SMQ 2667 - Add: List all the users who can access the entity

api/http/common.go

@@ -20,73 +20,70 @@ import (
 )
 
 const (
-	MemberKindKey    = "member_kind"
-	PermissionKey    = "permission"
-	RelationKey      = "relation"
-	StatusKey        = "status"
-	OffsetKey        = "offset"
-	OrderKey         = "order"
-	LimitKey         = "limit"
-	MetadataKey      = "metadata"
-	ParentKey        = "parent_id"
-	OwnerKey         = "owner_id"
-	ClientKey        = "client"
-	UsernameKey      = "username"
-	NameKey          = "name"
-	GroupKey         = "group"
-	ActionKey        = "action"
-	ActionsKey       = "actions"
-	RoleIDKey        = "role_id"
-	RoleNameKey      = "role_name"
-	AccessTypeKey    = "access_type"
-	TagKey           = "tag"
-	FirstNameKey     = "first_name"
-	LastNameKey      = "last_name"
-	TotalKey         = "total"
-	SubjectKey       = "subject"
-	ObjectKey        = "object"
-	LevelKey         = "level"
-	StartLevelKey    = "start_level"
-	EndLevelKey      = "end_level"
-	TreeKey          = "tree"
-	DirKey           = "dir"
-	ListPerms        = "list_perms"
-	VisibilityKey    = "visibility"
-	EmailKey         = "email"
-	SharedByKey      = "shared_by"
-	TokenKey         = "token"
-	UserKey          = "user"
-	DomainKey        = "domain"
-	ChannelKey       = "channel"
-	ConnTypeKey      = "connection_type"
-	DefPermission    = "read_permission"
-	DefTotal         = uint64(100)
-	DefOffset        = 0
-	DefOrder         = "updated_at"
-	DefDir           = "asc"
-	DefLimit         = 10
-	DefLevel         = 0
-	DefStartLevel    = 1
-	DefEndLevel      = 0
-	DefStatus        = "enabled"
-	DefClientStatus  = clients.Enabled
-	DefUserStatus    = users.Enabled
-	DefGroupStatus   = groups.Enabled
-	DefListPerms     = false
-	SharedVisibility = "shared"
-	MyVisibility     = "mine"
-	AllVisibility    = "all"
+	OffsetKey = "offset"
+	DirKey    = "dir"
+	OrderKey  = "order"
+	LimitKey  = "limit"
+
+	NameOrder = "name"
+	IDOrder   = "id"
+	AscDir    = "asc"
+	DescDir   = "desc"
+
+	MetadataKey = "metadata"
+	NameKey     = "name"
+	TagKey      = "tag"
+	StatusKey   = "status"
+
+	ClientKey   = "client"
+	ChannelKey  = "channel"
+	ConnTypeKey = "connection_type"
+	GroupKey    = "group"
+	DomainKey   = "domain"
+
+	StartLevelKey = "start_level"
+	EndLevelKey   = "end_level"
+	TreeKey       = "tree"
+	ParentKey     = "parent_id"
+	LevelKey      = "level"
+
+	TokenKey   = "token"
+	SubjectKey = "subject"
+	ObjectKey  = "object"
+
+	ActionKey           = "action"
+	ActionsKey          = "actions"
+	RoleIDKey           = "role_id"
+	RoleNameKey         = "role_name"
+	AccessProviderIDKey = "access_provider_id"
+	AccessTypeKey       = "access_type"
+
+	UsernameKey  = "username"
+	UserKey      = "user"
+	EmailKey     = "email"
+	FirstNameKey = "first_name"
+	LastNameKey  = "last_name"
+
+	DefTotal        = uint64(100)
+	DefOffset       = 0
+	DefOrder        = "updated_at"
+	DefDir          = "asc"
+	DefLimit        = 10
+	DefLevel        = 0
+	DefStartLevel   = 1
+	DefEndLevel     = 0
+	DefStatus       = "enabled"
+	DefClientStatus = clients.Enabled
+	DefUserStatus   = users.Enabled
+	DefGroupStatus  = groups.Enabled
+
 	// ContentType represents JSON content type.
 	ContentType = "application/json"
 
 	// MaxNameSize limits name size to prevent making them too complex.
 	MaxLimitSize = 100
 	MaxNameSize  = 1024
 	MaxIDSize    = 36
-	NameOrder    = "name"
-	IDOrder      = "id"
-	AscDir       = "asc"
-	DescDir      = "desc"
 )
 
 // ValidateUUID validates UUID format.

api/http/util/errors.go

@@ -141,6 +141,9 @@ var (
 	// ErrInvalidComparator indicates an invalid comparator.
 	ErrInvalidComparator = errors.New("invalid comparator")
 
+	// ErrMissingMemberIDs indicates missing member ids.
+	ErrMissingMemberIDs = errors.New("missing member ids")
+
 	// ErrMissingMemberType indicates missing group member type.
 	ErrMissingMemberType = errors.New("missing group member type")
 

apidocs/openapi/clients.yml

@@ -520,6 +520,36 @@ paths:
         "500":
           $ref: "#/components/responses/ServiceError"
 
