Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion openedx_authz/api/users.py
Original file line number Diff line number Diff line change
Expand Up @@ -311,7 +311,7 @@ def _filter_candidate_assignments_by_params(
Args:
assignments: The full assignment list to filter. Each entry has exactly one role
(one policy line = one RoleAssignmentData), as produced by get_role_assignments.
(one policy line), as produced by get_role_assignments.
orgs: Optional list of org identifiers to keep (e.g., ['edX', 'MITx']), matched against scope.org.
scopes: Optional list of scope external keys to keep (e.g., ['lib:DemoX:CSPROB']).
roles: Optional list of role external keys to keep (e.g., ['library_admin', 'instructor']).
Expand Down
23 changes: 1 addition & 22 deletions openedx_authz/rest_api/v1/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -1160,7 +1160,6 @@ class TeamMemberAssignmentsAPIView(APIView):

- Requires authenticated user.
- Results are filtered according to calling user's scope-level view permissions.
- Superadmin entries are always included when the target user is a staff/superuser.

**Example Request**

Expand All @@ -1174,13 +1173,6 @@ class TeamMemberAssignmentsAPIView(APIView):
"next": null,
"previous": null,
"results": [
{
"is_superadmin": true,
"role": "django.superuser",
"org": "*",
"scope": "*",
"permission_count": null
},
{
"is_superadmin": false,
"role": "library_admin",
Expand Down Expand Up @@ -1312,16 +1304,6 @@ class AssignmentsAPIView(APIView):
"username": "contributor",
"email": "contributor@example.com"
},
{
"is_superadmin": true,
"role": "django.superuser",
"org": "*",
"scope": "*",
"permission_count": null,
"full_name": "",
"username": "admin",
"email": "admin@example.com"
},
]
}
"""
Expand Down Expand Up @@ -1366,10 +1348,7 @@ def get(self, request: HttpRequest) -> Response:
serializer.is_valid(raise_exception=True)
query_params = serializer.validated_data

user_role_assignments: list[UserAssignmentData | SuperAdminAssignmentData] = []

# Retrieve superadmin assignments (django staff or superuser users), as they always have access to everything
user_role_assignments += get_superadmin_assignments()
user_role_assignments: list[UserAssignmentData] = []

users_with_assignments = api.get_visible_role_assignments_for_user(
orgs=query_params.get("orgs"),
Expand Down
Loading