From 5513955453857ca5ea745eaa954766e2fc33fce1 Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Sat, 28 Sep 2024 02:12:57 +0900 Subject: [PATCH 01/11] fix: remove code such that find mongodb nested document Signed-off-by: Youngjin Jo --- .../manager/workspace_group_user_manager.py | 3 +- .../identity/service/user_profile_service.py | 32 ++++++---- .../service/workspace_group_service.py | 27 ++++---- .../service/workspace_group_user_service.py | 6 +- .../identity/service/workspace_service.py | 62 +++++++++---------- 5 files changed, 68 insertions(+), 62 deletions(-) diff --git a/src/spaceone/identity/manager/workspace_group_user_manager.py b/src/spaceone/identity/manager/workspace_group_user_manager.py index 0bafe3c8..0fbbacf7 100644 --- a/src/spaceone/identity/manager/workspace_group_user_manager.py +++ b/src/spaceone/identity/manager/workspace_group_user_manager.py @@ -31,7 +31,6 @@ def stat_workspace_group_users( def check_user_role_type( old_users_in_workspace_group: List[Dict[str, str]], user_id: str, - command: str, ) -> None: user_role_type = "" for old_user in old_users_in_workspace_group: @@ -40,7 +39,7 @@ def check_user_role_type( if user_role_type == "WORKSPACE_MEMBER": _LOGGER.error( - f"User ID {user_id} does not have permission to {command} users to workspace group." + f"User ID {user_id} does not have permission to workspace group." ) raise ERROR_PERMISSION_DENIED() diff --git a/src/spaceone/identity/service/user_profile_service.py b/src/spaceone/identity/service/user_profile_service.py index f6460ad1..e5773664 100644 --- a/src/spaceone/identity/service/user_profile_service.py +++ b/src/spaceone/identity/service/user_profile_service.py @@ -436,16 +436,24 @@ def get_workspace_groups( workspace_group_vos = self.workspace_group_mgr.filter_workspace_groups( domain_id=params.domain_id ) + workspace_group_infos = [ + workspace_group_vo.to_dict() + for workspace_group_vo in workspace_group_vos + ] else: - # TODO: Need to check users__user_id is correct - workspace_group_vos = self.workspace_group_mgr.filter_workspace_groups( - users__user_id=params.user_id, - domain_id=params.domain_id, + query_filter = { + "filter": [ + {"key": "users.user_id", "value": params.user_id, "operator": "eq"}, + {"key": "domain_id", "value": params.domain_id, "operator": "eq"}, + ] + } + workspace_group_infos, _ = self.workspace_group_mgr.list_workspace_groups( + query_filter ) workspace_group_ids = [ - workspace_group_vo.workspace_group_id - for workspace_group_vo in workspace_group_vos + workspace_group_info["workspace_group_id"] + for workspace_group_info in workspace_group_infos ] rb_vos = rb_mgr.filter_role_bindings( @@ -457,16 +465,18 @@ def get_workspace_groups( role_bindings_info_map = {rb.workspace_group_id: rb.to_dict() for rb in rb_vos} workspace_group_user_ids = [] - for workspace_group in workspace_group_vos: - if workspace_group.users: - for user in workspace_group.users: + for workspace_group_info in workspace_group_infos: + if workspace_group_info["users"]: + for user in workspace_group_info["users"]: workspace_group_user_ids.append(user.user_id) workspace_groups_info = [] - for workspace_group_vo in workspace_group_vos: + for workspace_group_info in workspace_group_infos: workspace_group_dict = ( self.workspace_group_svc.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo, params.domain_id + workspace_group_user_ids, + workspace_group_info.to_dict(), + params.domain_id, ) ) workspace_groups_info.append(workspace_group_dict) diff --git a/src/spaceone/identity/service/workspace_group_service.py b/src/spaceone/identity/service/workspace_group_service.py index 8a0b5e50..17849f0c 100644 --- a/src/spaceone/identity/service/workspace_group_service.py +++ b/src/spaceone/identity/service/workspace_group_service.py @@ -1,6 +1,6 @@ import logging from datetime import datetime -from typing import Dict, List, Union +from typing import Any, Dict, List, Union from spaceone.core.error import ERROR_INVALID_PARAMETER, ERROR_NOT_FOUND from spaceone.core.service import ( @@ -26,7 +26,6 @@ from spaceone.identity.manager.user_manager import UserManager from spaceone.identity.manager.workspace_group_manager import WorkspaceGroupManager from spaceone.identity.manager.workspace_manager import WorkspaceManager -from spaceone.identity.model import WorkspaceGroup