+  /{domainID}/clients/{clientID}/roles/members:
+    get:
+      operationId: getClientMembers
+      tags:
+        - Roles
+      summary: Retrieves client members from all roles.
+      description: |
+        Retrieves members from role for the specific client.
+      parameters:
+        - $ref: "auth.yml#/components/parameters/DomainID"
+        - $ref: "#/components/parameters/clientID"
+      security:
+        - bearerAuth: []
+      responses:
+        "200":
+          $ref: "./schemas/roles.yml#/components/responses/ListEntityMembersRes"
+        "400":
+          description: Failed due to malformed query parameters.
+        "401":
+          description: |
+            Missing or invalid access token provided.
+        "403":
+          description: Failed to perform authorization over the entity.
+        "404":
+          description: A non-existent entity request.
+        "422":
+          description: Database can't process request.
+        "500":
+          $ref: "#/components/responses/ServiceError"
+
   /{domainID}/clients/{clientID}/roles/{roleID}:
     get:
       operationId: getClientRole

apidocs/openapi/domains.yml

@@ -379,6 +379,35 @@ paths:
         "500":
           $ref: "#/components/responses/ServiceError"
 
+  /domain/{domainID}/roles/members:
+    get:
+      operationId: getDomainMembers
+      tags:
+        - Roles
+      summary: Retrieves domain members from all roles.
+      description: |
+        Retrieves members from role for the specific domain.
+      parameters:
+        - $ref: "auth.yml#/components/parameters/DomainID"
+      security:
+        - bearerAuth: []
+      responses:
+        "200":
+          $ref: "./schemas/roles.yml#/components/responses/ListEntityMembersRes"
+        "400":
+          description: Failed due to malformed query parameters.
+        "401":
+          description: |
+            Missing or invalid access token provided.
+        "403":
+          description: Failed to perform authorization over the entity.
+        "404":
+          description: A non-existent entity request.
+        "422":
+          description: Database can't process request.
+        "500":
+          $ref: "#/components/responses/ServiceError"
+
   /domains/{domainID}/roles/{roleID}/actions:
     post:
       operationId: addDomainRoleAction

apidocs/openapi/groups.yml

@@ -564,6 +564,36 @@ paths:
         "500":
           $ref: "#/components/responses/ServiceError"
 
+  /{domainID}/groups/{groupID}/roles/members:
+    get:
+      operationId: getGroupMembers
+      tags:
+        - Roles
+      summary: Retrieves group members from all roles.
+      description: |
+        Retrieves members from role for the specific group.
+      parameters:
+        - $ref: "auth.yml#/components/parameters/DomainID"
+        - $ref: "#/components/parameters/GroupID"
+      security:
+        - bearerAuth: []
+      responses:
+        "200":
+          $ref: "./schemas/roles.yml#/components/responses/ListEntityMembersRes"
+        "400":
+          description: Failed due to malformed query parameters.
+        "401":
+          description: |
+            Missing or invalid access token provided.
+        "403":
+          description: Failed to perform authorization over the entity.
+        "404":
+          description: A non-existent entity request.
+        "422":
+          description: Database can't process request.
+        "500":
+          $ref: "#/components/responses/ServiceError"
+
   /{domainID}/groups/{groupID}/roles/{roleID}:
     get:
       operationId: getGroupRole

apidocs/openapi/schemas/roles.yml

@@ -135,6 +135,31 @@ components:
           example: 10
           description: Maximum number of items to return in one page.
 
+    EntityMembersPage:
+      type: object
+      properties:
+        groups:
+          type: array
+          minItems: 0
+          uniqueItems: true
+          items:
+            $ref: "#/components/schemas/EntityMembersObj"
+        total:
+          type: integer
+          example: 1
+          description: Total number of items.
+        offset:
+          type: integer
+          description: Number of items to skip during retrieval.
+        limit:
+          type: integer
+          example: 10
+          description: Maximum number of items to return in one page.
+      required:
+        - groups
+        - total
+        - offset
+
     RoleActionsObj:
       type: object
       properties:
@@ -163,6 +188,57 @@ components:
               "c01ed106-e52d-4aa4-bed3-39f360177cfa",
             ]
 
+    EntityMembersObj:
+      type: object
+      properties:
+        members:
+          type: array
+          description: List of members with assigned roles and actions.
+          items:
+            type: object
+            properties:
+              id:
+                type: string
+                format: uuid
+                description: Unique identifier of the member.
+              roles:
+                type: array
+                description: List of roles assigned to the member.
+                items:
+                  type: object
+                  properties:
+                    id:
+                      type: string
+                      format: uuid
+                      description: Unique identifier of the role.
+                    name:
+                      type: string
+                      description: Name of the role.
+                    actions:
+                      type: array
+                      description: List of actions the member can perform.
+                      items:
+                        type: string
+                    access_type:
+                      type: string
+                      description: Type of access granted.
+                      enum: [read, write, admin] # Adjust based on your actual access types.
+          example:
+            members:
+              - id: "5dc1ce4b-7cc9-4f12-98a6-9d74cc4980bb"
+                roles:
+                  - id: "a1b2c3d4-e5f6-7890-1234-56789abcdef0"
+                    name: "Admin"
+                    actions: ["create", "update", "delete"]
+                    access_type: "admin"
+              - id: "c01ed106-e52d-4aa4-bed3-39f360177cfa"
+                roles:
+                  - id: "b2c3d4e5-f678-9012-3456-789abcdef012"
+                    name: "Editor"
+                    actions: ["read", "update"]
+                    access_type: "write"
+
+
     AvailableActionsObj:
       type: object
       properties:
@@ -284,3 +360,11 @@ components:
         application/json:
           schema:
             $ref: '#/components/schemas/AvailableActionsObj'
+
+
+    ListEntityMembersRes:
+      description: Entity members retrieved successfully.
+      content:
+        application/json:
+          schema:
+            $ref: '#/components/schemas/EntityMembersObj'