Changed how users are added to organizations, and now shows all other team members in an org.

Author: kevinjnev

backend/app/api/main.py

@@ -19,10 +19,16 @@
 api_router.include_router(users.router)
 api_router.include_router(utils.router)
 api_router.include_router(items.router)
-api_router.include_router(organizations.router, prefix="/organizations", tags=["organizations"])
+api_router.include_router(
+    organizations.router, prefix="/organizations", tags=["organizations"]
+)
 api_router.include_router(projects.router, prefix="/projects", tags=["projects"])
-api_router.include_router(project_access.router, prefix="/projects", tags=["project-access"])
-api_router.include_router(invitations.router, prefix="/invitations", tags=["invitations"])
+api_router.include_router(
+    project_access.router, prefix="/projects", tags=["project-access"]
+)
+api_router.include_router(
+    invitations.router, prefix="/invitations", tags=["invitations"]
+)
 api_router.include_router(galleries.router, prefix="/galleries", tags=["galleries"])
 
 

backend/app/api/routes/galleries.py

@@ -47,7 +47,10 @@ def read_galleries(
                 raise HTTPException(status_code=403, detail="Not enough permissions")
         else:
             # Team member must be in same organization
-            if not current_user.organization_id or project.organization_id != current_user.organization_id:
+            if (
+                not current_user.organization_id
+                or project.organization_id != current_user.organization_id
+            ):
                 raise HTTPException(status_code=403, detail="Not enough permissions")
 
         galleries = crud.get_galleries_by_project(
@@ -65,14 +68,18 @@ def read_galleries(
 
             # Get galleries for all accessible projects
             galleries = []
-            for pid in project_ids[skip:skip+limit]:
+            for pid in project_ids[skip : skip + limit]:
                 project_galleries = crud.get_galleries_by_project(
                     session=session, project_id=pid, skip=0, limit=100
                 )
                 galleries.extend(project_galleries)
 
             count = sum(
-                len(crud.get_galleries_by_project(session=session, project_id=pid, skip=0, limit=1000))
+                len(
+                    crud.get_galleries_by_project(
+                        session=session, project_id=pid, skip=0, limit=1000
+                    )
+                )
                 for pid in project_ids
             )
         else:
@@ -147,7 +154,10 @@ def read_gallery(session: SessionDep, current_user: CurrentUser, id: uuid.UUID)
             raise HTTPException(status_code=403, detail="Not enough permissions")
     else:
         # Team member must be in same organization
-        if not current_user.organization_id or project.organization_id != current_user.organization_id:
+        if (
+            not current_user.organization_id
+            or project.organization_id != current_user.organization_id
+        ):
             raise HTTPException(status_code=403, detail="Not enough permissions")
 
     return gallery

backend/app/api/routes/invitations.py

@@ -102,4 +102,3 @@ def delete_invitation(
     session.delete(invitation)
     session.commit()
     return {"message": "Invitation deleted"}
-

backend/app/api/routes/organizations.py

@@ -67,7 +67,10 @@ def read_organization(
         raise HTTPException(status_code=404, detail="Organization not found")
 
     # Only allow viewing own organization (unless superuser)
-    if not current_user.is_superuser and current_user.organization_id != organization_id:
+    if (
+        not current_user.is_superuser
+        and current_user.organization_id != organization_id
+    ):
         raise HTTPException(
             status_code=403,
             detail="Not enough permissions",
@@ -93,7 +96,10 @@ def update_organization(
         raise HTTPException(status_code=404, detail="Organization not found")
 
     # Only allow updating own organization (unless superuser)
-    if not current_user.is_superuser and current_user.organization_id != organization_id:
+    if (
+        not current_user.is_superuser
+        and current_user.organization_id != organization_id
+    ):
         raise HTTPException(
             status_code=403,
             detail="Not enough permissions",
@@ -106,4 +112,3 @@ def update_organization(
     session.refresh(organization)
 
     return organization
-

backend/app/api/routes/project_access.py

@@ -45,7 +45,10 @@ def grant_project_access(
         raise HTTPException(status_code=404, detail="Project not found")
 
     # Check if current user's organization owns the project
-    if not current_user.organization_id or current_user.organization_id != project.organization_id:
+    if (
+        not current_user.organization_id
+        or current_user.organization_id != project.organization_id
+    ):
         raise HTTPException(
             status_code=403,
             detail="You don't have permission to manage this project",
@@ -128,9 +131,7 @@ def revoke_project_access(
         raise HTTPException(status_code=403, detail="Access denied")
 
