[owl] Implement endpoints to update owner (#864)

Author: jiahuei

clients/python/src/jamaibase/client.py

@@ -1278,6 +1278,19 @@ async def update_organization(
             **kwargs,
         )
 
+    async def update_owner(
+        self,
+        new_owner_id: str,
+        organization_id: str,
+        **kwargs,
+    ) -> OrganizationRead:
+        return await self._patch(
+            "/v1/organizations/owner",
+            params=dict(organization_id=organization_id, new_owner_id=new_owner_id),
+            response_model=OrganizationRead,
+            **kwargs,
+        )
+
     async def delete_organization(
         self,
         organization_id: str,
@@ -1697,6 +1710,19 @@ async def update_project(
             **kwargs,
         )
 
+    async def update_owner(
+        self,
+        new_owner_id: str,
+        project_id: str,
+        **kwargs,
+    ) -> ProjectRead:
+        return await self._patch(
+            "/v1/projects/owner",
+            params=dict(project_id=project_id, new_owner_id=new_owner_id),
+            response_model=ProjectRead,
+            **kwargs,
+        )
+
     async def delete_project(
         self,
         project_id: str,
@@ -4605,6 +4631,18 @@ def delete_organization(
             super().delete_organization(organization_id, missing_ok=missing_ok, **kwargs)
         )
 
+    def update_owner(
+        self,
+        new_owner_id: str,
+        organization_id: str,
+        **kwargs,
+    ) -> OrganizationRead:
+        return LOOP.run(
+            super().update_owner(
+                new_owner_id=new_owner_id, organization_id=organization_id, **kwargs
+            )
+        )
+
     def join_organization(
         self,
         user_id: str,
@@ -4963,6 +5001,16 @@ def delete_project(
     ) -> OkResponse:
         return LOOP.run(super().delete_project(project_id, missing_ok=missing_ok, **kwargs))
 
+    def update_owner(
+        self,
+        new_owner_id: str,
+        project_id: str,
+        **kwargs,
+    ) -> ProjectRead:
+        return LOOP.run(
+            super().update_owner(new_owner_id=new_owner_id, project_id=project_id, **kwargs)
+        )
+
     def join_project(
         self,
         user_id: str,

services/api/src/owl/routers/organizations/oss.py

@@ -346,6 +346,67 @@ async def delete_organization(
     return OkResponse()
 
 
+@router.patch(
+    "/v1/organizations/owner",
+    summary="Transfer organization ownership to another user.",
+    description="Permissions: Only the owner of the organization can transfer its ownership.",
+)
+@handle_exception
+async def update_organization_owner(
+    request: Request,
+    user: Annotated[UserAuth, Depends(auth_user_service_key)],
+    session: Annotated[AsyncSession, Depends(yield_async_session)],
+    new_owner_id: Annotated[str, Query(min_length=1, description="New owner User ID.")],
+    organization_id: Annotated[str, Query(min_length=1, description="Organization ID.")],
+) -> OrganizationReadDecrypt:
+    # Fetch
+    organization = await session.get(Organization, organization_id)
+    if organization is None:
+        raise ResourceNotFoundError(f'Organization "{organization_id}" is not found.')
+    new_owner_user = await session.get(User, new_owner_id)
+    if new_owner_user is None:
+        raise ResourceNotFoundError(f'User "{new_owner_id}" is not found.')
+
+    # Check if user is the owner
+    if organization.owner != user.id:
+        raise ForbiddenError("Only the owner can transfer the ownership of an organization.")
+
+    if organization.owner == new_owner_id:
+        return organization
+
+    # Check if the new owner exist and is a member of the organization
+    new_owner_membership = await session.get(OrgMember, (new_owner_id, organization_id))
+    if new_owner_membership is None:
+        raise ForbiddenError("The new owner is not a member of this organization.")
+
+    # Promote new owner to ADMIN
+    # Update organization
+    new_owner_membership.role = Role.ADMIN
+    organization.owner = new_owner_id
+    organization.updated_at = now()
+    session.add(new_owner_membership)
+    session.add(organization)
+    await session.commit()
+    await session.refresh(organization)
+
+    logger.bind(user_id=user.id, org_id=organization_id).success(
+        (
+            f'{user.name} ({user.email}) transferred the ownership of organization "{organization.name}" ({organization_id}) '
+            f"to {new_owner_user.name} ({new_owner_user.email}). ({request.state.id})"
+        )
+    )
+    logger.bind(user_id=new_owner_id, org_id=organization_id).success(
+        (
+            f'{user.name} ({user.email}) transferred the ownership of organization "{organization.name}" ({organization_id}) '
+            f"to you. ({request.state.id})"
+        )
+    )
+
+    # Clear cache
+    await CACHE.refresh_organization_async(organization_id, session)
+    return organization
+
+
 @router.post(
     "/v2/organizations/members",
     summary="Join an organization.",
@@ -546,7 +607,7 @@ async def leave_organization(
     organization = await session.get(Organization, organization_id)
     if organization is None:
         raise ResourceNotFoundError(f'Organization "{organization_id}" is not found.')
-    if user_id == organization.created_by:
+    if user_id == organization.owner:
         raise ForbiddenError("Owner cannot leave the organization.")
     org_member = await session.get(OrgMember, (user_id, organization_id))
     if org_member is None:

