(ctx context.Context, req *adminv1.ListUsergroupsForProjectAndUserRequest)
| 697 | } |
| 698 | |
| 699 | func (s *Server) ListUsergroupsForProjectAndUser(ctx context.Context, req *adminv1.ListUsergroupsForProjectAndUserRequest) (*adminv1.ListUsergroupsForProjectAndUserResponse, error) { |
| 700 | observability.AddRequestAttributes(ctx, |
| 701 | attribute.String("args.org", req.Org), |
| 702 | attribute.String("args.project", req.Project), |
| 703 | attribute.String("args.email", req.Email), |
| 704 | ) |
| 705 | |
| 706 | proj, err := s.admin.DB.FindProjectByName(ctx, req.Org, req.Project) |
| 707 | if err != nil { |
| 708 | return nil, err |
| 709 | } |
| 710 | |
| 711 | if !auth.GetClaims(ctx).ProjectPermissions(ctx, proj.OrganizationID, proj.ID).ReadProjectMembers { |
| 712 | return nil, status.Error(codes.PermissionDenied, "not allowed to read project members") |
| 713 | } |
| 714 | |
| 715 | user, err := s.admin.DB.FindUserByEmail(ctx, req.Email) |
| 716 | if err != nil { |
| 717 | if errors.Is(err, database.ErrNotFound) { |
| 718 | return nil, status.Error(codes.NotFound, "user not found") |
| 719 | } |
| 720 | return nil, err |
| 721 | } |
| 722 | |
| 723 | usergroups, err := s.admin.DB.FindProjectMemberUsergroupsForUser(ctx, proj.ID, user.ID) |
| 724 | if err != nil { |
| 725 | return nil, err |
| 726 | } |
| 727 | |
| 728 | return &adminv1.ListUsergroupsForProjectAndUserResponse{ |
| 729 | Usergroups: memberUsergroupsToPB(usergroups), |
| 730 | }, nil |
| 731 | } |
| 732 | |
| 733 | func (s *Server) RemoveUsergroupMemberUser(ctx context.Context, req *adminv1.RemoveUsergroupMemberUserRequest) (*adminv1.RemoveUsergroupMemberUserResponse, error) { |
| 734 | observability.AddRequestAttributes(ctx, |
nothing calls this directly
no test coverage detected