fix: fix group api

2026-03-29 16:33:37 +03:30 · 2026-03-29 16:33:37 +03:30 · 6d687e7361
commit 6d687e7361
parent 071eeb0bfa
2 changed files with 33 additions and 6 deletions
--- a/Back/domains/groups/api/client.py
+++ b/Back/domains/groups/api/client.py
@ -8,14 +8,15 @@ from domains.groups.schemas import (
    GroupCreate,
    GroupResponse,
    AddMemberRequest,
-    GroupMemberResponse
+    GroupMemberResponse,
 )
 from domains.groups.service import (
    create_user_group,
    list_user_groups,
    list_group_members_api,
    invite_member_to_group,
-    delete_group_service
+    delete_group_service,
+    remove_member_from_group
 )

 router = APIRouter(
@ -88,3 +89,21 @@ async def delete_my_group(
        return {"message": "Group deleted successfully"}
    except ValueError as e:
        raise HTTPException(status_code=403, detail=str(e))
+    
+@router.delete("/{group_id}/members/{user_id}")
+async def remove_member(
+    group_id: uuid.UUID,
+    user_id: uuid.UUID,
+    db: AsyncSession = Depends(get_db),
+    user=Depends(get_current_user)
+):
+    """
+    A group manager can remove members from their own group.
+    """
+    try:
+        await remove_member_from_group(db, group_id, user_id, user)
+        return {"message": "Member removed successfully"}
+    except PermissionError as e:
+        raise HTTPException(status_code=403, detail=str(e))
+    except ValueError as e:
+        raise HTTPException(status_code=400, detail=str(e))
--- a/Back/domains/groups/service.py
+++ b/Back/domains/groups/service.py
@ -157,18 +157,26 @@ async def remove_member_from_group(
    group_id_uuid = group_id if isinstance(group_id, uuid.UUID) else uuid.UUID(group_id)
    target_user_id_uuid = target_user_id if isinstance(target_user_id, uuid.UUID) else uuid.UUID(target_user_id)

+    group = await get_group_by_id(db, group_id_uuid)
+    if not group:
+        raise ValueError("گروهی یافت نشد")
+
    # Admin can remove anyone
    if not requesting_user.is_admin:
        membership = await get_group_member(db, group_id_uuid, requesting_user.id)
        if not membership or membership.role != GroupMemberRole.MANAGER:
-            raise ValueError("دسترسی لازم را ندارید")
+            raise PermissionError("دسترسی لازم را ندارید")

-    group = await get_group_by_id(db, group_id_uuid)
-    if not group:
-        raise ValueError("گروهی یافت نشد")
    if group.owner_id == target_user_id_uuid:
        raise ValueError("حذف سازنده گروه مجاز نیست")

+    target_membership = await get_group_member(db, group_id_uuid, target_user_id_uuid)
+    if not target_membership:
+        raise ValueError("کاربر عضو این گروه نیست")
+
+    if not requesting_user.is_admin and target_membership.role != GroupMemberRole.MEMBER:
+        raise ValueError("حذف مدیر گروه مجاز نیست")
+
    await delete_group_member(db, group_id_uuid, target_user_id_uuid)