fastapi-rtk 0.2.27__py3-none-any.whl → 1.0.13__py3-none-any.whl

fastapi_rtk/fastapi_react_toolkit.py

@@ -5,25 +5,37 @@ import os
 from contextlib import asynccontextmanager
 from typing import Awaitable, Callable
 
+import fastapi
 import Secweb
 import Secweb.ContentSecurityPolicy
+import starlette.types
 from fastapi import Depends, FastAPI, HTTPException, Request
 from fastapi.responses import HTMLResponse, StreamingResponse
 from fastapi.staticfiles import StaticFiles
 from fastapi.templating import Jinja2Templates
+from fastapi_babel import BabelMiddleware
 from jinja2 import Environment, TemplateNotFound, select_autoescape
 from prometheus_fastapi_instrumentator import Instrumentator
-from sqlalchemy import and_, select
-from sqlalchemy.ext.asyncio import AsyncSession
-from sqlalchemy.orm import Session
 from starlette.routing import _DefaultLifespan
 
 from .api.model_rest_api import ModelRestApi
 from .auth import Auth
-from .cli.commands import upgrade
-from .const import BASE_APIS, DEFAULT_SECWEB_PARAMS, logger
+from .backends.sqla.session import SQLASession
+from .cli.commands.db import upgrade
+from .cli.commands.translate import init_babel_cli
+from .const import (
+    BASE_APIS,
+    DEFAULT_SECWEB_PARAMS,
+    INTERNAL_LANG_FOLDER,
+    ErrorCode,
+    logger,
+)
 from .db import db
-from .dependencies import set_global_background_tasks, set_global_user
+from .dependencies import (
+    set_global_background_tasks,
+    set_global_request,
+    set_global_user,
+)
 from .globals import GlobalsMiddleware, g
 from .middlewares import (
     ProfilerMiddleware,
@@ -42,7 +54,7 @@ from .security.sqla.apis import (
 from .security.sqla.models import Api, Permission, PermissionApi, Role
 from .security.sqla.security_manager import SecurityManager
 from .setting import Setting
-from .utils import deep_merge, safe_call, smart_run
+from .utils import deep_merge, lazy, multiple_async_contexts, safe_call, smart_run
 from .version import __version__
 
 __all__ = ["FastAPIReactToolkit"]
@@ -137,6 +149,7 @@ class FastAPIReactToolkit:
     exclude_apis: list[BASE_APIS] = None
     global_user_dependency = True
     global_background_tasks = True
+    global_request = True
     instrumentator: Instrumentator = None
     on_startup: (
         Callable[[FastAPI], None] | Awaitable[Callable[[FastAPI], None]] | None
@@ -148,7 +161,15 @@ class FastAPIReactToolkit:
     # Public attributes
     apis: list[ModelRestApi] = None
     initialized = False
-    security: SecurityManager = None
+    sm: SecurityManager = None
+    security: SecurityManager = lazy(lambda self: self.sm)
+    """
+    Old attribute for `sm`, kept for backward compatibility.
+    """
+    started = False
+    """
+    Indicates whether the application has been started.
+    """
 