     # Revoke access
-    crud.delete_project_access(
-        session=session, project_id=project_id, user_id=user_id
-    )
+    crud.delete_project_access(session=session, project_id=project_id, user_id=user_id)
     return Message(message="Access revoked successfully")
 
 
@@ -175,4 +176,3 @@ def update_project_access_permissions(
         session=session, db_access=db_access, access_in=access_in
     )
     return access
-

backend/app/api/routes/users.py

@@ -62,18 +62,11 @@ def read_clients(
         )
 
     count_statement = (
-        select(func.count())
-        .select_from(User)
-        .where(User.user_type == "client")
+        select(func.count()).select_from(User).where(User.user_type == "client")
     )
     count = session.exec(count_statement).one()
 
-    statement = (
-        select(User)
-        .where(User.user_type == "client")
-        .offset(skip)
-        .limit(limit)
-    )
+    statement = select(User).where(User.user_type == "client").offset(skip).limit(limit)
     users = session.exec(statement).all()
 
     return UsersPublic(data=users, count=count)
@@ -207,6 +200,48 @@ def register_user(session: SessionDep, user_in: UserRegister) -> Any:
     return user
 
 
+@router.get("/organization-members", response_model=UsersPublic)
+def get_organization_members(
+    session: SessionDep,
+    current_user: CurrentUser,
+    skip: int = 0,
+    limit: int = 100,
+) -> Any:
+    """
+    Get all members of the current user's organization.
+    Accessible by team members to see their organization members.
+    """
+    if getattr(current_user, "user_type", None) != "team_member":
+        raise HTTPException(
+            status_code=403, detail="Only team members can view organization members"
+        )
+
+    if not current_user.organization_id:
+        raise HTTPException(
+            status_code=400,
+            detail="You must be part of an organization to view members",
+        )
+
+    count_statement = (
+        select(func.count())
+        .select_from(User)
+        .where(User.organization_id == current_user.organization_id)
+        .where(User.user_type == "team_member")
+    )
+    count = session.exec(count_statement).one()
+
+    statement = (
+        select(User)
+        .where(User.organization_id == current_user.organization_id)
+        .where(User.user_type == "team_member")
+        .offset(skip)
+        .limit(limit)
+    )
+    users = session.exec(statement).all()
+
+    return UsersPublic(data=users, count=count)
+
+
 @router.get("/pending", response_model=UsersPublic)
 def get_pending_users(
     session: SessionDep,
@@ -219,7 +254,9 @@ def get_pending_users(
     Accessible by team members to invite people to their organization.
     """
     if getattr(current_user, "user_type", None) != "team_member":
-        raise HTTPException(status_code=403, detail="Only team members can invite users")
+        raise HTTPException(
+            status_code=403, detail="Only team members can invite users"
+        )
 
     from sqlmodel import select
 
@@ -255,7 +292,10 @@ def assign_user_to_organization(
     Team members can assign users to their own organization.
     Superusers can assign to any organization.
     """
-    if getattr(current_user, "user_type", None) != "team_member" and not current_user.is_superuser:
+    if (
+        getattr(current_user, "user_type", None) != "team_member"
+        and not current_user.is_superuser
+    ):
         raise HTTPException(status_code=403, detail="Not enough permissions")
 
     user = session.get(User, user_id)
@@ -269,11 +309,15 @@ def assign_user_to_organization(
     else:
         # Team members assign to their own organization
         if not current_user.organization_id:
-            raise HTTPException(status_code=400, detail="You must be part of an organization to invite others")
+            raise HTTPException(
+                status_code=400,
+                detail="You must be part of an organization to invite others",
+            )
         target_org_id = current_user.organization_id
 
     # Verify organization exists
     from app.models import Organization
+
     org = session.get(Organization, target_org_id)
     if not org:
         raise HTTPException(status_code=404, detail="Organization not found")

backend/app/core/db.py

@@ -29,8 +29,7 @@ def init_db(session: Session) -> None:
     if not user:
         # Create the superuser's organization
         organization_in = OrganizationCreate(
-            name="Admin Organization",
-            description="Organization for admin user"
+            name="Admin Organization", description="Organization for admin user"
         )
         organization = crud.create_organization(
             session=session, organization_in=organization_in

backend/app/crud.py

@@ -345,9 +345,7 @@ def delete_project_access(
     *, session: Session, project_id: uuid.UUID, user_id: uuid.UUID
 ) -> None:
     """Remove a user's access to a project"""
-    access = get_project_access(
-        session=session, project_id=project_id, user_id=user_id
-    )
+    access = get_project_access(session=session, project_id=project_id, user_id=user_id)
     if access:
         session.delete(access)
         session.commit()