user can remove itself from project/workspace

Author: matusdrobuliak66

services/web/server/src/simcore_service_webserver/projects/_groups_api.py

@@ -139,13 +139,15 @@ async def delete_project_group(
     group_id: GroupID,
     product_name: ProductName,
 ) -> None:
-    await check_user_project_permission(
-        app,
-        project_id=project_id,
-        user_id=user_id,
-        product_name=product_name,
-        permission="delete",
-    )
+    user = await users_api.get_user(app, user_id=user_id)
+    if user["primary_gid"] != group_id:
+        await check_user_project_permission(
+            app,
+            project_id=project_id,
+            user_id=user_id,
+            product_name=product_name,
+            permission="delete",
+        )
 
     project_db: ProjectDBAPI = app[APP_PROJECT_DBAPI]
     project = await project_db.get_project_db(project_id)

services/web/server/src/simcore_service_webserver/workspaces/_groups_api.py

@@ -159,10 +159,11 @@ async def delete_workspace_group(
     group_id: GroupID,
     product_name: ProductName,
 ) -> None:
+    user = await users_api.get_user(app, user_id=user_id)
     workspace: UserWorkspaceAccessRightsDB = await workspaces_db.get_workspace_for_user(
         app=app, user_id=user_id, workspace_id=workspace_id, product_name=product_name
     )
-    if workspace.my_access_rights.delete is False:
+    if user["primary_gid"] != group_id and workspace.my_access_rights.delete is False:
         raise WorkspaceAccessForbiddenError(
             reason=f"User does not have delete access to workspace {workspace_id}"
         )