fastapi-rtk 0.2.27__py3-none-any.whl → 1.0.13__py3-none-any.whl

fastapi_rtk/schemas.py

@@ -3,7 +3,7 @@ import typing
 from datetime import datetime
 from typing import Annotated, Any, Dict, Literal
 
-from fastapi import HTTPException
+import fastapi
 from pydantic import (
     AfterValidator,
     BaseModel,
@@ -16,6 +16,8 @@ from pydantic import (
 )
 
 from .const import logger
+from .exceptions import HTTPWithValidationException
+from .lang import translate
 from .utils import ensure_tz_info, merge_schema, validate_utc
 
 if typing.TYPE_CHECKING:
@@ -272,11 +274,13 @@ class InfoResponse(BaseModel):
     add_title: str = ""
     add_schema: dict[str, Any] = {}
     add_uischema: dict[str, Any] | None = None
+    add_translations: dict[str, dict[str, str]] | None = None
     add_type: typing.Literal["json"] | typing.Literal["form"] = "json"
     edit_columns: list[ColumnInfo | ColumnEnumInfo | ColumnRelationInfo] = []
     edit_title: str = ""
     edit_schema: dict[str, Any] = {}
     edit_uischema: dict[str, Any] | None = None
+    edit_translations: dict[str, dict[str, str]] | None = None
     edit_type: typing.Literal["json"] | typing.Literal["form"] = "json"
     filters: dict[str, Any] = {}
     filter_options: dict[str, Any] = {}
@@ -319,7 +323,7 @@ class BaseResponseMany(BaseResponse):
     Represents a response containing multiple items.
 
     Attributes:
-        count (int): The count of items.
+        count (int | None): The count of items. If None, count is not provided.
         ids (List[PRIMARY_KEY]): The IDs of the items.
         list_columns (List[str]): The columns to show in the list.
         list_title (str): The title for the list.
@@ -327,7 +331,7 @@ class BaseResponseMany(BaseResponse):
         result (List[BaseModel] | None): The result of the response.
     """
 
-    count: int
+    count: int | None = None
     ids: list[PRIMARY_KEY]
     list_columns: list[str] = []
     list_title: str = ""
@@ -346,45 +350,60 @@ class GeneralResponse(BaseModel):
     detail: str
 
 
-class FilterSchema(BaseModel):
+class OprFilterSchema(BaseModel):
     """
-    Represents a filter for querying data.
+    Represents a filter for querying data without column name.
 
     Attributes:
-        col (str): The column name to filter on.
         opr (str): The operator to use for the filter.
         value (Union[PRIMARY_KEY, bool, Dict[str, Any], List[Union[PRIMARY_KEY, bool, Dict[str, Any]]]]): The value to filter on.
-
     """
 
-    col: str
     opr: str
     value: (
         PRIMARY_KEY | bool | dict[str, Any] | list[PRIMARY_KEY | bool | dict[str, Any]]
     )
 
 
+class FilterSchema(OprFilterSchema):
+    """
+    Represents a filter for querying data.
+
+    Attributes:
+        col (str): The column name to filter on.
+        opr (str): The operator to use for the filter.
+        value (Union[PRIMARY_KEY, bool, Dict[str, Any], List[Union[PRIMARY_KEY, bool, Dict[str, Any]]]]): The value to filter on.
+
+    """
+
+    col: str
+
+
 class QuerySchema(BaseModel):
     """
     Represents the query parameters for selection, pagination, ordering, and filtering.
 