services/api/src/owl/routers/projects/oss.py

@@ -341,6 +341,64 @@ async def delete_project(
     return OkResponse()
 
 
+@router.patch(
+    "/v1/projects/owner",
+    summary="Transfer project ownership to another user.",
+    description="Permissions: Only the owner of the project can transfer its ownership.",
+)
+@handle_exception
+async def update_project_owner(
+    request: Request,
+    user: Annotated[UserAuth, Depends(auth_user)],
+    session: Annotated[AsyncSession, Depends(yield_async_session)],
+    new_owner_id: Annotated[str, Query(min_length=1, description="New owner User ID.")],
+    project_id: Annotated[str, Query(min_length=1, description="Project ID.")],
+) -> ProjectRead:
+    # Fetch
+    project = await session.get(Project, project_id)
+    if project is None:
+        raise ResourceNotFoundError(f'Project "{project_id}" is not found.')
+    new_owner_user = await session.get(User, new_owner_id)
+    if new_owner_user is None:
+        raise ResourceNotFoundError(f'User "{new_owner_id}" is not found.')
+
+    # Check if user is the owner
+    if project.owner != user.id:
+        raise ForbiddenError("Only the owner can transfer the ownership of a project.")
+
+    if project.owner == new_owner_id:
+        return project
+
+    # Check if the new owner exist and is a member of the project
+    new_owner_membership = await session.get(ProjectMember, (new_owner_id, project_id))
+    if new_owner_membership is None:
+        raise ForbiddenError("The new owner is not a member of this project.")
+
+    # Promote new owner to ADMIN
+    # Update project
+    new_owner_membership.role = Role.ADMIN
+    project.owner = new_owner_id
+    project.updated_at = now()
+    session.add(new_owner_membership)
+    session.add(project)
+    await session.commit()
+    await session.refresh(project)
+
+    logger.bind(user_id=user.id, org_id=project.organization_id, proj_id=project_id).success(
+        (
+            f'{user.name} ({user.email}) transferred the ownership of project "{project.name}" ({project_id}) '
+            f"to {new_owner_user.name} ({new_owner_user.email}). ({request.state.id})"
+        )
+    )
+    logger.bind(user_id=new_owner_id, org_id=project.organization_id, proj_id=project_id).success(
+        (
+            f'{user.name} ({user.email}) transferred the ownership of project "{project.name}" ({project_id}) '
+            f"to you. ({request.state.id})"
+        )
+    )
+    return project
+
+
 @router.post(
     "/v2/projects/members",
     summary="Join a project.",
@@ -555,6 +613,8 @@ async def leave_project(
     project = await session.get(Project, project_id)
     if project is None:
         raise ResourceNotFoundError(f'Project "{project_id}" is not found.')
+    if user_id == project.owner:
+        raise ForbiddenError("Owner cannot leave the project.")
     if user.id != user_id:
         has_permissions(
             user,

