v2 API: add endpoint to activate and deactivate users #1007
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
✅ All tests successful. No failed tests found. Additional details and impacted files@@ Coverage Diff @@
## main #1007 +/- ##
=======================================
Coverage 96.00% 96.00%
=======================================
Files 828 828
Lines 19353 19373 +20
=======================================
+ Hits 18579 18599 +20
Misses 774 774
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
Codecov ReportAll modified and coverable lines are covered by tests ✅ ✅ All tests successful. No failed tests found. 📢 Thoughts on this report? Let us know! |
|
✅ All tests successful. No failed tests were found. 📣 Thoughts on this report? Let Codecov know! | Powered by Codecov |
api/public/v2/owner/views.py
Outdated
| Updates a user for the specified owner_username or ownerid | ||
|
|
||
| Allowed fields | ||
| - activated: boolean value to activate or deactivate the use |
There was a problem hiding this comment.
nit: typo "deactivate the user"
api/public/v2/owner/views.py
Outdated
|
|
||
| if serializer.validated_data["activated"]: | ||
| if self.owner.can_activate_user(instance): | ||
| print("can activate") |
api/public/v2/owner/views.py
Outdated
| self.owner.activate_user(instance) | ||
| else: | ||
| raise PermissionDenied( | ||
| f"Cannot activate user {self.owner.username} -- not enough seats left." |
There was a problem hiding this comment.
I see this is lifted from the existing internal PATCH endpoint but seems like 403 Permission Denied is a weird status code if the reason is "not enough seats". What do you think of like 409 conflict or 400 invalid request?
Also pet peeve that the can_activate_user function should be named like has_enough_seats if we intend to tie error messages to be tied to that specific condition (or emit the various reasons for the error from can_activate_user). But probably not much gain for a lot of work so can just leave as is.
Introduce endpoint
PATCH /api/v2/{service}/{owner_username}/users/{user_username_or_ownerid}/to activate or deactivate the specified user via request body:
{activated: boolean}closes: codecov/feedback#559
Legal Boilerplate
Look, I get it. The entity doing business as "Sentry" was incorporated in the State of Delaware in 2015 as Functional Software, Inc. In 2022 this entity acquired Codecov and as result Sentry is going to need some rights from me in order to utilize my contributions in this PR. So here's the deal: I retain all rights, title and interest in and to my contributions, and by keeping this boilerplate intact I confirm that Sentry can use, modify, copy, and redistribute my contributions, under Sentry's choice of terms.