from spaceone.identity.model.workspace_group.request import ( WorkspaceGroupAddUsersRequest, WorkspaceGroupCreateRequest, @@ -474,7 +473,8 @@ def delete_workspace_users_role_binding( workspace_id=workspace_group_workspace_ids, domain_id=domain_id, ) - rb_vos.delete() + for rb_vo in rb_vos: + self.rb_mgr.delete_role_binding_by_vo(rb_vo) def add_users_to_workspace_group( self, @@ -534,7 +534,7 @@ def add_users_to_workspace_group( def add_user_name_and_state_to_users( self, workspace_group_user_ids: List[str], - workspace_group_vo: WorkspaceGroup, + workspace_group_info: Dict[str, Any], domain_id: str, ) -> Dict[str, str]: """Add user's name and state to users in workspace group. @@ -542,7 +542,7 @@ def add_user_name_and_state_to_users( we need to add user's name and state to users in the Application layer. Args: workspace_group_user_ids: 'List[str]' - workspace_group_vo: 'WorkspaceGroup' + workspace_group_info: 'Dict[str, str]' domain_id: 'str' Returns: workspace_group_dict: @@ -558,17 +558,16 @@ def add_user_name_and_state_to_users( "state": user_vo.state, } - workspace_group_info = workspace_group_vo.to_dict() + wg_users = workspace_group_info.get("users", []) or [] + users = [] - if workspace_group_info.get("users", []): - users = [] - for user in workspace_group_info["users"]: - user_id = user["user_id"] - user["user_name"] = user_info_map[user_id]["name"] - user["state"] = user_info_map[user_id]["state"] - users.append(user) + for user in wg_users: + user_id = user.get("user_id", "") + user["user_name"] = user_info_map.get(user_id, {}).get("name", "") + user["state"] = user_info_map.get(user_id, {}).get("state", "") + users.append(user) - workspace_group_info["users"] = users + workspace_group_info["users"] = users return workspace_group_info diff --git a/src/spaceone/identity/service/workspace_group_user_service.py b/src/spaceone/identity/service/workspace_group_user_service.py index 33a94d07..76431338 100644 --- a/src/spaceone/identity/service/workspace_group_user_service.py +++ b/src/spaceone/identity/service/workspace_group_user_service.py @@ -108,7 +108,7 @@ def add( workspace_group_old_users_info = workspace_group_vo.users or [] if workspace_group_old_users_info: self.workspace_group_user_mgr.check_user_role_type( - workspace_group_old_users_info, user_id, command="add" + workspace_group_old_users_info, user_id ) role_map = self.workspace_group_svc.get_role_map(new_users_info_list, domain_id) @@ -187,7 +187,7 @@ def remove( workspace_group_users = workspace_group_vo.users self.workspace_group_user_mgr.check_user_role_type( - workspace_group_users, user_id, command="remove" + workspace_group_users, user_id ) old_users = workspace_group_dict["users"] @@ -233,7 +233,7 @@ def update_role( if user_vo.role_type == "USER": workspace_group_users = workspace_group_vo.users self.workspace_group_user_mgr.check_user_role_type( - workspace_group_users, user_id, command="update_role" + workspace_group_users, user_id ) target_user_vo = self.user_mgr.get_user(target_user_id, domain_id) diff --git a/src/spaceone/identity/service/workspace_service.py b/src/spaceone/identity/service/workspace_service.py index 3a5b98f2..e0327c97 100644 --- a/src/spaceone/identity/service/workspace_service.py +++ b/src/spaceone/identity/service/workspace_service.py @@ -124,8 +124,8 @@ def change_workspace_group( workspace_group_vo = self.workspace_group_mgr.get_workspace_group( old_workspace_group_id, domain_id ) - self._remove_workspace_from_group( - workspace_id, old_workspace_group_id, domain_id + self._remove_workspace_from_group_with_workspace_vo( + workspace_vo, old_workspace_group_id, domain_id ) if is_updatable: @@ -416,7 +416,9 @@ def _add_workspace_to_group( if old_workspace_group_id: if old_workspace_group_id != workspace_group_id: - self._delete_role_bindings(old_workspace_group_id, domain_id) + self._delete_role_bindings( + workspace_id, old_workspace_group_id, domain_id + ) self._create_role_bindings( workspace_group_vo.users, @@ -472,38 +474,34 @@ def _add_workspace_to_group( return is_updatable - def _remove_workspace_from_group( - self, workspace_id: str, old_workspace_group_id: str, domain_id: str + def _remove_workspace_from_group_with_workspace_vo( + self, workspace_vo: Workspace, old_workspace_group_id: str, domain_id: str ) -> None: + workspace_id = workspace_vo.workspace_id self._delete_role_bindings(workspace_id, old_workspace_group_id, domain_id) - if old_workspace_group_id: - workspace_vo = self.workspace_mgr.get_workspace( - workspace_id=workspace_id, domain_id=domain_id - ) - if workspace_vo: - workspace_vo.changed_at = datetime.utcnow() - workspace_vo.workspace_group_id = None - - user_rb_ids = self.rb_mgr.stat_role_bindings( - query={ - "distinct": "user_id", - "filter": [ - {"k": "workspace_id", "v": workspace_id, "o": "eq"}, - {"k": "domain_id", "v": domain_id, "o": "eq"}, - ], - } - ).get("results", []) - user_rb_total_count = len(user_rb_ids) - - self.workspace_mgr.update_workspace_by_vo( - { - "user_count": user_rb_total_count, - "changed_at": workspace_vo.changed_at, - "workspace_group_id": None, - }, - workspace_vo, - ) + workspace_vo.changed_at = datetime.utcnow() + workspace_vo.workspace_group_id = None + + user_rb_ids = self.rb_mgr.stat_role_bindings( + query={ + "distinct": "user_id", + "filter": [ + {"k": "workspace_id", "v": workspace_id, "o": "eq"}, + {"k": "domain_id", "v": domain_id, "o": "eq"}, + ], + } + ).get("results", []) + user_rb_total_count = len(user_rb_ids) + + self.workspace_mgr.update_workspace_by_vo( + { + "user_count": user_rb_total_count, + "changed_at": workspace_vo.changed_at, + "workspace_group_id": None, + }, + workspace_vo, + ) def _delete_role_bindings( self, workspace_id: str, existing_workspace_group_id: str, domain_id: str From 742328703f4d69d9df33449db56fb8e27e14522c Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Sat, 28 Sep 2024 02:44:36 +0900 Subject: [PATCH 02/11] fix: convert type when call the add_user_name_and_state_to_users method Signed-off-by: Youngjin Jo --- .../identity/service/user_profile_service.py | 32 +++++++++---------- .../service/workspace_group_service.py | 6 ++-- .../service/workspace_group_user_service.py | 8 +++-- 3 files changed, 24 insertions(+), 22 deletions(-) diff --git a/src/spaceone/identity/service/user_profile_service.py b/src/spaceone/identity/service/user_profile_service.py index e5773664..adc4d93d 100644 --- a/src/spaceone/identity/service/user_profile_service.py +++ b/src/spaceone/identity/service/user_profile_service.py @@ -16,23 +16,21 @@ from spaceone.identity.manager.mfa_manager.base import MFAManager from spaceone.identity.manager.role_binding_manager import RoleBindingManager from spaceone.identity.manager.role_manager import RoleManager -from spaceone.identity.manager.token_manager.local_token_manager import ( - LocalTokenManager, -) +from spaceone.identity.manager.token_manager.local_token_manager import \ + LocalTokenManager from spaceone.identity.manager.user_manager import UserManager -from spaceone.identity.manager.workspace_group_manager import WorkspaceGroupManager +from spaceone.identity.manager.workspace_group_manager import \ + WorkspaceGroupManager from spaceone.identity.manager.workspace_manager import WorkspaceManager from spaceone.identity.model.user.database import User from spaceone.identity.model.user.response import * from spaceone.identity.model.user_profile.request import * -from spaceone.identity.model.user_profile.request import ( - UserProfileGetWorkspaceGroupsRequest, -) +from spaceone.identity.model.user_profile.request import \ + UserProfileGetWorkspaceGroupsRequest from spaceone.identity.model.user_profile.response import ( - MyWorkspaceGroupsResponse, - MyWorkspacesResponse, -) -from spaceone.identity.service.workspace_group_service import WorkspaceGroupService + MyWorkspaceGroupsResponse, MyWorkspacesResponse) +from spaceone.identity.service.workspace_group_service import \ + WorkspaceGroupService _LOGGER = logging.getLogger(__name__) @@ -423,7 +421,6 @@ def get_workspace_groups( Returns: MyWorkspaceResponse: """ - rb_mgr = RoleBindingManager() allow_all = False @@ -466,16 +463,19 @@ def get_workspace_groups( workspace_group_user_ids = [] for workspace_group_info in workspace_group_infos: - if workspace_group_info["users"]: - for user in workspace_group_info["users"]: - workspace_group_user_ids.append(user.user_id) + if users := workspace_group_info.get("users"): + for user in users: + if isinstance(user, dict): + workspace_group_user_ids.append(user.get("user_id")) + elif hasattr(user, "user_id"): + workspace_group_user_ids.append(user.user_id) workspace_groups_info = [] for workspace_group_info in workspace_group_infos: workspace_group_dict = ( self.workspace_group_svc.add_user_name_and_state_to_users( workspace_group_user_ids, - workspace_group_info.to_dict(), + workspace_group_info, params.domain_id, ) ) diff --git a/src/spaceone/identity/service/workspace_group_service.py b/src/spaceone/identity/service/workspace_group_service.py index 17849f0c..4ad526b3 100644 --- a/src/spaceone/identity/service/workspace_group_service.py +++ b/src/spaceone/identity/service/workspace_group_service.py @@ -208,7 +208,7 @@ def add_users( ) workspace_group_info = self.