PyPI - fastapi-rtk - Versions diffs - 1.0.7__py3-none-any.whl → 1.0.9__py3-none-any.whl - Mend

fastapi-rtk 1.0.7py3-none-any.whl → 1.0.9py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

fastapi_rtk/__init__.py +0 -1
fastapi_rtk/_version.py +1 -1
fastapi_rtk/api/model_rest_api.py +1 -0
fastapi_rtk/auth/auth.py +0 -9
fastapi_rtk/backends/sqla/db.py +8 -0
fastapi_rtk/backends/sqla/filters.py +16 -0
fastapi_rtk/backends/sqla/interface.py +11 -8
fastapi_rtk/bases/file_manager.py +12 -0
fastapi_rtk/dependencies.py +110 -64
fastapi_rtk/fastapi_react_toolkit.py +101 -157
fastapi_rtk/file_managers/s3_file_manager.py +63 -32
fastapi_rtk/security/sqla/apis.py +18 -3
fastapi_rtk/security/sqla/models.py +8 -27
fastapi_rtk/security/sqla/security_manager.py +367 -10
fastapi_rtk/utils/hooks.py +7 -4
{fastapi_rtk-1.0.7.dist-info → fastapi_rtk-1.0.9.dist-info}/METADATA +1 -1
{fastapi_rtk-1.0.7.dist-info → fastapi_rtk-1.0.9.dist-info}/RECORD +20 -20
{fastapi_rtk-1.0.7.dist-info → fastapi_rtk-1.0.9.dist-info}/WHEEL +0 -0
{fastapi_rtk-1.0.7.dist-info → fastapi_rtk-1.0.9.dist-info}/entry_points.txt +0 -0
{fastapi_rtk-1.0.7.dist-info → fastapi_rtk-1.0.9.dist-info}/licenses/LICENSE +0 -0

fastapi_rtk/__init__.py CHANGED Viewed

@@ -156,7 +156,6 @@ __all__ = [
     "docs",
     # .dependencies
     "set_global_user",
-    "permissions",
     "current_permissions",
     "has_access_dependency",
     # .exceptions

fastapi_rtk/_version.py CHANGED Viewed

	@@ -1 +1 @@
1	- __version__ = "1.0.7"
1	+ __version__ = "1.0.9"

fastapi_rtk/api/model_rest_api.py CHANGED Viewed

@@ -2328,6 +2328,7 @@ class ModelRestApi(BaseApi):
                     )
                     if self.datamodel.is_files(key) or self.datamodel.is_images(key):
+                        value = [x for x in value if x]  # Remove None values
                         old_filenames = (
                             [x for x in value if isinstance(x, str)] if value else []
                         )

fastapi_rtk/auth/auth.py CHANGED Viewed

@@ -142,15 +142,6 @@ class Authenticator(BaseAuthenticator):
         except HTTPException as e:
             if not default_to_none:
                 raise e
-        # Retrieve list of apis, that user has access to
-        if user:
-            user.permissions = []
-            for role in user.roles:
-                for permission_api in role.permissions:
-                    user.permissions.append(permission_api.api.name)
-            user.permissions = list(set(user.permissions))
         return user, token

fastapi_rtk/backends/sqla/db.py CHANGED Viewed

@@ -454,3 +454,11 @@ class SQLAQueryBuilder(AbstractQueryBuilder[Select[tuple[T]]]):
             load_column["related_columns"][col]["type"] = "some"
         return load_column
+    def _convert_id_into_dict(self, id):
+        # Cast the id into the right type based on the pk column type
+        pk_dict = super()._convert_id_into_dict(id)
+        for pk in pk_dict:
+            col_type = self.datamodel.list_columns[pk].type.python_type
+            pk_dict[pk] = col_type(pk_dict[pk])
+        return pk_dict

fastapi_rtk/backends/sqla/filters.py CHANGED Viewed

@@ -617,6 +617,22 @@ class SQLAFilterConverter:
                 FilterIn,
             ],
         ),
+        (
+            "is_files",
+            [
+                FilterTextContains,
+                # TODO: Make compatible filters
+                # FilterEqual,
+                # FilterNotEqual,
+                # FilterStartsWith,
+                # FilterNotStartsWith,
+                # FilterEndsWith,
+                # FilterNotEndsWith,
+                # FilterContains,
+                # FilterNotContains,
+                # FilterIn,
+            ],
+        ),
         (
             "is_integer",
             [