     Attributes:
-        columns (str, optional): The columns to select in the query. Defaults to '[]'.
         page (int): The page number for pagination. Defaults to 0.
         page_size (int, optional): The number of items per page. Defaults to 25.
         order_column (str, optional): The column to order the results by.
         order_direction (Literal['asc', 'desc'], optional): The direction of the ordering (asc or desc).
+        columns (str, optional): The columns to select in the query. Defaults to '[]'.
         filters (str, optional): The filters to apply to the query. Defaults to '[]'.
+        opr_filters (str, optional): The filters to apply without column name. Defaults to '[]'.
         global_filter (str, optional): The filter to apply globally across all columns.
+        with_count (bool): Whether to include the total count of items. Defaults to True.
     """
 
-    columns: str = "[]"
     page: int = 0
     page_size: int | None = 25
     order_column: str | None = None
     order_direction: Literal["asc", "desc"] | None = None
+    columns: str = "[]"
     filters: str = "[]"
+    opr_filters: str = "[]"
     global_filter: str | None = None
+    with_count: bool = True
 
     @field_validator("columns")
     @classmethod
@@ -394,30 +413,48 @@ class QuerySchema(BaseModel):
             columns = json.loads(v) if isinstance(v, str) else v
             logger.debug(f"Columns: {columns}")
             if not isinstance(columns, list):
-                raise ValueError("Columns must be a list")
+                raise HTTPWithValidationException(
+                    fastapi.status.HTTP_400_BAD_REQUEST,
+                    "list_type",
+                    "query",
+                    "columns",
+                    translate("Columns must be a list"),
+                    input=columns,
+                )
             return [str(col) for col in columns]
         except json.JSONDecodeError:
-            raise HTTPException(
-                status_code=400, detail="Invalid columns: Not a valid JSON string"
+            raise HTTPWithValidationException(
+                fastapi.status.HTTP_400_BAD_REQUEST,
+                "json_invalid",
+                "query",
+                "columns",
+                translate("Invalid columns: Not a valid JSON string"),
+                input=v,
+            )
+        except ValidationError as e:
+            raise HTTPWithValidationException(
+                fastapi.status.HTTP_400_BAD_REQUEST,
+                "literal_error",
+                "query",
+                "columns",
+                e.errors(),
             )
-        except ValueError as e:
-            raise HTTPException(status_code=400, detail=str(e))
 
     @field_validator("order_direction")
     @classmethod
     def validate_order_fields(cls, v: str | None, info: ValidationInfo):
         data = info.data
-        try:
-            if bool(v) != bool(data.get("order_column")):
-                raise ValueError(
-                    "Both order_column and order_direction must be filled or empty"
-                )
-            return str(v) if v else v
-        except ValueError:
-            raise HTTPException(
-                status_code=400,
-                detail="Both order_column and order_direction must be filled or empty",
+        if bool(v) != bool(data.get("order_column")):
+            raise HTTPWithValidationException(
+                fastapi.status.HTTP_400_BAD_REQUEST,
+                "missing",
+                "query",
+                "order_direction" if not v else "order_column",
+                translate(
+                    "Both 'order_column' and 'order_direction' must be filled or empty"
+                ),
             )
+        return str(v) if v else v
 