     # Private attributes
     _mounted = False
@@ -166,6 +187,7 @@ class FastAPIReactToolkit:
         exclude_apis: list[BASE_APIS] | None = None,
         global_user_dependency: bool = True,
         global_background_tasks: bool = True,
+        global_request: bool = True,
         instrumentator: Instrumentator | None = None,
         on_startup: (
             Callable[[FastAPI], None] | Awaitable[Callable[[FastAPI], None]] | None
@@ -173,6 +195,9 @@ class FastAPIReactToolkit:
         on_shutdown: (
             Callable[[FastAPI], None] | Awaitable[Callable[[FastAPI], None]] | None
         ) = None,
+        lifespans: starlette.types.Lifespan[fastapi.applications.AppType]
+        | list[starlette.types.Lifespan[fastapi.applications.AppType]]
+        | None = None,
         debug: bool = False,
     ):
         """
@@ -187,14 +212,16 @@ class FastAPIReactToolkit:
             exclude_apis (list[BASE_APIS] | None, optional): List of security APIs to be excluded when initializing the FastAPI application. Defaults to None.
             global_user_dependency (bool, optional): Whether to add the `set_global_user` dependency to the FastAPI application. This allows you to access the current user with the `g.user` object. Defaults to True.
             global_background_tasks (bool, optional): Whether to add the `set_global_background_tasks` dependency to the FastAPI application. This allows you to access the background tasks with the `g.background_tasks` object. Defaults to True.
+            global_request (bool, optional): Whether to add the `set_global_request` dependency to the FastAPI application. This allows you to access the current request with the `g.request` object. Defaults to True.
             instrumentator (Instrumentator | None, optional): The instrumentator to use for monitoring the FastAPI application. Defaults to `Instrumentator(**Setting.INSTRUMENTATOR_CONFIG)`.
             on_startup (Callable[[FastAPI], None]  |  Awaitable[Callable[[FastAPI], None]]  |  None, optional): Function to call when the app is starting up. Can either be a regular function or an async function. If the function takes a `FastAPI` instance as an argument, it will be passed to the function. Defaults to None.
             on_shutdown (Callable[[FastAPI], None]  |  Awaitable[Callable[[FastAPI], None]]  |  None, optional): Function to call when the app is shutting down. Can either be a regular function or an async function. If the function takes a `FastAPI` instance as an argument, it will be passed to the function. Defaults to None.
+            lifespans (starlette.types.Lifespan[fastapi.applications.AppType]  |  list[starlette.types.Lifespan[fastapi.applications.AppType]]  |  None, optional): Lifespan or list of lifespans to combine with the main lifespan. Defaults to None.
             debug (bool, optional): Whether to log debug messages. Defaults to False.
         """
         g.current_app = self
         self.apis = []
-        self.security = SecurityManager(self)
+        self.sm = SecurityManager(self)
 
         # Database configuration
         self.create_tables = create_tables
@@ -204,9 +231,17 @@ class FastAPIReactToolkit:
         self.exclude_apis = exclude_apis or []
         self.global_user_dependency = global_user_dependency
         self.global_background_tasks = global_background_tasks
+        self.global_request = global_request
         self.instrumentator = instrumentator
         self.on_startup = on_startup
         self.on_shutdown = on_shutdown
+        self.lifespans = (
+            lifespans
+            if isinstance(lifespans, list)
+            else [lifespans]
+            if lifespans
+            else []
+        )
 
         if auth:
             for key, value in auth.items():
@@ -273,6 +308,16 @@ class FastAPIReactToolkit:
             self.app.router.dependencies.append(Depends(set_global_user()))
         if self.global_background_tasks:
             self.app.router.dependencies.append(Depends(set_global_background_tasks))
+        if self.global_request:
+            self.app.router.dependencies.append(Depends(set_global_request))
+
+        # Add the language middleware
+        try:
+            babel_cli = init_babel_cli(create_root_path_if_not_exists=False, log=False)
+        except FileNotFoundError:
+            # If the user does not have a lang folder, then use the internal one
+            babel_cli = init_babel_cli(root_path=INTERNAL_LANG_FOLDER, log=False)
+        self.app.add_middleware(BabelMiddleware, babel_configs=babel_cli.babel.config)
 
         # Initialize the instrumentator
         if not self.instrumentator:
@@ -375,171 +420,121 @@ class FastAPIReactToolkit:
 
         async with db.session() as session:
             logger.info("INITIALIZING DATABASE")
-            await self._insert_permissions(session)
-            await self._insert_apis(session)
-            await self._insert_roles(session)
-            await self._associate_permission_with_api(session)
-            await self._associate_permission_api_with_role(session)
+            permissions = await self._insert_permissions(session)
+            apis = await self._insert_apis(session)
+            roles = await self._insert_roles(session)
+            assert permissions is not None, "Permissions should not be None"
+            assert apis is not None, "APIs should not be None"
+            permission_apis = await self._associate_permission_with_api(
+                session, permissions, apis
+            )
+            assert roles is not None, "Roles should not be None"
+            assert permission_apis is not None, "PermissionApis should not be None"
+            await self._associate_role_with_permission_api(
+                session, roles, permission_apis
+            )
             if self.cleanup:
-                await self.security.cleanup()
+                await self.sm.cleanup()
             logger.info("DATABASE INITIALIZED")
 
