✨ Add owner id to team (#135)

* Add owner to team

* Check if user owns any team

* Move to is_personal_team on team

* Remove unneeded delete

* Remove redundant args

* Update things after merge

* Fix delete

* Use hybrid property

* Update backend/app/models.py

Co-authored-by: Sebastián Ramírez <[email protected]>

* Lint

---------

Co-authored-by: Sebastián Ramírez <[email protected]>

Author: patrick91

backend/app/alembic/versions/a63c538f8962_add_created_at_to_team.py

@@ -0,0 +1,37 @@
+"""Add created_at to team
+
+Revision ID: a63c538f8962
+Revises: 89c9a00d523e
+Create Date: 2024-07-23 11:08:12.380446
+
+"""
+from alembic import op
+import sqlalchemy as sa
+import sqlmodel.sql.sqltypes
+
+
+# revision identifiers, used by Alembic.
+revision = 'a63c538f8962'
+down_revision = '89c9a00d523e'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.add_column('team', sa.Column('owner_id', sa.Uuid(), nullable=False))
+    op.add_column('team', sa.Column('is_personal_team', sa.Boolean(), nullable=False))
+    op.create_foreign_key(None, 'team', 'user', ['owner_id'], ['id'], ondelete='CASCADE')
+    op.drop_constraint('user_personal_team_id_fkey', 'user', type_='foreignkey')
+    op.drop_column('user', 'personal_team_id')
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.add_column('user', sa.Column('personal_team_id', sa.UUID(), autoincrement=False, nullable=True))
+    op.create_foreign_key('user_personal_team_id_fkey', 'user', 'team', ['personal_team_id'], ['id'])
+    op.drop_constraint(None, 'team', type_='foreignkey')
+    op.drop_column('team', 'is_personal_team')
+    op.drop_column('team', 'owner_id')
+    # ### end Alembic commands ###

backend/app/api/routes/teams.py

@@ -78,7 +78,9 @@ def create_team(
     """
     team_slug = verify_and_generate_slug_name(team_in.name, session)
 
-    team = Team.model_validate(team_in, update={"slug": team_slug})
+    team = Team.model_validate(
+        team_in, update={"slug": team_slug, "owner_id": current_user.id}
+    )
     user_team = UserTeamLink(user=current_user, team=team, role=Role.admin)
     session.add(user_team)
     session.commit()
@@ -145,7 +147,9 @@ def delete_team(
 
     team = link.team
 
-    if team.id == current_user.personal_team_id:
+    assert current_user.personal_team
+
+    if team.id == current_user.personal_team.id:
         raise HTTPException(
             status_code=400, detail="You cannot delete your personal team"
         )

backend/app/api/routes/users.py

@@ -127,6 +127,13 @@ def delete_user_me(session: SessionDep, current_user: CurrentUser) -> Any:
     """
     Delete own user.
     """
+    if len(current_user.owned_teams) > 1:
+        raise HTTPException(
+            status_code=400,
+            detail="You cannot delete your account while you have more than one team",
+        )
+
+    session.delete(current_user.personal_team)
     session.delete(current_user)
     session.commit()
     email_data = generate_account_deletion_email(email_to=current_user.email)
@@ -199,11 +206,10 @@ def verify_email_token(session: SessionDep, payload: EmailVerificationToken) ->
         raise HTTPException(status_code=400, detail="Email already verified")
 
     team_slug = verify_and_generate_slug_name(session=session, name=user.username)
-    team = Team(name=user.full_name, slug=team_slug)
+    team = Team(name=user.full_name, slug=team_slug, owner=user, is_personal_team=True)
     user_team_link = UserTeamLink(team=team, user=user, role=Role.admin)
 
     user.is_verified = True
-    user.personal_team = team
 
     session.add(user)
     session.add(user_team_link)

backend/app/core/db.py

@@ -32,8 +32,9 @@ def init_db(session: Session) -> None:
             full_name=settings.FIRST_SUPERUSER_FULL_NAME,
         )
         user = crud.create_user(session=session, user_create=user_in, is_verified=True)
-        team = Team(name=user.full_name, slug=user.username)
+        team = Team(
+            name=user.full_name, slug=user.username, owner=user, is_personal_team=True
+        )
         user_team_link = UserTeamLink(user=user, team=team, role=Role.admin)
-        user.personal_team = team
         session.add(user_team_link)
         session.commit()

backend/app/models.py

@@ -1,9 +1,9 @@
 import uuid
 from datetime import datetime
 from enum import Enum
-from typing import Optional
 
