✨(backend) domain accesses update API

Allow to update (PUT, PATCH) an access. Role can be change only to a role available depending to the authenticated user.
2024-09-27 15:54:44 +02:00
parent 976c955126
commit 00816e097c
5 changed files with 389 additions and 22 deletions
--- a/src/backend/mailbox_manager/api/serializers.py
+++ b/src/backend/mailbox_manager/api/serializers.py
@@ -2,11 +2,11 @@

 import json

-from rest_framework import serializers
+from rest_framework import exceptions, serializers

 from core.api.serializers import UserSerializer

-from mailbox_manager import enums, models
+from mailbox_manager import models
 from mailbox_manager.utils.dimail import DimailAPIClient


@@ -94,23 +94,29 @@ class MailDomainAccessSerializer(serializers.ModelSerializer):
        read_only_fields = ["id", "user", "can_set_role_to"]

    def get_can_set_role_to(self, access):
-        """Return roles available to set"""
-        roles = list(enums.MailDomainRoleChoices)
-        # get role of authenticated user
-        authenticated_user_role = access.user_role
-        if authenticated_user_role != enums.MailDomainRoleChoices.OWNER:
-            roles.remove(enums.MailDomainRoleChoices.OWNER)
-        # if the user authenticated is a viewer, they can't modify role
-        # and only an owner can change role of an owner
-        if authenticated_user_role == enums.MailDomainRoleChoices.VIEWER or (
-            authenticated_user_role != enums.MailDomainRoleChoices.OWNER
-            and access.role == enums.MailDomainRoleChoices.OWNER
-        ):
-            return []
-        # we only want to return other roles available to change,
-        # so we remove the current role of current access.
-        roles.remove(access.role)
-        return sorted(roles)
+        """Return roles available to set for the authenticated user"""
+        return access.get_can_set_role_to(self.context.get("request").user)
+
+    def validate(self, attrs):
+        """
+        Check access rights specific to writing (update)
+        """
+        request = self.context.get("request")
+        authenticated_user = getattr(request, "user", None)
+        role = attrs.get("role")
+
+        # Update
+        if self.instance:
+            can_set_role_to = self.instance.get_can_set_role_to(authenticated_user)
+
+            if role and role not in can_set_role_to:
+                message = (
+                    f"You are only allowed to set role to {', '.join(can_set_role_to)}"
+                    if can_set_role_to
+                    else "You are not allowed to modify role for this user."
+                )
+                raise exceptions.PermissionDenied(message)
+        return attrs


 class MailDomainAccessReadOnlySerializer(MailDomainAccessSerializer):
--- a/src/backend/mailbox_manager/api/viewsets.py
+++ b/src/backend/mailbox_manager/api/viewsets.py
@@ -2,12 +2,12 @@

 from django.db.models import Subquery

-from rest_framework import filters, mixins, viewsets
+from rest_framework import exceptions, filters, mixins, viewsets
 from rest_framework import permissions as drf_permissions

 from core import models as core_models

-from mailbox_manager import models
+from mailbox_manager import enums, models
 from mailbox_manager.api import permissions, serializers


@@ -58,6 +58,7 @@ class MailDomainViewSet(
 class MailDomainAccessViewSet(
    viewsets.GenericViewSet,
    mixins.ListModelMixin,
+    mixins.UpdateModelMixin,
    mixins.RetrieveModelMixin,
 ):
    """
@@ -66,6 +67,14 @@ class MailDomainAccessViewSet(
    GET /api/v1.0/mail-domains/<domain_slug>/accesses/:<domain_access_id>
        Return list of all domain accesses related to the logged-in user and one
        domain access if an id is provided.
+
+    PUT /api/v1.0/mail-domains/<domain_slug>/accesses/<domain_access_id>/ with expected data:
+        - role: str [owner|admin|viewer]
+        Return updated domain access
+
+    PATCH /api/v1.0/mail-domains/<domain_slug>/accesses/<domain_access_id>/ with expected data:
+        - role: str [owner|admin|viewer]
+        Return partially updated domain access
    """

    permission_classes = [drf_permissions.IsAuthenticated]
@@ -90,6 +99,7 @@ class MailDomainAccessViewSet(
        """Extra context provided to the serializer class."""
        context = super().get_serializer_context()
        context["domain_slug"] = self.kwargs["domain_slug"]
+        context["authenticated_user"] = self.request.user
        return context

    def get_queryset(self):
@@ -118,6 +128,28 @@ class MailDomainAccessViewSet(
            )
        return queryset

+    def perform_update(self, serializer):
+        """Check that we don't change the role if it leads to losing the last owner."""
+        instance = serializer.instance
+
+        # Check if the role is being updated and the new role is not "owner"
+        if (
+            "role" in self.request.data
+            and self.request.data["role"] != enums.MailDomainRoleChoices.OWNER
+        ):
+            domain = instance.domain
+            # Check if the access being updated is the last owner access for the domain
+            if (
+                instance.role == enums.MailDomainRoleChoices.OWNER
+                and domain.accesses.filter(
+                    role=enums.MailDomainRoleChoices.OWNER
+                ).count()
+                == 1
+            ):
+                message = "Cannot change the role to a non-owner role for the last owner access."
+                raise exceptions.PermissionDenied({"role": message})
+        serializer.save()
+

 class MailBoxViewSet(
    mixins.CreateModelMixin,