-    async def _insert_permissions(self, session: AsyncSession | Session):
-        new_permissions = self.total_permissions()
-        stmt = select(Permission).where(Permission.name.in_(new_permissions))
-        result = await safe_call(session.scalars(stmt))
-        existing_permissions = [permission.name for permission in result.all()]
-        if len(new_permissions) == len(existing_permissions):
-            return
-
-        permission_objs = [
-            Permission(name=permission)
-            for permission in new_permissions
-            if permission not in existing_permissions
+    async def _insert_permissions(self, session: SQLASession):
+        permissions = self.total_permissions() + [
+            x[1] for x in self.sm.get_api_permission_tuples_from_builtin_roles()
         ]
-        for permission in permission_objs:
-            logger.info(f"ADDING PERMISSION {permission}")
-            session.add(permission)
-        await safe_call(session.commit())
-
-    async def _insert_apis(self, session: AsyncSession | Session):
-        new_apis = [api.__class__.__name__ for api in self.apis]
-        stmt = select(Api).where(Api.name.in_(new_apis))
-        result = await safe_call(session.scalars(stmt))
-        existing_apis = [api.name for api in result.all()]
-        if len(new_apis) == len(existing_apis):
-            return
-
-        api_objs = [Api(name=api) for api in new_apis if api not in existing_apis]
-        for api in api_objs:
-            logger.info(f"ADDING API {api}")
-            session.add(api)
-        await safe_call(session.commit())
-
-    async def _insert_roles(self, session: AsyncSession | Session):
-        new_roles = [g.admin_role, g.public_role]
-        stmt = select(Role).where(Role.name.in_(new_roles))
-        result = await safe_call(session.scalars(stmt))
-        existing_roles = [role.name for role in result.all()]
-        if len(new_roles) == len(existing_roles):
-            return
+        permissions = list(dict.fromkeys(permissions))
+        return await self.sm.create_permissions(permissions, session=session)
 
-        role_objs = [
-            Role(name=role) for role in new_roles if role not in existing_roles
+    async def _insert_apis(self, session: SQLASession):
+        apis = [api.__class__.__name__ for api in self.apis] + [
+            x[0] for x in self.sm.get_api_permission_tuples_from_builtin_roles()
         ]
-        for role in role_objs:
-            logger.info(f"ADDING ROLE {role}")
-            session.add(role)
-        await safe_call(session.commit())
+        apis = list(dict.fromkeys(apis))
+        return await self.sm.create_apis(apis, session=session)
+
+    async def _insert_roles(self, session: SQLASession):
+        roles = self.sm.get_roles_from_builtin_roles()
+        if g.admin_role and g.admin_role not in roles:
+            roles.append(g.admin_role)
+        if g.public_role and g.public_role not in roles:
+            roles.append(g.public_role)
+        return await self.sm.create_roles(roles, session=session)
+
+    async def _associate_permission_with_api(
+        self,
+        session: SQLASession,
+        permissions: list[Permission],
+        apis: list[Api],
+    ):
+        permission_map = {permission.name: permission for permission in permissions}
+        api_map = {api.name: api for api in apis}
+        permission_api_tuples = list[tuple[Permission, Api]]()
+        added_permission_api = set[tuple[str, str]]()
 
-    async def _associate_permission_with_api(self, session: AsyncSession | Session):
         for api in self.apis:
-            new_permissions = getattr(api, "permissions", [])
-            if not new_permissions:
+            api_permissions = api.permissions
+            if not api_permissions:
                 continue
 
-            # Get the api object
-            api_stmt = select(Api).where(Api.name == api.__class__.__name__)
-            api_obj = await safe_call(session.scalar(api_stmt))
-
-            if not api_obj:
-                raise ValueError(f"API {api.__class__.__name__} not found")
-
-            permission_stmt = select(Permission).where(
-                and_(
-                    Permission.name.in_(new_permissions),
-                    ~Permission.id.in_([p.permission_id for p in api_obj.permissions]),
-                )
-            )
-            permission_result = await safe_call(session.scalars(permission_stmt))
-            new_permissions = permission_result.all()
-
-            if not new_permissions:
+            for permission_name in api_permissions:
+                if (permission_name, api.__class__.__name__) in added_permission_api:
+                    continue
+                permission = permission_map[permission_name]
+                api_obj = api_map[api.__class__.__name__]
+                permission_api_tuples.append((permission, api_obj))
+                added_permission_api.add((permission.name, api_obj.name))
+
+        for (
+            api_name,
+            perm_name,
+        ) in self.sm.get_api_permission_tuples_from_builtin_roles():
+            if (perm_name, api_name) in added_permission_api:
                 continue
+            permission = permission_map[perm_name]
+            api_obj = api_map[api_name]
+            permission_api_tuples.append((permission, api_obj))
+            added_permission_api.add((permission.name, api_obj.name))
 
-            for permission in new_permissions:
-                session.add(
-                    PermissionApi(permission_id=permission.id, api_id=api_obj.id)
-                )
-                logger.info(f"ASSOCIATING PERMISSION {permission} WITH API {api_obj}")
-            await safe_call(session.commit())
+        return await self.sm.associate_list_of_permission_with_api(
+            permission_api_tuples, session=session
+        )
 
-    async def _associate_permission_api_with_role(
-        self, session: AsyncSession | Session
+    async def _associate_role_with_permission_api(
+        self,
+        session: SQLASession,
+        roles: list[Role],
+        permission_apis: list[PermissionApi],
     ):
-        # Read config based roles
-        roles_dict = Setting.ROLES
-
-        for role_name, role_permissions in roles_dict.items():
-            role_stmt = select(Role).where(Role.name == role_name)
-            role_result = await safe_call(session.scalars(role_stmt))
-            role = role_result.first()
-            if not role:
-                role = Role(name=role_name)
-                logger.info(f"ADDING ROLE {role}")
-                session.add(role)
-
-            for api_name, permission_name in role_permissions:
-                permission_api_stmt = (
-                    select(PermissionApi)
-                    .where(
-                        and_(Api.name == api_name, Permission.name == permission_name)
-                    )
-                    .join(Permission)
-                    .join(Api)
-                )
-                permission_api = await safe_call(session.scalar(permission_api_stmt))
-                if not permission_api:
-                    permission_stmt = select(Permission).where(
-                        Permission.name == permission_name
-                    )
-                    permission = await safe_call(session.scalar(permission_stmt))
-                    if not permission:
-                        permission = Permission(name=permission_name)
-                        logger.info(f"ADDING PERMISSION {permission}")
-                        session.add(permission)
-
-                    stmt = select(Api).where(Api.name == api_name)
-                    api = await safe_call(session.scalar(stmt))
-                    if not api:
-                        api = Api(name=api_name)
-                        logger.info(f"ADDING API {api}")
-                        session.add(api)
-
-                    permission_api = PermissionApi(permission=permission, api=api)
-                    logger.info(f"ADDING PERMISSION-API {permission_api}")
-                    session.add(permission_api)
-
-                # Associate role with permission-api
-                if role not in permission_api.roles:
-                    permission_api.roles.append(role)
-                    logger.info(
-                        f"ASSOCIATING {role} WITH PERMISSION-API {permission_api}"
-                    )
-
-                await safe_call(session.commit())
-
-        # Get admin role
-        admin_role_stmt = select(Role).where(Role.name == g.admin_role)
-        admin_role = await safe_call(session.scalar(admin_role_stmt))
-
-        if admin_role:
-            # Get list of permission-api.assoc_permission_api_id of the admin role
-            stmt = (
-                select(PermissionApi)
-                .where(~PermissionApi.roles.contains(admin_role))
-                .join(Api)
-            )
-            result = await safe_call(session.scalars(stmt))
-            existing_assoc_permission_api_roles = result.all()
-
-            # Add admin role to all permission-api objects
-            for permission_api in existing_assoc_permission_api_roles:
-                permission_api.roles.append(admin_role)
-                logger.info(
-                    f"ASSOCIATING {admin_role} WITH PERMISSION-API {permission_api}"
-                )
-            await safe_call(session.commit())
+        role_map = {role.name: role for role in roles}
+        permission_api_map = {
+            (pa.permission.name, pa.api.name): pa for pa in permission_apis
+        }
+        permission_apis_to_exclude_from_admin = list[PermissionApi]()
+        role_permission_api_tuples = list[tuple[Role, PermissionApi]]()
+
+        for (
+            role_name,
+            role_api_permissions,
+        ) in self.sm.get_role_and_api_permission_tuples_from_builtin_roles():
+            for api_name, permission_name in role_api_permissions:
+                role = role_map[role_name]
+                permission_api = permission_api_map[(permission_name, api_name)]
+                role_permission_api_tuples.append((role, permission_api))
+                if "|" in permission_name and role_name != g.public_role:
+                    # Exclude multi-tenant permissions from admin role if not explicitly set
+                    permission_apis_to_exclude_from_admin.append(permission_api)
+
+        if g.admin_role:
+            admin_role = role_map[g.admin_role]
+            for permission_api in [
+                pa
+                for pa in permission_apis
+                if pa not in permission_apis_to_exclude_from_admin
+            ]:
+                role_permission_api_tuples.append((admin_role, permission_api))
+
+        await self.sm.associate_list_of_role_with_permission_api(
+            role_permission_api_tuples, session=session
+        )
 
     def _mount_static_folder(self):
         """
@@ -585,7 +580,9 @@ class FastAPIReactToolkit:
                     },
                 )
             except TemplateNotFound:
-                raise HTTPException(status_code=404, detail="Not Found")
+                raise HTTPException(
+                    fastapi.status.HTTP_404_NOT_FOUND, ErrorCode.PAGE_NOT_FOUND
+                )
 