fastapi_rtk/backends/sqla/interface.py CHANGED Viewed

@@ -255,7 +255,12 @@ class SQLAInterface(AbstractInterface[ModelType, Session | AsyncSession, Column]
                     unique_order_columns.update(
                         [f"{col_name}.{sub_col}" for sub_col in sub_order_columns]
                     )
-            elif self.is_property(col_name) and not self.is_hybrid_property(col_name):
+            elif (
+                self.is_property(col_name)
+                and not self.is_hybrid_property(col_name)
+                or self.is_files(col_name)
+                or self.is_images(col_name)
+            ):
                 continue
             # Allow the column to be used for ordering by default
@@ -353,14 +358,12 @@ class SQLAInterface(AbstractInterface[ModelType, Session | AsyncSession, Column]
             ]
         elif self.is_file(col) or self.is_image(col):
             value_type = fastapi.UploadFile
+            annotated_str_type = typing.Annotated[
+                str | None, BeforeValidator(lambda x: None if x == "null" else x)
+            ]
             if self.is_files(col) or self.is_images(col):
-                value_type = list[value_type | str]
-            return (
-                value_type
-                | typing.Annotated[
-                    str | None, BeforeValidator(lambda x: None if x == "null" else x)
-                ]
-            )
+                value_type = list[value_type | annotated_str_type]
+            return value_type | annotated_str_type
         elif self.is_date(col):
             return date
         elif self.is_datetime(col):

fastapi_rtk/bases/file_manager.py CHANGED Viewed

@@ -35,6 +35,18 @@ class AbstractFileManager(abc.ABC):
         namegen: typing.Callable[[str], str] | None = None,
         permission: int | None = None,
     ):
+        """
+        Initializes the AbstractFileManager.
+        Args:
+            base_path (str | None, optional): Base path for file storage. Defaults to None.
+            allowed_extensions (list[str] | None, optional): Allowed file extensions. Defaults to None.
+            namegen (typing.Callable[[str], str] | None, optional): Callable for generating file names. Defaults to None.
+            permission (int | None, optional): File permission settings. Defaults to None.
+        Raises:
+            ValueError: If `base_path` is not set.
+        """
         if base_path is not None:
             self.base_path = base_path
         if allowed_extensions is not None:

fastapi_rtk/dependencies.py CHANGED Viewed

@@ -1,14 +1,16 @@
 import fastapi
+import sqlalchemy
 from fastapi import Depends, HTTPException
 from .api.base_api import BaseApi
-from .const import PERMISSION_PREFIX, ErrorCode
+from .const import PERMISSION_PREFIX, ErrorCode, logger
+from .db import db
 from .globals import g
-from .security.sqla.models import PermissionApi, User
+from .security.sqla.models import Api, Permission, PermissionApi, Role, User
+from .utils import smart_run
 __all__ = [
     "set_global_user",
-    "permissions",
     "current_permissions",
     "has_access_dependency",
 ]
@@ -62,82 +64,65 @@ def check_g_user():
     return check_g_user_dependency
-def permissions(as_object=False):
+def current_permissions(api: BaseApi):
     """
-    A dependency for FastAPI that will return all permissions of the current user.
+    A dependency for FastAPI that will return all permissions of the current user for the specified API.
-    This will implicitly call the `current_user` dependency from `fastapi_users`. Therefore, it can return `403 Forbidden` if the user is not authenticated.
+    Because it will implicitly check whether the user is authenticated, it can return `401 Unauthorized` or `403 Forbidden`.
     Args:
-        as_object (bool): Whether to return the `PermissionApi` objects or return the api names (E.g "AuthApi" or "AuthApi|UserApi").
+        api (BaseApi): The API to be checked.
     Usage:
     ```python
     async def get_info(
             *,
-            permissions: List[str] = Depends(permissions()),
+            permissions: List[str] = Depends(current_permissions(self)),
             session: AsyncSession | Session = Depends(get_async_session),
         ):
     ...more code
     ```
     """
-    async def permissions_depedency():
-        if not g.user:
-            raise HTTPException(
-                fastapi.status.HTTP_401_UNAUTHORIZED,
-                ErrorCode.GET_USER_MISSING_TOKEN_OR_INACTIVE_USER,
-            )
-        if not g.user.roles:
-            raise HTTPException(
-                fastapi.status.HTTP_403_FORBIDDEN, ErrorCode.GET_USER_NO_ROLES
-            )
+    async def current_permissions_depedency(_=Depends(_ensure_roles)):
+        sm = g.current_app.security
+        api_name = api.__class__.__name__
+        permissions = set[str]()
+        db_role_ids = list[int]()
-        permissions = []
+        # Retrieve permissions from built-in roles
         for role in g.user.roles:
-            for permission_api in role.permissions:
-                if as_object:
-                    permissions.append(permission_api)
-                else:
-                    permissions.append(permission_api.api.name)
-        permissions = list(set(permissions))
-        return permissions
-    return permissions_depedency
+            if role.name not in sm.builtin_roles:
+                db_role_ids.append(role.id)
+                continue
-def current_permissions(api: BaseApi):
-    """
-    A dependency for FastAPI that will return all permissions of the current user for the specified API.
-    Because it will implicitly call the `permissions` dependency, it can return `403 Forbidden` if the user is not authenticated.
+            api_permission_tuples = sm.get_api_permission_tuples_from_builtin_roles(
+                role.name
+            )
+            for multi_apis_str, multi_perms_str in api_permission_tuples:
+                api_names = multi_apis_str.split("|")
+                perm_names = multi_perms_str.split("|")
+                if api_name in api_names:
+                    permissions.update(perm_names)
+        if db_role_ids:
+            query = (
+                sqlalchemy.select(Permission)
+                .join(PermissionApi)
+                .join(PermissionApi.roles)
+                .join(Api)
+                .where(Api.name == api_name, Role.id.in_(db_role_ids))
+            )
+            if api.base_permissions:
+                query = query.where(Permission.name.in_(api.base_permissions))
-    Args:
-        api (BaseApi): The API to be checked.
+            permissions_in_db = await smart_run(db.current_session.scalars, query)
+            permissions.update(perm.name for perm in permissions_in_db.all())
-    Usage:
-    ```python
-    async def get_info(
-            *,
-            permissions: List[str] = Depends(current_permissions(self)),
-            session: AsyncSession | Session = Depends(get_async_session),
-        ):
-    ...more code
-    ```
-    """
-    async def current_permissions_depedency(
-        permissions_apis: list[PermissionApi] = Depends(permissions(as_object=True)),
-    ):
-        permissions = []
-        for permission_api in permissions_apis:
-            if api.__class__.__name__ in permission_api.api.name.split("|"):
-                permissions = permissions + permission_api.permission.name.split("|")
         if api.base_permissions:
-            permissions = [x for x in permissions if x in api.base_permissions]
-        return list(set(permissions))
+            permissions = permissions.intersection(set(api.base_permissions))
+        return list(permissions)
     return current_permissions_depedency
@@ -149,7 +134,7 @@ def has_access_dependency(
     """
     A dependency for FastAPI to check whether current user has access to the specified API and permission.
-    Because it will implicitly call the `current_permissions` dependency, it can return `403 Forbidden` if the user is not authenticated.
+    Because it will implicitly check whether the user is authenticated, it can return `401 Unauthorized` or `403 Forbidden`.
     Usage:
     ```python
@@ -165,15 +150,55 @@ def has_access_dependency(
         api (BaseApi): The API to be checked.
         permission (str): The permission to check.
     """
+    permission = f"{PERMISSION_PREFIX}{permission}"
-    async def check_permission(
-        permissions: list[str] = Depends(current_permissions(api)),
-    ):
-        if f"{PERMISSION_PREFIX}{permission}" not in permissions:
+    async def check_permission():
+        _ensure_roles(ErrorCode.PERMISSION_DENIED)
+        # First, check built-in roles (avoiding unnecessary DB queries)
+        # This also covers the case for API and permission name with pipes
+        sm = g.current_app.security
+        if any(
+            sm.has_access_in_builtin_roles(
+                role.name, api.__class__.__name__, permission
+            )
+            for role in g.user.roles
+        ):
+            logger.debug(
+                f"User {g.user} has access to {api.__class__.__name__} with permission {permission} via built-in roles."
+            )
+            return
+        db_role_ids = [
+            role.id for role in g.user.roles if role.name not in sm.builtin_roles
+        ]
+        if not db_role_ids:
             raise HTTPException(
                 fastapi.status.HTTP_403_FORBIDDEN, ErrorCode.PERMISSION_DENIED
             )
-        return
+        api_name = api.__class__.__name__
+        exist_query = (
+            sqlalchemy.select(Permission)
+            .join(PermissionApi)
+            .join(PermissionApi.roles)
+            .join(Api)
+            .where(
+                Api.name == api_name,
+                Permission.name == permission,
+                Role.id.in_(db_role_ids),
+            )
+            .exists()
+        )
+        result: bool = await smart_run(
+            db.current_session.scalar, sqlalchemy.select(exist_query)
+        )
+        if result:
+            return
+        raise HTTPException(
+            fastapi.status.HTTP_403_FORBIDDEN, ErrorCode.PERMISSION_DENIED
+        )
     return check_permission
@@ -208,3 +233,24 @@ async def set_global_request(request: fastapi.Request):
     ...more code
     """
     g.request = request
+def _ensure_roles(err_forbidden_message=ErrorCode.GET_USER_NO_ROLES):
+    """
+    A dependency for FastAPI that will ensure the current user has roles assigned.
+    Args:
+        err_forbidden_message (str): The error message to be used when raising `403 Forbidden`. Defaults to `ErrorCode.GET_USER_NO_ROLES`.
+    Raises:
+        HTTPException: Raised when the user is not authenticated.
+        HTTPException: Raised when the user has no roles assigned.
+    """
+    if not g.user:
+        raise HTTPException(
+            fastapi.status.HTTP_401_UNAUTHORIZED,
+            ErrorCode.GET_USER_MISSING_TOKEN_OR_INACTIVE_USER,
+        )
+    if not g.user.roles:
+        raise HTTPException(fastapi.status.HTTP_403_FORBIDDEN, err_forbidden_message)