-from pydantic import EmailStr
+from pydantic import EmailStr, computed_field
+from sqlalchemy.ext.hybrid import hybrid_property
 from sqlmodel import Field, Relationship, SQLModel
 
 from app.utils import get_datetime_utc
@@ -73,17 +73,19 @@ class User(UserBase, table=True):
     username: str = Field(unique=True, index=True, max_length=255)
     is_verified: bool = False
 
-    personal_team_id: uuid.UUID | None = Field(
-        foreign_key="team.id", nullable=True, default=None
-    )
-    personal_team: Optional["Team"] = Relationship()
+    owned_teams: list["Team"] = Relationship(back_populates="owner")
 
     team_links: list[UserTeamLink] = Relationship(back_populates="user")
     invitations_sent: list["Invitation"] = Relationship(
         back_populates="sender",
         sa_relationship_kwargs={"foreign_keys": "[Invitation.invited_by_id]"},
     )
 
+    @computed_field
+    @hybrid_property
+    def personal_team(self) -> "Team | None":
+        return next((team for team in self.owned_teams if team.is_personal_team), None)
+
 
 # Used for the current user
 class UserMePublic(UserBase):
@@ -144,6 +146,10 @@ class Team(TeamBase, table=True):
     id: uuid.UUID = Field(default_factory=uuid.uuid4, primary_key=True)
     slug: str = Field(unique=True, index=True, max_length=255)
 
+    owner_id: uuid.UUID = Field(foreign_key="user.id", ondelete="CASCADE")
+    owner: User = Relationship(back_populates="owned_teams")
+    is_personal_team: bool = False
+
     user_links: list[UserTeamLink] = Relationship(back_populates="team")
     invitations: list["Invitation"] = Relationship(back_populates="team")
 

backend/app/tests/api/routes/test_teams.py

@@ -8,7 +8,11 @@
 from app.crud import add_user_to_team
 from app.models import Role, Team, UserTeamLink
 from app.tests.utils.team import create_random_team
-from app.tests.utils.user import create_user, user_authentication_headers
+from app.tests.utils.user import (
+    create_random_user,
+    create_user,
+    user_authentication_headers,
+)
 
 
 def test_read_teams(client: TestClient, db: Session) -> None:
@@ -164,13 +168,20 @@ def test_create_team(client: TestClient, db: Session) -> None:
 
 
 def test_create_team_name_exists_new_created(client: TestClient, db: Session) -> None:
+    user = create_random_user(db)
+
     user_auth_headers = user_authentication_headers(
         client=client,
         email=settings.FIRST_SUPERUSER,
         password=settings.FIRST_SUPERUSER_PASSWORD,
     )
 
-    team = Team(name="test copy", description="test description", slug="test-copy")
+    team = Team(
+        name="test copy",
+        description="test description",
+        slug="test-copy",
+        owner_id=user.id,
+    )
     db.add(team)
     db.commit()
 
@@ -393,23 +404,25 @@ def test_delete_team_not_enough_permissions(client: TestClient, db: Session) ->
 
 
 def test_delete_personal_team_forbidden(client: TestClient, db: Session) -> None:
-    team = create_random_team(db)
     user = create_user(
         session=db,
         email="[email protected]",
         password="test12345",
         full_name="default-org",
         is_verified=True,
     )
-    add_user_to_team(session=db, user=user, team=team, role=Role.admin)
-    user.personal_team_id = team.id
     db.add(user)
     db.commit()
 
     user_auth_headers = user_authentication_headers(
         client=client, email="[email protected]", password="test12345"
     )
 
+    assert user.personal_team is not None
+
+    team = user.personal_team
+    add_user_to_team(session=db, user=user, team=team, role=Role.admin)
+
     response = client.delete(
         f"{settings.API_V1_STR}/teams/{team.slug}",
         headers=user_auth_headers,

backend/app/tests/api/routes/test_users.py

@@ -256,15 +256,14 @@ def test_register_user_empty_full_name(client: TestClient) -> None:
     assert data["detail"][0]["msg"] == "String should have at least 3 characters"  # type: ignore
 
