[FEAT]: API ENDPOINT TO ASSIGN USER'S ROLE IN AN ORGANISATION

olamstevy commented 1 month ago

Description

Develop an API endpoint that allows only superadmins or admins including organisation owner to assign roles to other active users in an organisation. Users can only have a role such as admin, guest, or member.

Purpose

The endpoint provides superadmins, including organistion owners with the right to assign roles to users in an organisation.

Acceptance Criteria

[ ] The endpoint should be accesible at /api/v1/organisations/{org_id}/users/{user_id}/roles.
[ ] The endpoint should accept HTTP POST request for assigning a role.
[ ] Only superadmins, admins and owners are authorized to assign a role to a users in an organisation.
[ ] The endpoint should ensure that a role is provided in the request.
[ ] The role, user_id and org_id fields must be validated.
[ ] A 201 OK status code must be returned when the request is sucessful.
[ ] Handle cases where the provided data is not valid.
[ ] Handle all failed request with the appropriate error messages and status code.

Requirements

Superadmins, admins and owners must be authenticated and authorized to assign roles.
The organisation ID and user ID and a valid role must be provided.

Database Schema

Table UserOrganisationRoles {
    "id": String,
    "user_id": String,
    "organisation_id": String,
    "role": String,
    "created_at": Timestamp,
    "updated_at": Timestamp,
}

Endpoints

Requests

Assign a role to a user in an organisation Method: POST Endpoint URL: /api/v1/organisations/{org_id}/users/{user_id}/roles Authorization Header: "Authorization": "Bearer abc123ABC123abd...." Request Body:

{
    "role": String
}

Response

Successful Response when a user has been assigned a role.

{
    "message": "[firstName] [lastName] has successfully been added to the [role] role",
    "status_code": 201,
    "data": {
        "user": {},
        "org": {}
        "role": "[role]"
    }
}

Failed Validation Response

{
    "message": "Invalid data",
    "status_code": 422,
    "data": [
        {
            "field": String,
            "validationMessage": String
        },
    ]
}

Failed Authorization Response

{
    "message": "You are not authorized to manage user roles",
    "status_code": 401,
}

Testing

[ ] Write unit test to cover various scenarios.
[ ] Write integration test to cover various scenarios.

Documentation

The endpoint should be documented containing use cases with accurate response and error messages

Expected Outcome

Admins in an organisation can securely assign roles to members and guests.

markessien commented 1 month ago

the endpoint is wrong, as you have two different functionalities, one to manage roles and another to assign roles to users. this is ambigious

highb33kay commented 1 month ago

@olamstevy This is still two endpoints in one Ticket. Please break into two and go into more detail.

See #235

also add the Schema so we see what you are working with before second approval

highb33kay commented 1 month ago

Please share second ticket with someone else or create it and share with me

hngprojects / hng_boilerplate_nestjs