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo, domain_id + workspace_group_user_ids, workspace_group_vo.to_dict(), domain_id ) return WorkspaceGroupResponse(**workspace_group_info) @@ -351,7 +351,7 @@ def get( workspace_group_user_ids: List[str] = old_users + new_users workspace_group_dict = self.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo, domain_id + workspace_group_user_ids, workspace_group_vo.to_dict(), domain_id ) return WorkspaceGroupResponse(**workspace_group_dict) @@ -399,7 +399,7 @@ def list( workspace_group_user_ids: List[str] = old_users + new_users workspace_group_dict = self.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo, params.domain_id + workspace_group_user_ids, workspace_group_vo.to_dict(), params.domain_id ) workspace_groups_info.append(workspace_group_dict) diff --git a/src/spaceone/identity/service/workspace_group_user_service.py b/src/spaceone/identity/service/workspace_group_user_service.py index 76431338..6916e03b 100644 --- a/src/spaceone/identity/service/workspace_group_user_service.py +++ b/src/spaceone/identity/service/workspace_group_user_service.py @@ -137,7 +137,7 @@ def add( workspace_group_user_dict = ( self.workspace_group_svc.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo, domain_id + workspace_group_user_ids, workspace_group_vo.to_dict(), domain_id ) ) @@ -349,7 +349,7 @@ def get( workspace_group_dict = ( self.workspace_group_svc.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo, domain_id + workspace_group_user_ids, workspace_group_vo.to_dict(), domain_id ) ) return WorkspaceGroupResponse(**workspace_group_dict) @@ -399,7 +399,9 @@ def list( workspace_group_dict = ( self.workspace_group_svc.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo, params.domain_id + workspace_group_user_ids, + workspace_group_vo.to_dict(), + params.domain_id, ) ) workspace_groups_info.append(workspace_group_dict) From 1812fe7328e0161ae42be9ca0ad8e28a1a14651a Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Mon, 30 Sep 2024 13:04:07 +0900 Subject: [PATCH 03/11] fix: convert from dict type to object type Signed-off-by: Youngjin Jo --- .../identity/service/user_profile_service.py | 2 +- .../service/workspace_group_service.py | 23 ++++++++++--------- .../service/workspace_group_user_service.py | 6 ++--- 3 files changed, 16 insertions(+), 15 deletions(-) diff --git a/src/spaceone/identity/service/user_profile_service.py b/src/spaceone/identity/service/user_profile_service.py index adc4d93d..ef50b628 100644 --- a/src/spaceone/identity/service/user_profile_service.py +++ b/src/spaceone/identity/service/user_profile_service.py @@ -463,7 +463,7 @@ def get_workspace_groups( workspace_group_user_ids = [] for workspace_group_info in workspace_group_infos: - if users := workspace_group_info.get("users"): + if users := workspace_group_info.users: for user in users: if isinstance(user, dict): workspace_group_user_ids.append(user.get("user_id")) diff --git a/src/spaceone/identity/service/workspace_group_service.py b/src/spaceone/identity/service/workspace_group_service.py index 4ad526b3..e8e729df 100644 --- a/src/spaceone/identity/service/workspace_group_service.py +++ b/src/spaceone/identity/service/workspace_group_service.py @@ -1,6 +1,6 @@ import logging from datetime import datetime -from typing import Any, Dict, List, Union +from typing import Dict, List, Union from spaceone.core.error import ERROR_INVALID_PARAMETER, ERROR_NOT_FOUND from spaceone.core.service import ( @@ -26,6 +26,7 @@ from spaceone.identity.manager.user_manager import UserManager from spaceone.identity.manager.workspace_group_manager import WorkspaceGroupManager from spaceone.identity.manager.workspace_manager import WorkspaceManager +from spaceone.identity.model import WorkspaceGroup from spaceone.identity.model.workspace_group.request import ( WorkspaceGroupAddUsersRequest, WorkspaceGroupCreateRequest, @@ -208,7 +209,7 @@ def add_users( ) workspace_group_info = self.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo.to_dict(), domain_id + workspace_group_user_ids, workspace_group_vo, domain_id ) return WorkspaceGroupResponse(**workspace_group_info) @@ -351,7 +352,7 @@ def get( workspace_group_user_ids: List[str] = old_users + new_users workspace_group_dict = self.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo.to_dict(), domain_id + workspace_group_user_ids, workspace_group_vo, domain_id ) return WorkspaceGroupResponse(**workspace_group_dict) @@ -399,7 +400,7 @@ def list( workspace_group_user_ids: List[str] = old_users + new_users workspace_group_dict = self.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo.to_dict(), params.domain_id + workspace_group_user_ids, workspace_group_vo, params.domain_id ) workspace_groups_info.append(workspace_group_dict) @@ -534,7 +535,7 @@ def add_users_to_workspace_group( def add_user_name_and_state_to_users( self, workspace_group_user_ids: List[str], - workspace_group_info: Dict[str, Any], + workspace_group_info: WorkspaceGroup, domain_id: str, ) -> Dict[str, str]: """Add user's name and state to users in workspace group. @@ -542,7 +543,7 @@ def add_user_name_and_state_to_users( we need to add user's name and state to users in the Application layer. Args: workspace_group_user_ids: 'List[str]' - workspace_group_info: 'Dict[str, str]' + workspace_group_info: 'WorkspaceGroup' domain_id: 'str' Returns: workspace_group_dict: @@ -558,18 +559,18 @@ def add_user_name_and_state_to_users( "state": user_vo.state, } - wg_users = workspace_group_info.get("users", []) or [] + wg_users = workspace_group_info.users or [] users = [] for user in wg_users: - user_id = user.get("user_id", "") - user["user_name"] = user_info_map.get(user_id, {}).get("name", "") - user["state"] = user_info_map.get(user_id, {}).get("state", "") + user_id = user.user_id or "" + user.user_name = user_info_map.get(user_id, {}).get("name", "") + user.state = user_info_map.get(user_id, {}).get("state", "") users.append(user) workspace_group_info["users"] = users - return workspace_group_info + return workspace_group_info.to_dict() def remove_users_from_workspace_group( self, diff --git a/src/spaceone/identity/service/workspace_group_user_service.py b/src/spaceone/identity/service/workspace_group_user_service.py index 6916e03b..3ac80d85 100644 --- a/src/spaceone/identity/service/workspace_group_user_service.py +++ b/src/spaceone/identity/service/workspace_group_user_service.py @@ -137,7 +137,7 @@ def add( workspace_group_user_dict = ( self.workspace_group_svc.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo.to_dict(), domain_id + workspace_group_user_ids, workspace_group_vo, domain_id ) ) @@ -349,7 +349,7 @@ def get( workspace_group_dict = ( self.workspace_group_svc.add_user_name_and_state_to_users( - workspace_group_user_ids, workspace_group_vo.to_dict(), domain_id + workspace_group_user_ids, workspace_group_vo, domain_id ) ) return WorkspaceGroupResponse(**workspace_group_dict) @@ -400,7 +400,7 @@ def list( workspace_group_dict = ( self.workspace_group_svc.add_user_name_and_state_to_users( workspace_group_user_ids, - workspace_group_vo.to_dict(), + workspace_group_vo, params.domain_id, ) ) From 38d90276557943457700c549e50ed9e473d8ba00 Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Mon, 30 Sep 2024 14:20:54 +0900 Subject: [PATCH 04/11] fix: add WorkspaceGroup object type Signed-off-by: Youngjin Jo --- .../identity/service/user_profile_service.py | 22 ++++++----- .../service/workspace_group_service.py | 38 ++++++++++++++----- 2 files changed, 40 insertions(+), 20 deletions(-) diff --git a/src/spaceone/identity/service/user_profile_service.py b/src/spaceone/identity/service/user_profile_service.py index ef50b628..4bab769c 100644 --- a/src/spaceone/identity/service/user_profile_service.py +++ b/src/spaceone/identity/service/user_profile_service.py @@ -16,21 +16,23 @@ from spaceone.identity.manager.mfa_manager.base import MFAManager from spaceone.identity.manager.role_binding_manager import RoleBindingManager from spaceone.identity.manager.role_manager import RoleManager -from spaceone.identity.manager.token_manager.local_token_manager import \ - LocalTokenManager +from spaceone.identity.manager.token_manager.local_token_manager import ( + LocalTokenManager, +) from spaceone.identity.manager.user_manager import UserManager -from spaceone.identity.manager.workspace_group_manager import \ - WorkspaceGroupManager +from spaceone.identity.manager.workspace_group_manager import WorkspaceGroupManager from spaceone.identity.manager.workspace_manager import WorkspaceManager from spaceone.identity.model.user.database import User from spaceone.identity.model.user.response import * from spaceone.identity.model.user_profile.request import * -from spaceone.identity.model.user_profile.request import \ - UserProfileGetWorkspaceGroupsRequest +from spaceone.identity.model.user_profile.request import ( + UserProfileGetWorkspaceGroupsRequest, +) from spaceone.identity.model.user_profile.response import ( - MyWorkspaceGroupsResponse, MyWorkspacesResponse) -from spaceone.identity.service.workspace_group_service import \ - WorkspaceGroupService + MyWorkspaceGroupsResponse, + MyWorkspacesResponse, +) +from spaceone.identity.service.workspace_group_service import WorkspaceGroupService _LOGGER = logging.getLogger(__name__) @@ -463,7 +465,7 @@ def get_workspace_groups( workspace_group_user_ids = [] for workspace_group_info in workspace_group_infos: - if users := workspace_group_info.users: + if users := workspace_group_info.get("users", []) or []: for user in users: if isinstance(user, dict): workspace_group_user_ids.append(user.get("user_id")) diff --git a/src/spaceone/identity/service/workspace_group_service.py b/src/spaceone/identity/service/workspace_group_service.py index e8e729df..a05a3423 100644 --- a/src/spaceone/identity/service/workspace_group_service.py +++ b/src/spaceone/identity/service/workspace_group_service.py @@ -535,7 +535,7 @@ def add_users_to_workspace_group( def add_user_name_and_state_to_users( self, workspace_group_user_ids: List[str], - workspace_group_info: WorkspaceGroup, + workspace_group_info: Union[WorkspaceGroup, Dict[str, str]], domain_id: str, ) -> Dict[str, str]: """Add user's name and state to users in workspace group. @@ -543,11 +543,16 @@ def add_user_name_and_state_to_users( we need to add user's name and state to users in the Application layer. Args: workspace_group_user_ids: 'List[str]' - workspace_group_info: 'WorkspaceGroup' + workspace_group_info: 'Union[WorkspaceGroup, Dict[str, str]]' domain_id: 'str' Returns: workspace_group_dict: """ + if isinstance(workspace_group_info, dict): + wg_users = workspace_group_info.get("users", []) + else: + wg_users = workspace_group_info.users or [] + user_vos = self.user_mgr.filter_users( user_id=workspace_group_user_ids, domain_id=domain_id ) @@ -559,18 +564,31 @@ def add_user_name_and_state_to_users( "state": user_vo.state, } - wg_users = workspace_group_info.users or [] users = [] - for user in wg_users: - user_id = user.user_id or "" - user.user_name = user_info_map.get(user_id, {}).get("name", "") - user.state = user_info_map.get(user_id, {}).get("state", "") - users.append(user) + if isinstance(user, dict): + user_id = user.get("user_id", "") + else: + user_id = getattr(user, "user_id", "") or "" - workspace_group_info["users"] = users + user_name = user_info_map.get(user_id, {}).get("name", "") + user_state = user_info_map.get(user_id, {}).get("state", "") - return workspace_group_info.to_dict() + if isinstance(user, dict): + user["user_name"] = user_name + user["state"] = user_state + else: + setattr(user, "user_name", user_name) + setattr(user, "state", user_state) + + users.append(user) + + if isinstance(workspace_group_info, dict): + workspace_group_info["users"] = users + return workspace_group_info + else: + workspace_group_info.users = users + return workspace_group_info.to_dict() def remove_users_from_workspace_group( self, From 0325356d9c4860c22d0849b6f3cb12d58fd2d79a Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Mon, 30 Sep 2024 14:27:35 +0900 Subject: [PATCH 05/11] fix: modify get_workspace_groups Signed-off-by: Youngjin Jo --- src/spaceone/identity/service/user_profile_service.py | 1 + 1 file changed, 1 insertion(+) diff --git a/src/spaceone/identity/service/user_profile_service.py