     @field_validator("filters")
     @classmethod
@@ -427,31 +464,97 @@ class QuerySchema(BaseModel):
             filters = json.loads(v) if isinstance(v, str) else v
             logger.debug(f"Filters: {filters}")
             if not isinstance(filters, list):
-                raise ValueError("Filters must be a list")
+                raise HTTPWithValidationException(
+                    fastapi.status.HTTP_400_BAD_REQUEST,
+                    "list_type",
+                    "query",
+                    "filters",
+                    translate("Filters must be a list"),
+                    input=filters,
+                )
             new_filters = []
-            for filter in filters:
+            for index, filter in enumerate(filters):
                 if isinstance(filter, FilterSchema):
                     new_filters.append(filter)
                 elif isinstance(filter, dict):
                     new_filters.append(FilterSchema(**filter))
                 else:
-                    raise ValueError("Filter must be a dictionary")
+                    raise HTTPWithValidationException(
+                        fastapi.status.HTTP_400_BAD_REQUEST,
+                        "dict_type",
+                        "query",
+                        f"filters[{index}]",
+                        translate("Filter must be an object"),
+                        input=filter,
+                    )
+            return new_filters
+        except json.JSONDecodeError:
+            raise HTTPWithValidationException(
+                fastapi.status.HTTP_400_BAD_REQUEST,
+                "json_invalid",
+                "query",
+                "filters",
+                translate("Invalid filters: Not a valid JSON string"),
+                input=v,
+            )
+        except ValidationError as e:
+            raise HTTPWithValidationException(
+                fastapi.status.HTTP_400_BAD_REQUEST,
+                "literal_error",
+                "query",
+                "filters",
+                e.errors(),
+            )
+
+    @field_validator("opr_filters")
+    @classmethod
+    def validate_opr_filters(cls, v: str | list[OprFilterSchema]):
+        try:
+            logger.debug(f"Validating opr_filters: {v}")
+            filters = json.loads(v) if isinstance(v, str) else v
+            logger.debug(f"Opr Filters: {filters}")
+            if not isinstance(filters, list):
+                raise HTTPWithValidationException(
+                    fastapi.status.HTTP_400_BAD_REQUEST,
+                    "list_type",
+                    "query",
+                    "opr_filters",
+                    translate("Opr Filters must be a list"),
+                    input=filters,
+                )
+            new_filters = []
+            for index, filter in enumerate(filters):
+                if isinstance(filter, OprFilterSchema):
+                    new_filters.append(filter)
+                elif isinstance(filter, dict):
+                    new_filters.append(OprFilterSchema(**filter))
+                else:
+                    raise HTTPWithValidationException(
+                        fastapi.status.HTTP_400_BAD_REQUEST,
+                        "dict_type",
+                        "query",
+                        f"opr_filters[{index}]",
+                        translate("Opr Filter must be an object"),
+                        input=filter,
+                    )
             return new_filters
         except json.JSONDecodeError:
-            raise HTTPException(
-                status_code=400, detail="Invalid filters: Not a valid JSON string"
+            raise HTTPWithValidationException(
+                fastapi.status.HTTP_400_BAD_REQUEST,
+                "json_invalid",
+                "query",
+                "opr_filters",
+                translate("Invalid opr_filters: Not a valid JSON string"),
+                input=v,
             )
         except ValidationError as e:
-            raise HTTPException(
-                status_code=400,
-                detail={
-                    "type": "ValidationError",
-                    "loc": ["query", "filters"],
-                    "msg": e.errors(),
-                },
+            raise HTTPWithValidationException(
+                fastapi.status.HTTP_400_BAD_REQUEST,
+                "literal_error",
+                "query",
+                "opr_filters",
+                e.errors(),
             )
-        except ValueError as e:
-            raise HTTPException(status_code=400, detail=str(e))
 
 
 class QueryBody(QuerySchema):

fastapi_rtk/security/sqla/apis.py

@@ -1,5 +1,6 @@
 from typing import List
 
+import sqlalchemy
 from fastapi import Depends, HTTPException, Request, status
 from pydantic import BaseModel, EmailStr, Field
 from sqlalchemy.ext.asyncio import AsyncSession
@@ -7,9 +8,11 @@ from sqlalchemy.orm import Session
 
 from ...api import BaseApi, ModelRestApi
 from ...backends.sqla.interface import SQLAInterface
-from ...db import UserDatabase, get_user_db
+from ...const import ErrorCode
+from ...db import UserDatabase, db, get_user_db
 from ...decorators import expose, login_required
 from ...globals import g
+from ...lang import translate
 from ...routers import get_auth_router, get_oauth_router
 from ...schemas import (
     GeneralResponse,
@@ -19,7 +22,7 @@ from ...schemas import (
     generate_user_update_schema,
 )
 from ...setting import Setting
-from ...utils import SelfType, lazy, merge_schema
+from ...utils import SelfType, lazy, merge_schema, smart_run
 from .models import Api, Permission, PermissionApi, Role, User
 
