Add access permission management API

Backend: - Add AccessPermission schemas (Create, Update, Response) - Add ProjectWithAccessResponse schema - Add permission endpoints: - GET /project/{name}/permissions - list permissions (admin only) - POST /project/{name}/permissions - grant access (admin only) - PUT /project/{name}/permissions/{username} - update access - DELETE /project/{name}/permissions/{username} - revoke access - GET /project/{name}/my-access - get current user's access level Frontend: - Add AccessLevel, AccessPermission types - Add API functions for access management: - getMyProjectAccess() - listProjectPermissions() - grantProjectAccess() - updateProjectAccess() - revokeProjectAccess()
2026-01-08 18:26:22 -06:00
parent 6aa199b80b
commit 0bef44a292
4 changed files with 300 additions and 0 deletions
--- a/backend/app/schemas.py
+++ b/backend/app/schemas.py
@@ -776,3 +776,49 @@ class APIKeyCreateResponse(BaseModel):
    created_at: datetime
    expires_at: Optional[datetime]

+
+# Access Permission schemas
+class AccessPermissionCreate(BaseModel):
+    """Grant access to a user for a project"""
+    username: str
+    level: str  # 'read', 'write', or 'admin'
+    expires_at: Optional[datetime] = None
+
+    @field_validator('level')
+    @classmethod
+    def validate_level(cls, v):
+        if v not in ('read', 'write', 'admin'):
+            raise ValueError("level must be 'read', 'write', or 'admin'")
+        return v
+
+
+class AccessPermissionUpdate(BaseModel):
+    """Update access permission"""
+    level: Optional[str] = None
+    expires_at: Optional[datetime] = None
+
+    @field_validator('level')
+    @classmethod
+    def validate_level(cls, v):
+        if v is not None and v not in ('read', 'write', 'admin'):
+            raise ValueError("level must be 'read', 'write', or 'admin'")
+        return v
+
+
+class AccessPermissionResponse(BaseModel):
+    """Access permission response"""
+    id: UUID
+    project_id: UUID
+    user_id: str
+    level: str
+    created_at: datetime
+    expires_at: Optional[datetime]
+
+    class Config:
+        from_attributes = True
+
+
+class ProjectWithAccessResponse(ProjectResponse):
+    """Project response with user's access level"""
+    user_access_level: Optional[str] = None
+