 
-def test_delete_user_me(client: TestClient, db: Session) -> None:
+def test_delete_user_me_only_personal_team(client: TestClient, db: Session) -> None:
     username = random_email()
     password = random_lower_string()
     full_name = random_lower_string()
-    team = create_random_team(db)
     user_in = UserCreate(email=username, password=password, full_name=full_name)
     user = crud.create_user(session=db, user_create=user_in, is_verified=True)
+    create_random_team(db, owner_id=user.id, is_personal_team=True)
     user_id = user.id
-    user.personal_team = team
     db.add(user)
     db.commit()
 
@@ -288,6 +287,40 @@ def test_delete_user_me(client: TestClient, db: Session) -> None:
     assert result is None
 
 
+def test_delete_user_me_owns_more_teams(client: TestClient, db: Session) -> None:
+    username = random_email()
+    password = random_lower_string()
+    full_name = random_lower_string()
+    user_in = UserCreate(email=username, password=password, full_name=full_name)
+    user = crud.create_user(session=db, user_create=user_in, is_verified=True)
+    create_random_team(db, owner_id=user.id, is_personal_team=True)
+    db.add(user)
+    db.commit()
+
+    # adding another team owned by the user
+    create_random_team(db, owner_id=user.id)
+
+    login_data = {
+        "username": username,
+        "password": password,
+    }
+    r = client.post(f"{settings.API_V1_STR}/login/access-token", data=login_data)
+    tokens = r.json()
+    a_token = tokens["access_token"]
+    headers = {"Authorization": f"Bearer {a_token}"}
+
+    r = client.delete(
+        f"{settings.API_V1_STR}/users/me",
+        headers=headers,
+    )
+    assert r.status_code == 400
+    deleted_user = r.json()
+    assert (
+        deleted_user["detail"]
+        == "You cannot delete your account while you have more than one team"
+    )
+
+
 def test_verify_email(client: TestClient, db: Session) -> None:
     email = random_email()
     password = random_lower_string()
@@ -316,4 +349,5 @@ def test_verify_email(client: TestClient, db: Session) -> None:
     assert team_link.team.name == user.full_name
     assert team_link.team.slug == user.username
 
-    assert user.personal_team_id == team_link.team.id
+    assert user.personal_team
+    assert user.personal_team.id == team_link.team.id

backend/app/tests/utils/team.py

@@ -1,16 +1,28 @@
 import secrets
+import uuid
 
 from sqlmodel import Session
 
 from app.models import Team
 from app.tests.utils.utils import random_lower_string
 
 
-def create_random_team(db: Session) -> Team:
+def create_random_team(
+    db: Session, owner_id: uuid.UUID | None = None, is_personal_team: bool = False
+) -> Team:
+    from app.tests.utils.user import create_random_user
+
+    owner_id = owner_id or create_random_user(db).id
     name = random_lower_string()
     slug = f"{name}-{secrets.token_hex(4)}"
     description = random_lower_string()
-    team_in = Team(name=name, description=description, slug=slug)
+    team_in = Team(
+        name=name,
+        description=description,
+        slug=slug,
+        owner_id=owner_id,
+        is_personal_team=is_personal_team,
+    )
     db.add(team_in)
     db.commit()
     db.refresh(team_in)

backend/app/tests/utils/user.py

@@ -28,9 +28,8 @@ def create_user(
         session=session, user_create=user_in, is_verified=is_verified
     )
 
-    team = create_random_team(session)
+    create_random_team(session, owner_id=user.id, is_personal_team=True)
 
-    user.personal_team = team
     session.add(user)
     session.commit()
 
@@ -63,10 +62,9 @@ def authentication_token_from_email(
             session=db, user_create=user_in_create, is_verified=True
         )
 
-        team = create_random_team(db)
+        team = create_random_team(db, owner_id=user.id, is_personal_team=True)
         crud.add_user_to_team(session=db, user=user, team=team, role=Role.admin)
 
-        user.personal_team = team
         db.add(user)
         db.commit()
     else:

frontend/src/components/Common/SidebarItems.tsx

@@ -21,6 +21,7 @@ import {
   FaHome,
   FaQuestionCircle,
   FaTools,
+  FaObjectGroup,
 } from "react-icons/fa"
 
 import { useCurrentUser } from "../../hooks/useAuth"
@@ -69,6 +70,13 @@ const getSidebarItems = ({ team }: { team: string }): Array<Item> => {
         params: { team },
       }),
     },
+    {
+      icon: FaObjectGroup,
+      title: "Teams",
+      ...link({
+        to: "/teams/all",
+      }),
+    },
     {
       icon: FaCog,
       title: "Settings",