split users in two

pcrespov · pcrespov · commit 9bfadfe65367 · 2025-06-13T18:02:54.000+02:00
diff --git a/api/specs/web-server/_users.py b/api/specs/web-server/_users.py
@@ -4,31 +4,23 @@
 # pylint: disable=too-many-arguments
 
 
-from enum import Enum
 from typing import Annotated
 
-from _common import as_query
 from fastapi import APIRouter, Depends, status
 from models_library.api_schemas_webserver.users import (
+    MyFunctionPermissionsGet,
     MyPermissionGet,
     MyProfileGet,
     MyProfilePatch,
     MyTokenCreate,
     MyTokenGet,
-    UserAccountApprove,
-    UserAccountGet,
-    UserAccountReject,
-    UserAccountSearchQueryParams,
     UserGet,
-    UsersAccountListQueryParams,
     UsersSearch,
 )
 from models_library.api_schemas_webserver.users_preferences import PatchRequestBody
 from models_library.generics import Envelope
-from models_library.rest_pagination import Page
 from models_library.user_preferences import PreferenceIdentifier
 from simcore_service_webserver._meta import API_VTAG
-from simcore_service_webserver.users._common.schemas import PreRegisteredUserGet
 from simcore_service_webserver.users._notifications import (
     UserNotification,
     UserNotificationCreate,
@@ -128,6 +120,13 @@ async def mark_notification_as_read(
 async def list_user_permissions(): ...
 
 
+@router.get(
+    "/me/function-permissions",
+    response_model=Envelope[MyFunctionPermissionsGet],
+)
+async def list_user_functions_permissions(): ...
+
+
 #
 # USERS public
 #
@@ -139,56 +138,3 @@ async def list_user_permissions(): ...
     description="Search among users who are publicly visible to the caller (i.e., me) based on their privacy settings.",
 )
 async def search_users(_body: UsersSearch): ...
-
-
-#
-# USERS admin
-#
-
-_extra_tags: list[str | Enum] = ["admin"]
-
-
-@router.get(
-    "/admin/user-accounts",
-    response_model=Page[UserAccountGet],
-    tags=_extra_tags,
-)
-async def list_users_accounts(
-    _query: Annotated[as_query(UsersAccountListQueryParams), Depends()],
-): ...
-
-
-@router.post(
-    "/admin/user-accounts:approve",
-    status_code=status.HTTP_204_NO_CONTENT,
-    tags=_extra_tags,
-)
-async def approve_user_account(_body: UserAccountApprove): ...
-
-
-@router.post(
-    "/admin/user-accounts:reject",
-    status_code=status.HTTP_204_NO_CONTENT,
-    tags=_extra_tags,
-)
-async def reject_user_account(_body: UserAccountReject): ...
-
-
-@router.get(
-    "/admin/user-accounts:search",
-    response_model=Envelope[list[UserAccountGet]],
-    tags=_extra_tags,
-)
-async def search_user_accounts(
-    _query: Annotated[UserAccountSearchQueryParams, Depends()],
-):
-    # NOTE: see `Search` in `Common Custom Methods` in https://cloud.google.com/apis/design/custom_methods
-    ...
-
-
-@router.post(
-    "/admin/user-accounts:pre-register",
-    response_model=Envelope[UserAccountGet],
-    tags=_extra_tags,
-)
-async def pre_register_user_account(_body: PreRegisteredUserGet): ...
diff --git a/api/specs/web-server/_users_admin.py b/api/specs/web-server/_users_admin.py
@@ -0,0 +1,72 @@
+# pylint: disable=redefined-outer-name
+# pylint: disable=unused-argument
+# pylint: disable=unused-variable
+# pylint: disable=too-many-arguments
+
+
+from enum import Enum
+from typing import Annotated
+
+from _common import as_query
+from fastapi import APIRouter, Depends, status
+from models_library.api_schemas_webserver.users import (
+    UserAccountApprove,
+    UserAccountGet,
+    UserAccountReject,
+    UserAccountSearchQueryParams,
+    UsersAccountListQueryParams,
+)
+from models_library.generics import Envelope
+from models_library.rest_pagination import Page
+from simcore_service_webserver._meta import API_VTAG
+from simcore_service_webserver.users._common.schemas import PreRegisteredUserGet
+
+router = APIRouter(prefix=f"/{API_VTAG}", tags=["users"])
+
+_extra_tags: list[str | Enum] = ["admin"]
+
+
+@router.get(
+    "/admin/user-accounts",
+    response_model=Page[UserAccountGet],
+    tags=_extra_tags,
+)
+async def list_users_accounts(
+    _query: Annotated[as_query(UsersAccountListQueryParams), Depends()],
+): ...
+
+
+@router.post(
+    "/admin/user-accounts:approve",
+    status_code=status.HTTP_204_NO_CONTENT,
+    tags=_extra_tags,
+)
+async def approve_user_account(_body: UserAccountApprove): ...
+
+
+@router.post(
+    "/admin/user-accounts:reject",
+    status_code=status.HTTP_204_NO_CONTENT,
+    tags=_extra_tags,
+)
+async def reject_user_account(_body: UserAccountReject): ...
+
+
+@router.get(
+    "/admin/user-accounts:search",
+    response_model=Envelope[list[UserAccountGet]],
+    tags=_extra_tags,
+)
+async def search_user_accounts(
+    _query: Annotated[UserAccountSearchQueryParams, Depends()],
+):
+    # NOTE: see `Search` in `Common Custom Methods` in https://cloud.google.com/apis/design/custom_methods
+    ...
+
+
+@router.post(
+    "/admin/user-accounts:pre-register",
+    response_model=Envelope[UserAccountGet],
+    tags=_extra_tags,
+)
+async def pre_register_user_account(_body: PreRegisteredUserGet): ...
diff --git a/api/specs/web-server/openapi.py b/api/specs/web-server/openapi.py
@@ -26,6 +26,7 @@
         "_tags_groups",  # after _tags
         "_products",
         "_users",
+        "_users_admin",  # after _users
         "_wallets",
         # add-ons ---
         "_activity",
diff --git a/packages/models-library/src/models_library/api_schemas_webserver/users.py b/packages/models-library/src/models_library/api_schemas_webserver/users.py
@@ -377,3 +377,7 @@ class MyPermissionGet(OutputSchema):
     @classmethod
     def from_domain_model(cls, permission: UserPermission) -> Self:
         return cls(name=permission.name, allowed=permission.allowed)
+
+
+class MyFunctionPermissionsGet(OutputSchema):
+    write_functions: bool
