[FEAT]: Get Members of an Organisation #691
Description
Description
Implement an endpoint to retrieve members of an organisation based on the organisation's ID. The response should be paginated and include relevant user details.
Acceptance Criteria
Users can retrieve the list of members in an organisation by providing the org_id.
The request should support pagination using page and page_size query parameters.
If the organisation exists and the requester is authorized, return a paginated list of members.
If the requester is not a member of the organisation, return a 403 Forbidden response.
If the organisation is not found, return a 404 Not Found response.
Purpose
This feature is needed to enable authorized users to view the members of a specific organisation. It ensures proper access control while providing paginated data for better performance and usability.
Requirements
The endpoint should enforce authentication and authorization checks to ensure only members can access the data.
The response should follow a structured JSON format, including status_code, data, and message fields.
Pagination should be implemented using page and page_size query parameters.
Proper error handling should be implemented for unauthorized access and missing organisations.
API Endpoint
- Get Organisation Members
Endpoint: GET /api/v1/organisations/{org_id}/users
Description: Retrieves a paginated list of members belonging to the specified organisation.
Path Parameters:
org_id (string, required): The unique identifier of the organisation.
Query Parameters:
page (number, required): The page number for pagination.
page_size (number, required): The number of users to return per page.
Responses
200 OK – Successfully retrieved the list of members.
Response Example:
{
"status_code": 200,
"data": [
{
"user_id": "12345",
"name": "John Doe",
"email": "[email protected]",
"role": "Admin"
},
{
"user_id": "67890",
"name": "Jane Smith",
"email": "[email protected]",
"role": "Member"
}
],
"message": "Organisation members retrieved successfully."
}
403 Forbidden – The user is not a member of the organisation.
Response Example:
{
"status_code": 403,
"message": "You are not authorized to view members of this organisation."
}
404 Not Found – The organisation does not exist.
Response Example:
{
"status_code": 404,
"message": "Organisation not found."
}
Expected Outcome
- Authorized users can retrieve a paginated list of members within an organisation.
- Unauthorized users cannot access the endpoint.
- Organisations that do not exist will return a 404 response.
- The system maintains performance efficiency by using pagination.