refactor: change user to subject

Author: mariajgrimaldi

openedx_authz/api/data.py

@@ -51,7 +51,7 @@ class ScopeData:
     This class assumes that the scope is already namespaced appropriately
     before being passed in, as scopes can vary widely (e.g., courses, organizations).
     """
-
+    # TODO: figure out namespace for scopes
     scope_id: str
 
 
@@ -146,6 +146,6 @@ class RoleAssignmentData:
         scope: The scope in which the role is assigned.
     """
 
-    subject: UserData
+    subject: SubjectData
     role: RoleData
     scope: ScopeData

openedx_authz/api/roles.py

@@ -29,7 +29,7 @@
     "get_all_roles_names",
     "get_permissions_for_active_roles_in_scope",
     "get_role_definitions_in_scope",
-    "assign_role_to_user_in_scope",
+    "assign_role_to_subject_in_scope",
     "batch_assign_role_to_subjects_in_scope",
     "unassign_role_from_subject_in_scope",
     "batch_unassign_role_from_subjects_in_scope",
@@ -170,7 +170,7 @@ def get_all_roles_names() -> list[str]:
     return enforcer.get_all_subjects()
 
 
-def assign_role_to_user_in_scope(
+def assign_role_to_subject_in_scope(
     subject: SubjectData, role: RoleData, scope: ScopeData
 ) -> None:
     """Assign a role to a subject.

openedx_authz/api/users.py

@@ -11,7 +11,7 @@
 
 from openedx_authz.api.data import RoleData, ScopeData, SubjectData, UserData
 from openedx_authz.api.roles import (
-    assign_role_to_user_in_scope,
+    assign_role_to_subject_in_scope,
     batch_assign_role_to_subjects_in_scope,
     batch_unassign_role_from_subjects_in_scope,
     get_role_assignments_for_subject,
@@ -20,7 +20,7 @@
 )
 
 
-def assign_role_to_user(username: str, role_name: str, scope_id: str) -> bool:
+def assign_role_to_user_in_scope(username: str, role_name: str, scope_id: str) -> bool:
     """Assign a role to a user in a specific scope.
 
     Args:
@@ -31,7 +31,7 @@ def assign_role_to_user(username: str, role_name: str, scope_id: str) -> bool:
     Returns:
         bool: True if the assignment was successful, False otherwise.
     """
-    return assign_role_to_user_in_scope(
+    return assign_role_to_subject_in_scope(
         UserData(username=username),
         RoleData(name=role_name),
         ScopeData(scope_id=scope_id),
@@ -94,8 +94,8 @@ def batch_unassign_role_from_users(
     )
 
 
-def get_roles_for_user(username: str) -> list[dict]:
-    """Get all roles with metadata assigned to a user in a specific scope.
+def get_role_assignments_for_user(username: str) -> list[dict]:
+    """Get all roles for a user across all scopes.
 
     Args:
         user (str): ID of the user (e.g., 'john_doe').
@@ -106,7 +106,7 @@ def get_roles_for_user(username: str) -> list[dict]:
     return get_role_assignments_for_subject(UserData(username=username))
 
 
-def get_roles_for_user_in_scope(username: str, scope_id: str) -> list[str]:
+def get_role_assignments_for_user_in_scope(username: str, scope_id: str) -> list[str]:
     """Get the roles assigned to a user in a specific scope.
 
     Args:

openedx_authz/tests/api/test_roles.py

@@ -63,7 +63,7 @@ def _assign_roles_to_users(
         global_enforcer.load_policy()  # Load policies to avoid duplicates
         if assignments:
             for assignment in assignments:
-                assign_role_to_user_in_scope(
+                assign_role_to_subject_in_scope(
                     subject=SubjectData(subject_id=assignment["subject"]),
                     role=RoleData(name=assignment["role_name"]),
                     scope=ScopeData(scope_id=assignment["scope"]),
@@ -80,7 +80,7 @@ def _assign_roles_to_users(
             global_enforcer.clear_policy()  # Clear to simulate fresh start for each test
             return
 
-        assign_role_to_user_in_scope(
+        assign_role_to_subject_in_scope(
             subject=SubjectData(subject_id=subjects),
             role=RoleData(name=role),
             scope=ScopeData(scope_id=scope),
@@ -677,7 +677,7 @@ def test_batch_assign_role_to_subjects_in_scope(self, subjects, role, scope, bat
         """
         if batch:
             for subject in subjects:
-                assign_role_to_user_in_scope(
+                assign_role_to_subject_in_scope(
                     SubjectData(subject_id=subject),
                     RoleData(name=role),
                     ScopeData(scope_id=scope)
@@ -686,7 +686,7 @@ def test_batch_assign_role_to_subjects_in_scope(self, subjects, role, scope, bat
                 role_names = {assignment.role.name for assignment in user_roles}
                 self.assertIn(role, role_names)
         else:
-            assign_role_to_user_in_scope(
+            assign_role_to_subject_in_scope(
                 SubjectData(subject_id=subjects),
                 RoleData(name=role),
                 ScopeData(scope_id=scope)