feat: Implement orgs endpoint for admin console

Author: rodmgwgu

openedx_authz/rest_api/v1/serializers.py

@@ -169,6 +169,14 @@ class ListRolesWithScopeResponseSerializer(serializers.Serializer):  # pylint: d
     user_count = serializers.IntegerField()
 
 
+class OrganizationSerializer(serializers.Serializer):  # pylint: disable=abstract-method
+    """Serializer for Organization model."""
+
+    id = serializers.IntegerField()
+    name = serializers.CharField()
+    short_name = serializers.CharField()
+
+
 class UserRoleAssignmentSerializer(serializers.Serializer):  # pylint: disable=abstract-method
     """Serializer for a user role assignment."""
 

openedx_authz/rest_api/v1/urls.py

@@ -12,4 +12,5 @@
     ),
     path("roles/", views.RoleListView.as_view(), name="role-list"),
     path("roles/users/", views.RoleUserAPIView.as_view(), name="role-user-list"),
+    path("orgs/", views.OrgsAPIView.as_view(), name="orgs-view"),
 ]

openedx_authz/rest_api/v1/views.py

@@ -10,7 +10,8 @@
 import edx_api_doc_tools as apidocs
 from django.contrib.auth import get_user_model
 from django.http import HttpRequest
-from rest_framework import status
+from organizations.models import Organization
+from rest_framework import filters, generics, status
 from rest_framework.response import Response
 from rest_framework.views import APIView
 
@@ -32,6 +33,7 @@
     ListRolesWithScopeResponseSerializer,
     ListRolesWithScopeSerializer,
     ListUsersInRoleWithScopeSerializer,
+    OrganizationSerializer,
     PermissionValidationResponseSerializer,
     PermissionValidationSerializer,
     RemoveUsersFromRoleWithScopeSerializer,
@@ -449,3 +451,58 @@ def get(self, request: HttpRequest) -> Response:
         paginated_response_data = paginator.paginate_queryset(response_data, request)
         serialized_data = ListRolesWithScopeResponseSerializer(paginated_response_data, many=True)
         return paginator.get_paginated_response(serialized_data.data)
+
+
+@view_auth_classes()
+class OrgsAPIView(generics.ListAPIView):
+    """
+    API view for listing orgs
+    This API is used on the filters functionality on the Admin Console.
+
+    **Endpoints**
+
+    - GET: Retrieve all organizations
+
+    **Query Parameters**
+
+    - search (Optional): Search term to filter organizations by name or short name
+    - page (Optional): Page number for pagination
+    - page_size (Optional): Number of items per page
+
+    **Response Format**
+
+    Returns a paginated list of organization objects, each containing:
+
+    - id: The organization's ID
+    - name: The organization's name
+    - short_name: The organization's short name
+
+    **Authentication and Permissions**
+
+    - Requires authenticated user.
+
+    **Example Request**
+
+    GET /api/authz/v1/orgs/?search=edx&page=1&page_size=10
+
+    **Example Response**::
+
+        {
+            "count": 1,
+            "next": null,
+            "previous": null,
+            "results": [
+                {
+                    "id": 1,
+                    "name": "edX",
+                    "short_name": "edx"
+                }
+            ]
+        }
+    """
+
+    queryset = Organization.objects.order_by("name")
+    serializer_class = OrganizationSerializer
+    pagination_class = AuthZAPIViewPagination
+    filter_backends = [filters.SearchFilter]
+    search_fields = ["name", "short_name"]

openedx_authz/tests/rest_api/test_views.py

@@ -11,6 +11,7 @@
 from ddt import data, ddt, unpack
 from django.contrib.auth import get_user_model
 from django.urls import reverse
+from organizations.models import Organization
 from rest_framework import status
 from rest_framework.test import APIClient
 
@@ -853,6 +854,117 @@ def test_put_accepts_valid_full_course_key_scope(self, _mock_exists, _mock_assig
         self.assertEqual(len(response.data["completed"]), 1)
 
 
+@ddt
+class TestOrgsAPIView(ViewTestMixin):
+    """Test suite for OrgsAPIView."""
+
+    @classmethod
+    def setUpTestData(cls):
+        """Create Organization fixtures."""
+        super().setUpTestData()
+
+        Organization.objects.bulk_create(
+            [
+                Organization(name="Alpha University", short_name="AlphaU"),
+                Organization(name="Beta Institute", short_name="BetaI"),
+                Organization(name="Gamma College", short_name="GammaC"),
+            ]
+        )
+
+    def setUp(self):
+        """Set up test fixtures."""
+        super().setUp()
+        self.url = reverse("openedx_authz:orgs-view")
+
+    def test_get_orgs_returns_all(self):
+        """Test that all orgs are returned when no search param is provided.
+
+        Expected result:
+            - Returns 200 OK status
+            - Returns all 3 orgs
+        """
+        response = self.client.get(self.url)
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], 3)
+        self.assertEqual(len(response.data["results"]), 3)
+
+    @data(
+        # Match by name
+        ("Alpha", 1),
+        ("university", 1),
+        # Match by short_name
+        ("BetaI", 1),
+        ("gamma", 1),
+        # Partial match across multiple orgs
+        ("a", 3),
+        # No match
+        ("nonexistent", 0),
+    )
+    @unpack
+    def test_get_orgs_search(self, search_term: str, expected_count: int):
+        """Test filtering orgs by name or short_name via the search param.
+
+        Expected result:
+            - Returns 200 OK status
+            - Returns only orgs matching the search term
+        """
+        response = self.client.get(self.url, {"search": search_term})
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["count"], expected_count)
+        self.assertEqual(len(response.data["results"]), expected_count)
+
+    @data(
+        ({}, 3, False),
+        ({"page": 1, "page_size": 2}, 2, True),
+        ({"page": 2, "page_size": 2}, 1, False),
+        ({"page": 1, "page_size": 3}, 3, False),
+    )
+    @unpack
+    def test_get_orgs_pagination(self, query_params: dict, expected_count: int, has_next: bool):
+        """Test pagination of org results.
+
+        Expected result:
+            - Returns 200 OK status
+            - Returns correct page size and next link
+        """
+        response = self.client.get(self.url, query_params)
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(len(response.data["results"]), expected_count)
+        if has_next:
+            self.assertIsNotNone(response.data["next"])
+        else:
+            self.assertIsNone(response.data["next"])
+
+    def test_get_orgs_response_shape(self):
+        """Test that each org result contains the expected fields.
+
+        Expected result:
+            - Each result has id, name, and short_name fields
+        """
+        response = self.client.get(self.url)
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        result = response.data["results"][0]
+        self.assertIn("id", result)
+        self.assertIn("name", result)
+        self.assertIn("short_name", result)
+
+    def test_get_orgs_unauthenticated(self):
+        """Test that unauthenticated requests are rejected.
+
+        Expected result:
+            - Returns 401 UNAUTHORIZED status
+        """
+        self.client.force_authenticate(user=None)
+
+        response = self.client.get(self.url)
+
+        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+
+
 @ddt
 class TestRoleListView(ViewTestMixin):
     """Test suite for RoleListView."""