Add bulk grant permission API endpoint

New Features: - BulkGrantPermission model: Grant same permission to multiple users - BulkGrantResult model: Detailed success/failure results - POST /api/v1/admin/permissions/bulk-grant endpoint This simplifies the admin workflow for granting the same account permission to multiple users at once (e.g., onboarding a team). The endpoint validates the account exists and is active, then grants the permission to each user, collecting successes and failures to return a detailed result. Related: UI-IMPROVEMENTS-PLAN.md Phase 1
2025-11-11 02:13:59 +01:00 · 2025-11-11 02:13:59 +01:00 · ed1e6509ee
commit ed1e6509ee
parent c35944d51f
2 changed files with 74 additions and 0 deletions
--- a/views_api.py
+++ b/views_api.py
@ -46,6 +46,8 @@ from .models import (
    AccountWithPermissions,
    AssertionStatus,
    BalanceAssertion,
+    BulkGrantPermission,
+    BulkGrantResult,
    CastleSettings,
    CreateAccount,
    CreateAccountPermission,
@ -2967,6 +2969,60 @@ async def api_bulk_grant_permissions(
    return created_permissions


+@castle_api_router.post("/api/v1/admin/permissions/bulk-grant", status_code=HTTPStatus.CREATED)
+async def api_bulk_grant_permission_to_users(
+    data: "BulkGrantPermission",
+    wallet: WalletTypeInfo = Depends(require_admin_key),
+) -> "BulkGrantResult":
+    """
+    Grant the same permission to multiple users at once (admin only).
+
+    This is a convenience endpoint that grants the same account permission
+    to multiple users in one operation. Useful for onboarding teams or
+    granting access to a shared expense account.
+
+    Returns detailed results including successes and failures.
+    """
+    from .models import BulkGrantResult
+
+    granted = []
+    failed = []
+
+    # Validate account exists and is active
+    account = await get_account(data.account_id)
+    if not account:
+        raise HTTPException(
+            status_code=HTTPStatus.NOT_FOUND,
+            detail=f"Account with ID '{data.account_id}' not found",
+        )
+
+    # Grant permission to each user
+    for user_id in data.user_ids:
+        try:
+            perm_data = CreateAccountPermission(
+                user_id=user_id,
+                account_id=data.account_id,
+                permission_type=data.permission_type,
+                expires_at=data.expires_at,
+                notes=data.notes,
+            )
+            perm = await create_account_permission(perm_data, wallet.wallet.user)
+            granted.append(perm)
+        except Exception as e:
+            failed.append({
+                "user_id": user_id,
+                "error": str(e),
+            })
+
+    return BulkGrantResult(
+        granted=granted,
+        failed=failed,
+        total=len(data.user_ids),
+        success_count=len(granted),
+        failure_count=len(failed),
+    )
+
+
 # ===== USER PERMISSION ENDPOINTS =====