 __all__ = [
@@ -161,7 +164,7 @@ class UsersApi(ModelRestApi):
                 col.required = False
 
     async def post_add(self, item, params):
-        await g.current_app.security.update_user(
+        await g.current_app.sm.update_user(
             user_update={"password": item.password},
             user=item,
             session=params.session,
@@ -170,7 +173,7 @@ class UsersApi(ModelRestApi):
 
     async def post_update(self, item, params):
         if params.body.password:
-            await g.current_app.security.update_user(
+            await g.current_app.sm.update_user(
                 user_update={"password": params.body.password},
                 user=item,
                 session=params.session,
@@ -194,6 +197,7 @@ class AuthApi(BaseApi):
                     g.auth.cookie_backend,
                     g.auth.fastapi_users.get_user_manager,
                     g.auth.fastapi_users.authenticator,
+                    auth_type=Setting.AUTH_TYPE,
                 )
             )
         if Setting.AUTH_LOGIN_JWT:
@@ -202,6 +206,7 @@ class AuthApi(BaseApi):
                     g.auth.bearer_backend,
                     g.auth.fastapi_users.get_user_manager,
                     g.auth.fastapi_users.authenticator,
+                    auth_type=Setting.AUTH_TYPE,
                 ),
                 prefix="/jwt",
             )
@@ -225,6 +230,11 @@ class AuthApi(BaseApi):
         for client in oauth_clients:
             oauth_client = client["oauth_client"]
             associate_by_email = client.get("associate_by_email", False)
+            redirect_url = client.get("redirect_url", None)
+            redirect_url_factory = client.get("redirect_url_factory", None)
+            redirect_url_after_callback = client.get(
+                "redirect_url_after_callback", Setting.OAUTH_REDIRECT_URI
+            )
             on_before_register = client.get("on_before_register", None)
             on_after_register = client.get("on_after_register", None)
             on_before_login = client.get("on_before_login", None)
@@ -235,7 +245,9 @@ class AuthApi(BaseApi):
                     backend=g.auth.cookie_backend,
                     get_user_manager=g.auth.fastapi_users.get_user_manager,
                     state_secret=g.auth.secret_key,
-                    redirect_url=Setting.OAUTH_REDIRECT_URI,
+                    redirect_url=redirect_url,
+                    redirect_url_factory=redirect_url_factory,
+                    redirect_url_after_callback=redirect_url_after_callback,
                     associate_by_email=associate_by_email,
                     on_before_register=on_before_register,
                     on_after_register=on_after_register,
@@ -250,7 +262,7 @@ class AuthApi(BaseApi):
             response_model=self.get_user_schema,
             responses={
                 status.HTTP_401_UNAUTHORIZED: {
-                    "description": "Missing token or inactive user.",
+                    "description": ErrorCode.GET_USER_MISSING_TOKEN_OR_INACTIVE_USER,
                 }
             },
         )(self.get_user)
@@ -259,17 +271,31 @@ class AuthApi(BaseApi):
             methods=["PUT"],
             responses={
                 status.HTTP_401_UNAUTHORIZED: {
-                    "description": "Missing token or inactive user.",
+                    "description": ErrorCode.GET_USER_MISSING_TOKEN_OR_INACTIVE_USER,
                 }
             },
         )(self.update_user)
 
-    def get_user(self):
+    async def get_user(self):
         if not g.user:
             raise HTTPException(
-                status_code=status.HTTP_401_UNAUTHORIZED,
-                detail="Missing token or inactive user.",
+                status.HTTP_401_UNAUTHORIZED,
+                ErrorCode.GET_USER_MISSING_TOKEN_OR_INACTIVE_USER,
+            )
+
+        g.user.permissions = []
+        if g.user.roles:
+            # Retrieve list of api names that user has access to
+            query = (
+                sqlalchemy.select(Api.name)
+                .join(PermissionApi)
+                .join(PermissionApi.roles)
+                .where(Role.id.in_([role.id for role in g.user.roles]))
+                .distinct()
             )
+            result = await smart_run(db.current_session.scalars, query)
+            g.user.permissions = list(result)
+
         return g.user
 
