError: needs WRITE access
     """
     return await _groups_db.create_standard_group(
         app,
@@ -108,65 +109,66 @@ async def create_standard_group(
     )
 
 
-async def get_organization(
+async def get_associated_group(
     app: web.Application,
     *,
     user_id: UserID,
     group_id: GroupID,
 ) -> tuple[Group, AccessRightsDict]:
     """
-    Gets group gid if user associated to it and has read access
 
     raises GroupNotFoundError
-    raises UserInsufficientRightsError
+    raises UserInsufficientRightsError: needs READ access
     """
-    return await _groups_db.get_user_group(app, user_id=user_id, group_9d=group_id)
+    return await _groups_db.get_user_group(app, user_id=user_id, group_id=group_id)
 
 
-async def update_group(
+async def update_standard_group(
     app: web.Application,
     *,
     user_id: UserID,
     group_id: GroupID,
-    update: OrganizationUpdate,
+    update: StandardGroupUpdate,
 ) -> tuple[Group, AccessRightsDict]:
-    """
+    """NOTE: creation/update and deletion restricted to STANDARD groups
 
     raises GroupNotFoundError
-    raises UserInsufficientRightsError
+    raises UserInsufficientRightsError: needs WRITE access
     """
 
-    return await _groups_db.update_user_group(
+    return await _groups_db.update_standard_group(
         app,
         user_id=user_id,
         group_id=group_id,
         update=update,
     )
 
 
-async def delete_group(
+async def delete_standard_group(
     app: web.Application, *, user_id: UserID, group_id: GroupID
 ) -> None:
-    """
+    """NOTE: creation/update and deletion restricted to STANDARD groups
 
     raises GroupNotFoundError
-    raises UserInsufficientRightsError
+    raises UserInsufficientRightsError: needs DELETE access
     """
-    return await _groups_db.delete_user_group(app, user_id=user_id, group_id=group_id)
+    return await _groups_db.delete_standard_group(
+        app, user_id=user_id, group_id=group_id
+    )
 
 
 #
-# ORGANIZATION MEMBERS
+# GROUP MEMBERS (= a user with some access-rights to a group)
 #
 
 
-async def list_users_in_group(
+async def list_group_members(
     app: web.Application, user_id: UserID, group_id: GroupID
 ) -> list[GroupMember]:
     return await _groups_db.list_users_in_group(app, user_id=user_id, group_id=group_id)
 
 
-async def get_user_in_group(
+async def get_group_member(
     app: web.Application,
     user_id: UserID,
     group_id: GroupID,
@@ -181,7 +183,7 @@ async def get_user_in_group(
     )
 
 
-async def update_user_in_group(
+async def update_group_member(
     app: web.Application,
     user_id: UserID,
     group_id: GroupID,
@@ -197,7 +199,7 @@ async def update_user_in_group(
     )
 
 
-async def delete_user_in_group(
+async def delete_group_member(
     app: web.Application,
     user_id: UserID,
     group_id: GroupID,

services/web/server/src/simcore_service_webserver/groups/_groups_db.py

@@ -10,8 +10,8 @@
     GroupInfoTuple,
     GroupMember,
     GroupsByTypeTuple,
-    OrganizationCreate,
-    OrganizationUpdate,
+    StandardGroupCreate,
+    StandardGroupUpdate,
 )
 from models_library.users import GroupID, UserID
 from simcore_postgres_database.errors import UniqueViolation
@@ -208,7 +208,7 @@ async def get_user_group(
     connection: AsyncConnection | None = None,
     *,
     user_id: UserID,
-    group_9d: GroupID,
+    group_id: GroupID,
 ) -> tuple[Group, AccessRightsDict]:
     """
     Gets group gid if user associated to it and has read access
@@ -218,9 +218,9 @@ async def get_user_group(
     """
     async with pass_or_acquire_connection(get_asyncpg_engine(app), connection) as conn:
         row = await _get_group_and_access_rights_or_raise(
-            conn, user_id=user_id, gid=group_9d
+            conn, user_id=user_id, gid=group_id
         )
-        _check_group_permissions(row, user_id, group_9d, "read")
+        _check_group_permissions(row, user_id, group_id, "read")
 
         group, access_rights = _to_group_info_tuple(row)
         return group, access_rights
@@ -245,15 +245,15 @@ async def get_product_group_for_user(
         return group, access_rights
 
 
-assert set(OrganizationCreate.model_fields).issubset({c.name for c in groups.columns})
+assert set(StandardGroupCreate.model_fields).issubset({c.name for c in groups.columns})
 
 
 async def create_standard_group(
     app: web.Application,
     connection: AsyncConnection | None = None,
     *,
     user_id: UserID,
-    create: OrganizationCreate,
+    create: StandardGroupCreate,
 ) -> tuple[Group, AccessRightsDict]:
 
     async with transaction_context(get_asyncpg_engine(app), connection) as conn:
@@ -288,16 +288,16 @@ async def create_standard_group(
         return group, deepcopy(_DEFAULT_GROUP_OWNER_ACCESS_RIGHTS)
 
 
-assert set(OrganizationUpdate.model_fields).issubset({c.name for c in groups.columns})
+assert set(StandardGroupUpdate.model_fields).issubset({c.name for c in groups.columns})
 
 
-async def update_user_group(
+async def update_standard_group(
     app: web.Application,
     connection: AsyncConnection | None = None,
     *,
     user_id: UserID,
     group_id: GroupID,
-    update: OrganizationUpdate,
+    update: StandardGroupUpdate,
 ) -> tuple[Group, AccessRightsDict]:
 
     values = update.model_dump(mode="json", exclude_unset=True)
@@ -314,7 +314,7 @@ async def update_user_group(
             # pylint: disable=no-value-for-parameter
             groups.update()
             .values(**values)
-            .where(groups.c.gid == row.gid)
+            .where((groups.c.gid == row.gid) & (groups.c.type == GroupType.STANDARD))
             .returning(*_GROUP_COLUMNS)
         )
         row = await result.fetchone()
@@ -324,7 +324,7 @@ async def update_user_group(
         return group, access_rights
 
 
-async def delete_user_group(
+async def delete_standard_group(
     app: web.Application,
     connection: AsyncConnection | None = None,
     *,
@@ -339,7 +339,9 @@ async def delete_user_group(
 
         await conn.execute(
             # pylint: disable=no-value-for-parameter
-            groups.delete().where(groups.c.gid == group.gid)
+            groups.delete().where(
+                (groups.c.gid == group.gid) & (groups.c.type == GroupType.STANDARD)
+            )
         )