squash!: Apply suggestions

Author: rodmgwgu

CHANGELOG.rst

@@ -20,7 +20,7 @@ Unreleased
 Added
 =====
 
-* Add the ``/api/authz/v1/users/<username>/assignments`` endpoint to get a list of role assignations for a user.
+* Add the ``/api/authz/v1/users/<username>/assignments/`` endpoint to get a list of role assignations for a user.
 
 1.5.0 - 2026-04-09
 ******************

openedx_authz/api/users.py

@@ -10,6 +10,7 @@
 """
 
 from django.contrib.auth import get_user_model
+from django.db.models import Q
 
 from openedx_authz.api.data import (
     ActionData,
@@ -254,11 +255,14 @@ def get_all_user_role_assignments_in_scope(
 
 
 def _filter_allowed_assignments(
-    user_external_key: str, assignments: list[RoleAssignmentData]
+    assignments: list[RoleAssignmentData], user_external_key: str = None
 ) -> list[RoleAssignmentData]:
     """
     Filter the given role assignments to only include those that the user has permission to view.
     """
+    if not user_external_key:
+        # If no user is specified, return all assignments
+        return assignments
     allowed_assignments: list[RoleAssignmentData] = []
     for assignment in assignments:
         permission = None
@@ -397,20 +401,18 @@ def get_superadmin_assignments(user_external_keys: list[str] | None = None) -> l
     Returns:
         list[SuperAdminAssignmentData]: The superadmin data
     """
-    # Retrieve user data to check if they are a superusers
-    if user_external_keys is None:
-        requested_users = User.objects.filter(is_active=True)
-    else:
-        requested_users = User.objects.filter(username__in=user_external_keys, is_active=True)
+    superadmin_filter = Q(is_active=True) & (Q(is_staff=True) | Q(is_superuser=True))
+    if user_external_keys is not None:
+        superadmin_filter &= Q(username__in=user_external_keys)
+    requested_users = User.objects.filter(superadmin_filter)
 
     superadmin_assignments: list[SuperAdminAssignmentData] = []
     for requested_user in requested_users:
-        if requested_user.is_staff or requested_user.is_superuser:
-            superadmin_assignments.append(
-                SuperAdminAssignmentData(
-                    subject=UserData(external_key=requested_user.username),
-                    is_staff=requested_user.is_staff,
-                    is_superuser=requested_user.is_superuser,
-                )
+        superadmin_assignments.append(
+            SuperAdminAssignmentData(
+                subject=UserData(external_key=requested_user.username),
+                is_staff=requested_user.is_staff,
+                is_superuser=requested_user.is_superuser,
             )
+        )
     return superadmin_assignments

openedx_authz/rest_api/v1/serializers.py

@@ -305,7 +305,7 @@ def get_org(self, obj: api.RoleAssignmentData | api.SuperAdminAssignmentData) ->
             case api.SuperAdminAssignmentData():
                 return "*"
             case api.RoleAssignmentData():
-                return getattr(obj.scope, "org", None)
+                return getattr(obj.scope, "org", "")
 
     def get_scope(self, obj: api.RoleAssignmentData | api.SuperAdminAssignmentData) -> str:
         """Get the scope for the given role assignment."""