     async def update_user(
@@ -280,9 +306,9 @@ class AuthApi(BaseApi):
     ):
         if not g.user:
             raise HTTPException(
-                status_code=status.HTTP_401_UNAUTHORIZED,
-                detail="Missing token or inactive user.",
+                status.HTTP_401_UNAUTHORIZED,
+                ErrorCode.GET_USER_MISSING_TOKEN_OR_INACTIVE_USER,
             )
         user_manager = next(g.auth.get_user_manager(user_db))
         await user_manager.update(user_update, g.user, safe=True, request=request)
-        return GeneralResponse(detail="User updated successfully.")
+        return GeneralResponse(detail=translate("User updated successfully."))

fastapi_rtk/security/sqla/models.py

@@ -77,21 +77,18 @@ class PermissionApi(Model):
         Integer, ForeignKey(f"{API_TABLE}.id"), name=view_menu_id, nullable=False
     )
     api: Mapped["Api"] = relationship(
-        "Api", back_populates="permissions", lazy="selectin"
+        "Api", back_populates="permissions", lazy="joined"
     )
 
     permission_id: Mapped[int] = mapped_column(
         Integer, ForeignKey(f"{PERMISSION_TABLE}.id"), nullable=False
     )
     permission: Mapped["Permission"] = relationship(
-        "Permission", back_populates="apis", lazy="selectin"
+        "Permission", back_populates="apis", lazy="joined"
     )
 
     roles: Mapped[list["Role"]] = relationship(
-        "Role",
-        secondary=assoc_permission_api_role,
-        back_populates="permissions",
-        lazy="selectin",
+        "Role", secondary=assoc_permission_api_role, back_populates="permissions"
     )
 
     def __repr__(self) -> str:
@@ -104,10 +101,7 @@ class Api(Model):
     name: Mapped[str] = mapped_column(String, unique=True, nullable=False)
 
     permissions: Mapped[list[PermissionApi]] = relationship(
-        PermissionApi,
-        back_populates="api",
-        lazy="selectin",
-        cascade="all, delete-orphan",
+        PermissionApi, back_populates="api", cascade="all, delete-orphan"
     )
 
     def __eq__(self, other):
@@ -128,10 +122,7 @@ class Permission(Model):
     name: Mapped[str] = mapped_column(String, unique=True, nullable=False)
 
     apis: Mapped[list[PermissionApi]] = relationship(
-        PermissionApi,
-        back_populates="permission",
-        lazy="selectin",
-        cascade="all, delete-orphan",
+        PermissionApi, back_populates="permission", cascade="all, delete-orphan"
     )
 
     def __repr__(self) -> str:
@@ -144,14 +135,11 @@ class Role(Model):
     name: Mapped[str] = mapped_column(String, unique=True, nullable=False)
 
     users: Mapped[list["User"]] = relationship(
-        "User", secondary=assoc_user_role, back_populates="roles", lazy="selectin"
+        "User", secondary=assoc_user_role, back_populates="roles"
     )
 
     permissions: Mapped[list[PermissionApi]] = relationship(
-        PermissionApi,
-        secondary=assoc_permission_api_role,
-        back_populates="roles",
-        lazy="selectin",
+        PermissionApi, secondary=assoc_permission_api_role, back_populates="roles"
     )
 
     def __repr__(self) -> str:
@@ -203,10 +191,7 @@ class User(Model):
         return Column(Integer, ForeignKey("ab_user.id"), default=self.get_user_id)
 
     oauth_accounts: Mapped[list[OAuthAccount]] = relationship(
-        "OAuthAccount",
-        back_populates="user",
-        lazy="selectin",
-        cascade="all, delete-orphan",
+        "OAuthAccount", back_populates="user", cascade="all, delete-orphan"
     )
 
     roles: Mapped[list[Role]] = relationship(