diff --git a/api/organisations/serializers.py b/api/organisations/serializers.py index fbb09b1eb23c..8a14bd924817 100644 --- a/api/organisations/serializers.py +++ b/api/organisations/serializers.py @@ -36,6 +36,7 @@ class Meta: model = Organisation fields = ( "id", + "uuid", "name", "created_date", "webhook_notification_email", diff --git a/api/organisations/views.py b/api/organisations/views.py index 33bd581441a9..7a7be7d61255 100644 --- a/api/organisations/views.py +++ b/api/organisations/views.py @@ -16,7 +16,7 @@ from rest_framework.authentication import BasicAuthentication from rest_framework.decorators import action, api_view, authentication_classes from rest_framework.exceptions import ValidationError -from rest_framework.generics import ListAPIView +from rest_framework.generics import ListAPIView, get_object_or_404 from rest_framework.permissions import IsAuthenticated from rest_framework.request import Request from rest_framework.response import Response @@ -124,6 +124,17 @@ def create(self, request, **kwargs): else: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) + @action( + detail=False, + url_path=r"get-by-uuid/(?P[0-9a-f-]+)", + methods=["get"], + ) + def get_by_uuid(self, request, uuid): + qs = self.get_queryset() + organisation = get_object_or_404(qs, uuid=uuid) + serializer = self.get_serializer(organisation) + return Response(serializer.data) + @action(detail=True, permission_classes=[IsAuthenticated]) def projects(self, request, pk): organisation = self.get_object() diff --git a/api/tests/unit/organisations/test_unit_organisations_views.py b/api/tests/unit/organisations/test_unit_organisations_views.py index d55b28e4fb20..16b72e671001 100644 --- a/api/tests/unit/organisations/test_unit_organisations_views.py +++ b/api/tests/unit/organisations/test_unit_organisations_views.py @@ -71,6 +71,42 @@ def test_should_return_organisation_list_when_requested( assert response.data["results"][0]["name"] == organisation.name +def test_get_by_uuid_returns_organisation( + admin_client: APIClient, + organisation: Organisation, +) -> None: + # Given + url = reverse( + "api-v1:organisations:organisation-get-by-uuid", + args=[organisation.uuid], + ) + + # When + response = admin_client.get(url) + + # Then + assert response.status_code == status.HTTP_200_OK + assert response.json()["uuid"] == str(organisation.uuid) + + +def test_get_by_uuid_returns_404_for_organisation_that_does_not_belong_to_the_user( + admin_client: APIClient, + organisation: Organisation, +) -> None: + # Given + different_org = Organisation.objects.create(name="Different org") + url = reverse( + "api-v1:organisations:organisation-get-by-uuid", + args=[different_org.uuid], + ) + + # When + response = admin_client.get(url) + + # Then + assert response.status_code == status.HTTP_404_NOT_FOUND + + def test_non_superuser_can_create_new_organisation_by_default( staff_client: APIClient, staff_user: FFAdminUser,