services/api/src/owl/routers/users/oss.py

@@ -9,6 +9,7 @@
 from owl.db.models import (
     Organization,
     OrgMember,
+    Project,
     ProjectMember,
     User,
 )
@@ -24,6 +25,7 @@
 from owl.utils.auth import auth_service_key, auth_user_service_key, has_permissions
 from owl.utils.dates import now
 from owl.utils.exceptions import (
+    BadInputError,
     ResourceExistsError,
     ResourceNotFoundError,
     handle_exception,
@@ -173,6 +175,23 @@ async def delete_user(
     user = await session.get(User, user.id)
     if user is None:
         raise ResourceNotFoundError(f'User "{user.id}" is not found.')
+    # Block if the user is owner of any organizations or projects
+    num_owned_projs = (
+        await session.exec(select(func.count(Project.id)).where(Project.owner == user.id))
+    ).one()
+    if num_owned_projs > 0:
+        raise BadInputError(
+            f"Unable to delete user since there are still {num_owned_projs:,d} projects with the user as owner."
+        )
+    num_owned_orgs = (
+        await session.exec(
+            select(func.count(Organization.id)).where(Organization.owner == user.id)
+        )
+    ).one()
+    if num_owned_orgs > 0:
+        raise BadInputError(
+            f"Unable to delete user since there are still {num_owned_orgs:,d} organizations with the user as owner."
+        )
     org_ids = [m.organization_id for m in user.org_memberships]
     # Delete all related resources
     logger.info(f'{request.state.id} - Deleting user: "{user.id}"')

services/api/tests/routers/test_organizations.py

@@ -298,6 +298,84 @@ def test_delete_org_permission():
             client.organizations.delete_organization(ctx.superorg.id, missing_ok=False)
 
 
+def test_update_organization_owner():
+    with (
+        setup_organizations() as ctx,
+        create_user(dict(email="[email protected]", name="Claudia Tiedemann")) as org_admin,
+    ):
+        first_owner_client = JamAI(user_id=ctx.user.id)
+        org_admin_client = JamAI(user_id=org_admin.id)
+
+        # Should fail because organization does not exist
+        with pytest.raises(ResourceNotFoundError, match="is not found."):
+            first_owner_client.organizations.update_owner(
+                new_owner_id="fake", organization_id=ctx.org.id
+            )
+
+        # Should fail because new owner is not a current member of the organization
+        with pytest.raises(
+            ForbiddenError, match="The new owner is not a member of this organization"
+        ):
+            first_owner_client.organizations.update_owner(
+                new_owner_id=org_admin.id, organization_id=ctx.org.id
+            )
+
+        # Should fail because the User sending the request is not the owner.
+        membership = first_owner_client.organizations.join_organization(
+            org_admin.id, organization_id=ctx.org.id, role=Role.ADMIN
+        )
+        assert isinstance(membership, OrgMemberRead)
+
+        with pytest.raises(
+            ForbiddenError, match="Only the owner can transfer the ownership of an organization."
+        ):
+            org_admin_client.organizations.update_owner(
+                new_owner_id=org_admin.id, organization_id=ctx.org.id
+            )
+
+        # Should return the same org since the new owner id is the same as the current one
+        first_owner_client.organizations.update_owner(
+            new_owner_id=ctx.user.id, organization_id=ctx.org.id
+        )
+
+        # Should succeed since the new owner is now a member of the organization
+        new_org = first_owner_client.organizations.update_owner(
+            new_owner_id=org_admin.id, organization_id=ctx.org.id
+        )
+        assert new_org.model_dump(
+            exclude=["owner", "updated_at", "credit_grant"]
+        ) == ctx.org.model_dump(exclude=["owner", "updated_at", "credit_grant"])
+        assert new_org.owner != ctx.org.owner
+        assert new_org.updated_at != ctx.org.updated_at
+        assert new_org.owner == org_admin.id
+
+        # Should fail because this user is no longer the owner
+        with pytest.raises(
+            ForbiddenError, match="Only the owner can transfer the ownership of an organization."
+        ):
+            first_owner_client.organizations.update_owner(
+                new_owner_id=org_admin.id, organization_id=ctx.org.id
+            )
+        # New owner will be ADMIN
+        membership = org_admin_client.organizations.get_member(
+            user_id=org_admin.id, organization_id=ctx.org.id
+        )
+        assert isinstance(membership, OrgMemberRead)
+        assert membership.role == Role.ADMIN
+
+        # Should fail because this is the last membership for this user and he is the current owner of the organization
+        with pytest.raises(ForbiddenError, match="Owner cannot leave the organization."):
+            org_admin_client.organizations.leave_organization(org_admin.id, ctx.org.id)
+
+        # Return the organization to the first owner
+        org_admin_client.organizations.update_owner(
+            new_owner_id=ctx.user.id, organization_id=ctx.org.id
+        )
+
+        # Should succeed after returning the organization to the old owner.
+        org_admin_client.organizations.leave_organization(org_admin.id, ctx.org.id)
+
+
 def test_organisation_model_catalogue():
     """
     Test listing model configs: