162 lines
5.9 KiB
Python
162 lines
5.9 KiB
Python
"""
|
|
Tenant Member Management API - ATOMIC operations
|
|
Handles team member CRUD operations
|
|
"""
|
|
|
|
import structlog
|
|
from fastapi import APIRouter, Depends, HTTPException, status, Path, Query
|
|
from typing import List, Dict, Any
|
|
from uuid import UUID
|
|
|
|
from app.schemas.tenants import TenantMemberResponse
|
|
from app.services.tenant_service import EnhancedTenantService
|
|
from shared.auth.decorators import get_current_user_dep
|
|
from shared.routing.route_builder import RouteBuilder
|
|
from shared.database.base import create_database_manager
|
|
from shared.monitoring.metrics import track_endpoint_metrics
|
|
|
|
logger = structlog.get_logger()
|
|
router = APIRouter()
|
|
route_builder = RouteBuilder("tenants")
|
|
|
|
# Dependency injection for enhanced tenant service
|
|
def get_enhanced_tenant_service():
|
|
try:
|
|
from app.core.config import settings
|
|
database_manager = create_database_manager(settings.DATABASE_URL, "tenant-service")
|
|
return EnhancedTenantService(database_manager)
|
|
except Exception as e:
|
|
logger.error("Failed to create enhanced tenant service", error=str(e))
|
|
raise HTTPException(status_code=500, detail="Service initialization failed")
|
|
|
|
@router.post(route_builder.build_base_route("{tenant_id}/members", include_tenant_prefix=False), response_model=TenantMemberResponse)
|
|
@track_endpoint_metrics("tenant_add_member")
|
|
async def add_team_member(
|
|
user_id: str,
|
|
role: str,
|
|
tenant_id: UUID = Path(..., description="Tenant ID"),
|
|
current_user: Dict[str, Any] = Depends(get_current_user_dep),
|
|
tenant_service: EnhancedTenantService = Depends(get_enhanced_tenant_service)
|
|
):
|
|
"""Add a team member to tenant with enhanced validation and role management"""
|
|
|
|
try:
|
|
result = await tenant_service.add_team_member(
|
|
str(tenant_id),
|
|
user_id,
|
|
role,
|
|
current_user["user_id"]
|
|
)
|
|
return result
|
|
|
|
except HTTPException:
|
|
raise
|
|
except Exception as e:
|
|
logger.error("Add team member failed",
|
|
tenant_id=str(tenant_id),
|
|
user_id=user_id,
|
|
role=role,
|
|
error=str(e))
|
|
raise HTTPException(
|
|
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
|
|
detail="Failed to add team member"
|
|
)
|
|
|
|
@router.get(route_builder.build_base_route("{tenant_id}/members", include_tenant_prefix=False), response_model=List[TenantMemberResponse])
|
|
async def get_team_members(
|
|
tenant_id: UUID = Path(..., description="Tenant ID"),
|
|
active_only: bool = Query(True, description="Only return active members"),
|
|
current_user: Dict[str, Any] = Depends(get_current_user_dep),
|
|
tenant_service: EnhancedTenantService = Depends(get_enhanced_tenant_service)
|
|
):
|
|
"""Get all team members for a tenant with enhanced filtering"""
|
|
|
|
try:
|
|
members = await tenant_service.get_team_members(
|
|
str(tenant_id),
|
|
current_user["user_id"],
|
|
active_only=active_only
|
|
)
|
|
return members
|
|
|
|
except HTTPException:
|
|
raise
|
|
except Exception as e:
|
|
logger.error("Get team members failed",
|
|
tenant_id=str(tenant_id),
|
|
error=str(e))
|
|
raise HTTPException(
|
|
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
|
|
detail="Failed to get team members"
|
|
)
|
|
|
|
@router.put(route_builder.build_base_route("{tenant_id}/members/{member_user_id}/role", include_tenant_prefix=False), response_model=TenantMemberResponse)
|
|
@track_endpoint_metrics("tenant_update_member_role")
|
|
async def update_member_role(
|
|
new_role: str,
|
|
tenant_id: UUID = Path(..., description="Tenant ID"),
|
|
member_user_id: str = Path(..., description="Member user ID"),
|
|
current_user: Dict[str, Any] = Depends(get_current_user_dep),
|
|
tenant_service: EnhancedTenantService = Depends(get_enhanced_tenant_service)
|
|
):
|
|
"""Update team member role with enhanced permission validation"""
|
|
|
|
try:
|
|
result = await tenant_service.update_member_role(
|
|
str(tenant_id),
|
|
member_user_id,
|
|
new_role,
|
|
current_user["user_id"]
|
|
)
|
|
return result
|
|
|
|
except HTTPException:
|
|
raise
|
|
except Exception as e:
|
|
logger.error("Update member role failed",
|
|
tenant_id=str(tenant_id),
|
|
member_user_id=member_user_id,
|
|
new_role=new_role,
|
|
error=str(e))
|
|
raise HTTPException(
|
|
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
|
|
detail="Failed to update member role"
|
|
)
|
|
|
|
@router.delete(route_builder.build_base_route("{tenant_id}/members/{member_user_id}", include_tenant_prefix=False))
|
|
@track_endpoint_metrics("tenant_remove_member")
|
|
async def remove_team_member(
|
|
tenant_id: UUID = Path(..., description="Tenant ID"),
|
|
member_user_id: str = Path(..., description="Member user ID"),
|
|
current_user: Dict[str, Any] = Depends(get_current_user_dep),
|
|
tenant_service: EnhancedTenantService = Depends(get_enhanced_tenant_service)
|
|
):
|
|
"""Remove team member from tenant with enhanced validation"""
|
|
|
|
try:
|
|
success = await tenant_service.remove_team_member(
|
|
str(tenant_id),
|
|
member_user_id,
|
|
current_user["user_id"]
|
|
)
|
|
|
|
if success:
|
|
return {"success": True, "message": "Team member removed successfully"}
|
|
else:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
|
|
detail="Failed to remove team member"
|
|
)
|
|
|
|
except HTTPException:
|
|
raise
|
|
except Exception as e:
|
|
logger.error("Remove team member failed",
|
|
tenant_id=str(tenant_id),
|
|
member_user_id=member_user_id,
|
|
error=str(e))
|
|
raise HTTPException(
|
|
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
|
|
detail="Failed to remove team member"
|
|
)
|