     """
     -----------------------------------------
@@ -624,14 +621,6 @@ class FastAPIReactToolkit:
             # Add the endpoint for the metrics
             self.instrumentator.expose(app, **Setting.INSTRUMENTATOR_EXPOSE_CONFIG)
 
-            # Add the JS manifest route
-            self._init_js_manifest()
-
-            # Mount the static and template folders
-            self._mounted = True
-            self._mount_static_folder()
-            self._mount_template_folder()
-
             await db.init_fastapi_rtk_tables()
 
             if self.upgrade_db:
@@ -678,13 +667,34 @@ class FastAPIReactToolkit:
             # Run when the app is shutting down
             await db.close()
 
+        @asynccontextmanager
+        async def mount_lifespan(app: FastAPI):
+            # Mount the js manifest, static, and template folders
+            self._init_js_manifest()
+            self._mount_static_folder()
+            self._mount_template_folder()
+            self._mounted = True
+            self.started = True
+            yield
+
+        # Combine with other lifespans
+        @asynccontextmanager
+        async def combined_lifespan(app: FastAPI):
+            async with multiple_async_contexts(
+                [
+                    lifespan(app)
+                    for lifespan in [lifespan] + self.lifespans + [mount_lifespan]
+                ]
+            ):
+                yield
+
         # Check whether lifespan is already set
         if not isinstance(self.app.router.lifespan_context, _DefaultLifespan):
             raise ValueError(
                 "Lifespan already set, please do not set lifespan directly in the FastAPI app"
             )
 
-        self.app.router.lifespan_context = lifespan
+        self.app.router.lifespan_context = combined_lifespan
 
     def _init_basic_apis(self):
         apis = [
@@ -707,7 +717,12 @@ class FastAPIReactToolkit:
             env = Environment(autoescape=select_autoescape(["html", "xml"]))
             template_string = "window.fab_react_config = {{ react_vars |tojson }}"
             template = env.from_string(template_string)
-            rendered_string = template.render(react_vars=Setting.FAB_REACT_CONFIG)
+            react_vars = Setting.FAB_REACT_CONFIG
+            if Setting.TRANSLATIONS:
+                react_vars[Setting.TRANSLATIONS_KEY] = deep_merge(
+                    react_vars.get(Setting.TRANSLATIONS_KEY, {}), Setting.TRANSLATIONS
+                )
+            rendered_string = template.render(react_vars=react_vars)
             content = rendered_string.encode("utf-8")
             scriptfile = io.BytesIO(content)
             return StreamingResponse(

fastapi_rtk/file_managers/file_manager.py

@@ -4,7 +4,7 @@ import shutil
 
 from ..bases.file_manager import AbstractFileManager
 from ..setting import Setting
-from ..utils import lazy, secure_filename
+from ..utils import lazy, secure_filename, smart_run
 
 __all__ = ["FileManager"]
 
@@ -20,6 +20,8 @@ class FileManager(AbstractFileManager):
     def post_init(self):
         if not self.base_path:
             raise ValueError("UPLOAD_FOLDER not set in config.")
+        if not op.exists(self.base_path):
+            os.makedirs(self.base_path, self.permission)
 
     def get_path(self, filename):
         return op.join(self.base_path, filename)
@@ -32,20 +34,20 @@ class FileManager(AbstractFileManager):
     async def stream_file(self, filename):
         _, path = self.generate_secure_filename(filename)
         with open(path, "rb") as f:
-            while chunk := f.read(8192):
+            while chunk := await smart_run(f.read, 8192):
                 yield chunk
 
     def save_file(self, file_data, filename):
-        secured_filename, path = self.generate_secure_filename(filename)
+        _, path = self.generate_secure_filename(filename)
         with open(path, "wb") as buffer:
             shutil.copyfileobj(file_data.file, buffer)
-        return secured_filename
+        return path
 
     def save_content_to_file(self, content, filename):
-        secured_filename, path = self.generate_secure_filename(filename)
+        _, path = self.generate_secure_filename(filename)
         with open(path, "wb") as buffer:
             buffer.write(content)
-        return secured_filename
+        return path
 
     def delete_file(self, filename):
         _, path = self.generate_secure_filename(filename)