b/src/spaceone/identity/service/user_profile_service.py index 4bab769c..c6aae0d5 100644 --- a/src/spaceone/identity/service/user_profile_service.py +++ b/src/spaceone/identity/service/user_profile_service.py @@ -465,6 +465,7 @@ def get_workspace_groups( workspace_group_user_ids = [] for workspace_group_info in workspace_group_infos: + workspace_group_info = workspace_group_info.to_dict() if users := workspace_group_info.get("users", []) or []: for user in users: if isinstance(user, dict): From e0e5c0992145e72d85b80f48f53b8a8517684210 Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Mon, 30 Sep 2024 14:35:36 +0900 Subject: [PATCH 06/11] fix: modify workspace_group_info type Signed-off-by: Youngjin Jo --- src/spaceone/identity/service/user_profile_service.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/spaceone/identity/service/user_profile_service.py b/src/spaceone/identity/service/user_profile_service.py index c6aae0d5..561ae832 100644 --- a/src/spaceone/identity/service/user_profile_service.py +++ b/src/spaceone/identity/service/user_profile_service.py @@ -465,7 +465,8 @@ def get_workspace_groups( workspace_group_user_ids = [] for workspace_group_info in workspace_group_infos: - workspace_group_info = workspace_group_info.to_dict() + if not isinstance(workspace_group_info, dict): + workspace_group_info = workspace_group_info.to_dict() if users := workspace_group_info.get("users", []) or []: for user in users: if isinstance(user, dict): From cfb5c62d86b549c250318835cebc63ce2f4f1be5 Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Mon, 30 Sep 2024 14:51:15 +0900 Subject: [PATCH 07/11] fix: modify code when workspace group users is None Signed-off-by: Youngjin Jo --- src/spaceone/identity/service/workspace_group_service.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/spaceone/identity/service/workspace_group_service.py b/src/spaceone/identity/service/workspace_group_service.py index a05a3423..b439e7d3 100644 --- a/src/spaceone/identity/service/workspace_group_service.py +++ b/src/spaceone/identity/service/workspace_group_service.py @@ -564,6 +564,8 @@ def add_user_name_and_state_to_users( "state": user_vo.state, } + if wg_users is None: + wg_users = [] users = [] for user in wg_users: if isinstance(user, dict): From d669a5c6b90daf6bcefc1a394747e572f5082d48 Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Mon, 30 Sep 2024 15:40:42 +0900 Subject: [PATCH 08/11] fix: modify code when user is not dict type Signed-off-by: Youngjin Jo --- .../service/workspace_group_service.py | 22 +++++++++---------- 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/src/spaceone/identity/service/workspace_group_service.py b/src/spaceone/identity/service/workspace_group_service.py index b439e7d3..064f2f61 100644 --- a/src/spaceone/identity/service/workspace_group_service.py +++ b/src/spaceone/identity/service/workspace_group_service.py @@ -563,27 +563,25 @@ def add_user_name_and_state_to_users( "name": user_vo.name, "state": user_vo.state, } - if wg_users is None: wg_users = [] users = [] for user in wg_users: if isinstance(user, dict): user_id = user.get("user_id", "") - else: - user_id = getattr(user, "user_id", "") or "" - - user_name = user_info_map.get(user_id, {}).get("name", "") - user_state = user_info_map.get(user_id, {}).get("state", "") - - if isinstance(user, dict): + user_name = user_info_map.get(user_id, {}).get("name", "") + user_state = user_info_map.get(user_id, {}).get("state", "") user["user_name"] = user_name user["state"] = user_state + users.append(user) else: - setattr(user, "user_name", user_name) - setattr(user, "state", user_state) - - users.append(user) + user_id = getattr(user, "user_id", "") or "" + user_name = user_info_map.get(user_id, {}).get("name", "") + user_state = user_info_map.get(user_id, {}).get("state", "") + user_dict = user.to_mongo().to_dict() + user_dict["user_name"] = user_name + user_dict["state"] = user_state + users.append(user_dict) if isinstance(workspace_group_info, dict): workspace_group_info["users"] = users From 48481a106e212d57e83cb104bc6b8e2472f12bca Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Mon, 30 Sep 2024 16:32:10 +0900 Subject: [PATCH 09/11] fix: modify code when update role type of USER Signed-off-by: Youngjin Jo --- src/spaceone/identity/service/workspace_group_user_service.