-
Task
-
Resolution: Done
-
Normal
-
None
-
False
-
-
False
-
None
-
Unset
-
None
-
-
-
Access & Management Sprint 99, Access & Management Sprint 100, A&M Tech Debt Sprint Q4 2024, Access & Management Sprint 101, Access & Management Sprint 102, Access & Management Sprint 103, Access & Management Sprint 104, Access & Management Sprint 105, A&M Tech Debt Sprint Q1 2025, Access & Management Sprint 106
When calling /groups/?limit=20&order_by=name&system=false, the following fields are returned within data for a User group:
{ "uuid": "2c6512b7-2087-4e5f-9f05-4c2d116851b2", "name": "a04d29c8-01bd-488f-b742-02464af2e83f", "description": "Test group", "principalCount": 20, "platform_default": false, "admin_default": false, "roleCount": 1, "created": "2024-05-17T05:03:14.747775Z", "modified": "2024-05-17T05:03:14.767741Z", "system": false }
However, when calling it with the URL param to filter groups for a username using /groups/?username=aa-qe-all&system=false for example:
Slack conversation: https://redhat-internal.slack.com/archives/C05M0SNTLM8/p1730172658763849
It looks that principalCount is not present for some other params like exlude_username,...
where is also need to add principalCount.
Solutions:
diff with annotation added on username filtering
diff --git a/rbac/management/querysets.py b/rbac/management/querysets.py
index f970e708..0bc67f4e 100644
— a/rbac/management/querysets.py
+++ b/rbac/management/querysets.py
@@ -121,7 +121,10 @@ def _gather_group_querysets(request, args, kwargs):
if principal.cross_account:
return Group.objects.none()
return (
- filter_queryset_by_tenant(Group.objects.filter(principals_username_iexact=username), request.tenant)
+ filter_queryset_by_tenant(Group.objects.filter(principals_username_iexact=username).annotate(
+ principalCount=Count("principals", filter=Q(principals__type="user"), distinct=True),
+ policyCount=Count("policies", distinct=True),
+ ), request.tenant)
| default_group_set
)