Conversation
Add helper that returns the organization IDs a user manages. The helper checks both OrganizationMember.role=manager and Organization.manager_id and returns a deduplicated list of IDs. Also exposes an optional FastAPI dependency and adds tests for org scope resolution.
joaocarvoli
reviewed
Mar 17, 2026
app/core/org_scope.py
Outdated
|
|
||
|
|
||
| async def get_managed_org_ids(db: AsyncSession, user_id: str) -> list[str]: | ||
| """Return deduplicated org IDs that *user_id* manages. |
Member
There was a problem hiding this comment.
you should not add comments on the code
joaocarvoli
reviewed
Mar 17, 2026
app/core/org_scope.py
Outdated
| db: AsyncSession = Depends(get_db), | ||
| user: User = Depends(get_current_user), | ||
| ) -> list[str]: | ||
| """FastAPI dependency - resolves managed org IDs for the authenticated user.""" |
joaocarvoli
reviewed
Mar 17, 2026
app/core/org_scope.py
Outdated
|
|
||
| from_members = select(OrganizationMember.organization_id.label("org_id")).where( | ||
| OrganizationMember.user_id == user_id, | ||
| OrganizationMember.role == "manager", |
Member
There was a problem hiding this comment.
instead of use a pure string for a static comparison, consider to create an enum like this:
class Roles(Enum):
MANAGER = "manager"and in the code you should do something like this: OrganizationMember.role == Roles.MANAGER
joaocarvoli
requested changes
Mar 17, 2026
Member
There was a problem hiding this comment.
Try to understand why you did change many files and its previous and current version are the same like the access_control, auth_cache, auth_middleware, config, database and so on... Maybe the reason is the ruff but does not make too much sense because the previous deployed actions were working successfully without issues.
- Introduce Roles enum with MANAGER value - Replace static string comparison with Roles.MANAGER - Remove unnecessary comments
* organize imports in org model to satisfy Ruff (I001) * replace Enum inheritance with StrEnum for MemberRole (UP042)
…t-resolves-which-organizations-a
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR introduces a reusable helper to resolve which organizations a user manages.
A new module
org_scope.pywas added with the functionget_managed_org_ids,which queries both
OrganizationMember.role="manager"andOrganization.manager_id.The results are merged and returned as a deduplicated list of organization IDs.
An optional FastAPI dependency was also added along with tests to validate
the organization scope resolution logic.