feat: права и инвайты
This commit is contained in:
46
src/usecase/workspace/update_workspace_member_permissions.py
Normal file
46
src/usecase/workspace/update_workspace_member_permissions.py
Normal file
@@ -0,0 +1,46 @@
|
||||
from __future__ import annotations
|
||||
|
||||
import uuid
|
||||
from typing import TYPE_CHECKING
|
||||
|
||||
from src import domain, dto
|
||||
from src.usecase.workspace.mappers import workspace_member_to_dto
|
||||
|
||||
if TYPE_CHECKING:
|
||||
from .. import Usecase
|
||||
|
||||
|
||||
async def update_workspace_member_permissions(
|
||||
self: Usecase,
|
||||
workspace_id: uuid.UUID,
|
||||
workspace_user_id: uuid.UUID,
|
||||
user_id: uuid.UUID,
|
||||
input: dto.UpdateWorkspaceMemberPermissionsInput,
|
||||
) -> dto.WorkspaceMemberOutput:
|
||||
await self.ensure_workspace_permission(workspace_id, user_id, domain.PermissionKey.ADMIN_FULL)
|
||||
|
||||
member = await self.database.get_workspace_member(workspace_user_id)
|
||||
if not member or member.workspace_id != workspace_id:
|
||||
raise domain.WorkspaceAccessDenied(workspace_id)
|
||||
|
||||
global_permissions: set[domain.PermissionKey] = set()
|
||||
scoped_assignments: set[tuple[domain.PermissionKey, domain.PermissionScopeType, uuid.UUID]] = set()
|
||||
|
||||
for permission in input.permissions:
|
||||
if permission.scopes:
|
||||
for scope in permission.scopes:
|
||||
scoped_assignments.add((permission.key, scope.type, scope.id))
|
||||
else:
|
||||
global_permissions.add(permission.key)
|
||||
|
||||
await self.database.set_workspace_user_permissions(
|
||||
member.id,
|
||||
global_permissions=global_permissions,
|
||||
scoped_permissions=list(scoped_assignments),
|
||||
)
|
||||
|
||||
updated_member = await self.database.get_workspace_member(member.id)
|
||||
if not updated_member:
|
||||
raise domain.WorkspaceAccessDenied(workspace_id)
|
||||
|
||||
return workspace_member_to_dto(updated_member)
|
||||
Reference in New Issue
Block a user