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/spaceone/identity/service/workspace_group_user_service.py b/src/spaceone/identity/service/workspace_group_user_service.py index 3ac80d85..e868d550 100644 --- a/src/spaceone/identity/service/workspace_group_user_service.py +++ b/src/spaceone/identity/service/workspace_group_user_service.py @@ -245,7 +245,7 @@ def update_role( self.workspace_group_svc.check_role_type(role_type) self.workspace_group_svc.update_user_role_of_workspace_group( - role_id, role_type, user_id, workspace_group_id, domain_id + role_id, role_type, target_user_id, workspace_group_id, domain_id ) update_workspace_group_params = {"users": workspace_group_vo.users or []} From 063e0f344f0814e61a0adfd7d30c885dd6ce5ebd Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Mon, 30 Sep 2024 16:57:00 +0900 Subject: [PATCH 10/11] fix: delete workspace role binding when workspace group is added Signed-off-by: Youngjin Jo --- src/spaceone/identity/service/workspace_service.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/spaceone/identity/service/workspace_service.py b/src/spaceone/identity/service/workspace_service.py index e0327c97..62d02a21 100644 --- a/src/spaceone/identity/service/workspace_service.py +++ b/src/spaceone/identity/service/workspace_service.py @@ -417,7 +417,7 @@ def _add_workspace_to_group( if old_workspace_group_id: if old_workspace_group_id != workspace_group_id: self._delete_role_bindings( - workspace_id, old_workspace_group_id, domain_id + workspace_id, domain_id, old_workspace_group_id ) self._create_role_bindings( @@ -459,6 +459,7 @@ def _add_workspace_to_group( else: is_updatable = False else: + self._delete_role_bindings(workspace_id, domain_id) self._create_role_bindings( workspace_group_vo.users, workspace_id, @@ -478,7 +479,7 @@ def _remove_workspace_from_group_with_workspace_vo( self, workspace_vo: Workspace, old_workspace_group_id: str, domain_id: str ) -> None: workspace_id = workspace_vo.workspace_id - self._delete_role_bindings(workspace_id, old_workspace_group_id, domain_id) + self._delete_role_bindings(workspace_id, domain_id, old_workspace_group_id) workspace_vo.changed_at = datetime.utcnow() workspace_vo.workspace_group_id = None @@ -504,12 +505,12 @@ def _remove_workspace_from_group_with_workspace_vo( ) def _delete_role_bindings( - self, workspace_id: str, existing_workspace_group_id: str, domain_id: str + self, workspace_id: str, domain_id: str, existing_workspace_group_id: str = None ): rb_vos = self.rb_mgr.filter_role_bindings( workspace_id=workspace_id, - workspace_group_id=existing_workspace_group_id, domain_id=domain_id, + workspace_group_id=existing_workspace_group_id, ) for rb_vo in rb_vos: self.rb_mgr.delete_role_binding_by_vo(rb_vo) From d00d692519e08c67f64f1f49f4b8aa8c54daabb6 Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Mon, 30 Sep 2024 17:46:07 +0900 Subject: [PATCH 11/11] fix: modify code such that deleted original users when add workspace to workspace group Signed-off-by: Youngjin Jo --- src/spaceone/identity/service/workspace_service.py | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/spaceone/identity/service/workspace_service.py b/src/spaceone/identity/service/workspace_service.py index 62d02a21..a65c23cc 100644 --- a/src/spaceone/identity/service/workspace_service.py +++ b/src/spaceone/identity/service/workspace_service.py @@ -459,7 +459,10 @@ def _add_workspace_to_group( else: is_updatable = False else: - self._delete_role_bindings(workspace_id, domain_id) + workspace_group_dict = workspace_group_vo.to_dict() + users = workspace_group_dict.get("users", []) + user_ids = [user.get("user_id") for user in users] + self._delete_role_bindings(workspace_id, domain_id, user_ids=user_ids) self._create_role_bindings( workspace_group_vo.users, workspace_id, @@ -505,12 +508,17 @@ def _remove_workspace_from_group_with_workspace_vo( ) def _delete_role_bindings( - self, workspace_id: str, domain_id: str, existing_workspace_group_id: str = None + self, + workspace_id: str, + domain_id: str, + existing_workspace_group_id: str = None, + user_ids: List[str] = None, ): rb_vos = self.rb_mgr.filter_role_bindings( workspace_id=workspace_id, domain_id=domain_id, workspace_group_id=existing_workspace_group_id, + user_id=user_ids, ) for rb_vo in rb_vos: self.rb_mgr.delete_role_binding_by_vo(rb_vo)