Adds owner of a group as member of that group

[lucaspar]

This makes sure the owner and creator of a group is added as one of its members.

It was strange seeing a group with "0 members" after creation, even if internally, it always had an owner.

It's currently not possible to add yourself to the member list, so the user is not able to "fix" this scenario themselves. nvm, it is. But I think the change is still valid.

For more predictable data, this also prevents user removal from group when:

• The user is the group owner.
• The user is the last member.

The migration retroactively adds the owner of all existing groups as one of their members.

New test requirement: individual shares (non-group ones) must survive a group-access revocation.

Currently, individual access is revoked if the group access is revoked. This, combined with the change above, could cause this scenario to fail:

1. The owner (U2) grants U1 and U2 personal (non-group) access to X.
2. The owner also shares X with group G (which contains U1 and U2).
   Both users' existing permissions gain G in share_groups.
3. The owner revokes group G's access to X.
4. U1 and U2 must still have access through their individual shares.
5. The owner must still have access via dataset ownership.

To make this work, there's a migration that creates a UserSharePermission.is_individual_share flag to keep track of how an item was shared. If this flag is present, that individual access is not revoked by revoking access to a group the user belongs to: the user must be explicitly removed instead.

[semanticdiff-com]

Review changes with  

Changed Files

File	Status
gateway/sds_gateway/users/views.py	35% smaller
gateway/sds_gateway/api_methods/models.py	25% smaller
gateway/sds_gateway/users/tests/test_group_sharing.py	9% smaller
gateway/.envs/example/django.prod-example.env	Unsupported file format
gateway/sds_gateway/api_methods/migrations/0020_group_owner_as_member_and_individual_share_field.py	0% smaller
gateway/sds_gateway/api_methods/migrations/max_migration.txt	Unsupported file format
gateway/sds_gateway/api_methods/tests/test_permission_updates.py	0% smaller
gateway/sds_gateway/users/utils.py	0% smaller

[Copilot]

Pull request overview

This PR establishes a new invariant for ShareGroup functionality: group owners are always members of their own groups. This addresses the confusing UX of seeing "0 members" after creating a group, and prevents users from being unable to add themselves to their own groups.

Changes:

• Group creation now automatically adds the owner as a member, with an initial member count of 1
• User removal validation now prevents removing the group owner and prevents removing the last member
• A data migration retroactively adds owners as members to all existing non-deleted groups

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
gateway/sds_gateway/users/views.py	Updated _create_share_group to add owner as member; updated _process_user_removal to validate owner and last-member removal attempts
gateway/sds_gateway/users/tests/test_group_sharing.py	Added tests for the new owner-as-member behavior and removal validation
gateway/sds_gateway/api_methods/migrations/0020_add_group_owner_as_member.py	Data migration to retroactively add owners as members to existing groups
gateway/sds_gateway/api_methods/migrations/max_migration.txt	Updated to reference the new migration
gateway/.envs/example/django.prod-example.env	Corrected example domain from nd.edu to mit.edu for Haystack reference

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[klpoland]

Okay, yeah, I think the changes to add an extra check for individual vs group share origination should fix the issue I described. Thanks!