Skip to content

Commit 180cabb

Browse files
signebedisignebedi
committed
Added: admin update group api route (#109)
1 parent 5f9571b commit 180cabb

File tree

2 files changed

+50
-2
lines changed

2 files changed

+50
-2
lines changed

libreforms_fastapi/app/__init__.py

+49-2
Original file line numberDiff line numberDiff line change
@@ -1987,8 +1987,6 @@ async def api_admin_create_group(
19871987
if not user or not user.site_admin:
19881988
raise HTTPException(status_code=404)
19891989

1990-
group = session.query(Group).filter_by(name='default').first()
1991-
19921990
existing_group = session.query(Group).filter_by(name=group_request.name).first()
19931991
if existing_group:
19941992
# Consider adding IP tracking to failed attempt
@@ -2026,6 +2024,55 @@ async def api_admin_create_group(
20262024

20272025

20282026
# Update group
2027+
@app.post(
2028+
"/api/admin/update_group/{id}",
2029+
dependencies=[Depends(api_key_auth)],
2030+
response_class=JSONResponse,
2031+
)
2032+
async def api_admin_update_group(
2033+
group_request: GroupModel,
2034+
id:str,
2035+
request: Request,
2036+
background_tasks: BackgroundTasks,
2037+
session: SessionLocal = Depends(get_db),
2038+
key: str = Depends(X_API_KEY),
2039+
):
2040+
"""
2041+
Updates existing group with provided details, handling group validation using a predefined pydantic
2042+
model as middleware between the data and the ORM.
2043+
"""
2044+
2045+
# Get the requesting user details
2046+
user = session.query(User).filter_by(api_key=key).first()
2047+
2048+
if not user or not user.site_admin:
2049+
raise HTTPException(status_code=404)
2050+
2051+
existing_group = session.query(Group).filter_by(id=id).first()
2052+
if not existing_group:
2053+
raise HTTPException(status_code=404, detail="Could not update group. Does not exist.")
2054+
2055+
# Create and write the new group
2056+
existing_group.name=group_request.name
2057+
existing_group.permissions=group_request.permissions
2058+
session.add(existing_group)
2059+
session.commit()
2060+
2061+
# Write this query to the TransactionLog
2062+
if config.COLLECT_USAGE_STATISTICS:
2063+
2064+
background_tasks.add_task(
2065+
write_api_call_to_transaction_log,
2066+
api_key=key,
2067+
endpoint=request.url.path,
2068+
remote_addr=request.client.host,
2069+
query_params={},
2070+
)
2071+
2072+
return JSONResponse(
2073+
status_code=200,
2074+
content={"status": "success", "message": f"Successfully modified group {group_request.name} with id {id}"},
2075+
)
20292076

20302077
# Delete group
20312078

libreforms_fastapi/utils/pydantic_models.py

+1
Original file line numberDiff line numberDiff line change
@@ -392,6 +392,7 @@ class DocsEditRequest(BaseModel):
392392

393393
class GroupModel(BaseModel):
394394
"""This model will be used for validating change to Groups through the admin API"""
395+
# id: int = Field(None)
395396
name: str = Field(...)
396397
permissions: List[str] = Field(...)
397398

0 commit comments

Comments
 (0)