fastapi_rtk/fastapi_react_toolkit.py CHANGED Viewed

@@ -16,13 +16,11 @@ from fastapi.templating import Jinja2Templates
 from fastapi_babel import BabelMiddleware
 from jinja2 import Environment, TemplateNotFound, select_autoescape
 from prometheus_fastapi_instrumentator import Instrumentator
-from sqlalchemy import and_, select
-from sqlalchemy.ext.asyncio import AsyncSession
-from sqlalchemy.orm import Session
 from starlette.routing import _DefaultLifespan
 from .api.model_rest_api import ModelRestApi
 from .auth import Auth
+from .backends.sqla.session import SQLASession
 from .cli.commands.db import upgrade
 from .cli.commands.translate import init_babel_cli
 from .const import (
@@ -418,175 +416,121 @@ class FastAPIReactToolkit:
         async with db.session() as session:
             logger.info("INITIALIZING DATABASE")
-            await self._insert_permissions(session)
-            await self._insert_apis(session)
-            await self._insert_roles(session)
-            await self._associate_permission_with_api(session)
-            await self._associate_permission_api_with_role(session)
+            permissions = await self._insert_permissions(session)
+            apis = await self._insert_apis(session)
+            roles = await self._insert_roles(session)
+            assert permissions is not None, "Permissions should not be None"
+            assert apis is not None, "APIs should not be None"
+            permission_apis = await self._associate_permission_with_api(
+                session, permissions, apis
+            )
+            assert roles is not None, "Roles should not be None"
+            assert permission_apis is not None, "PermissionApis should not be None"
+            await self._associate_role_with_permission_api(
+                session, roles, permission_apis
+            )
             if self.cleanup:
                 await self.security.cleanup()
             logger.info("DATABASE INITIALIZED")
-    async def _insert_permissions(self, session: AsyncSession | Session):
-        new_permissions = self.total_permissions()
-        stmt = select(Permission).where(Permission.name.in_(new_permissions))
-        result = await safe_call(session.scalars(stmt))
-        existing_permissions = [permission.name for permission in result.all()]
-        if len(new_permissions) == len(existing_permissions):
-            return
-        permission_objs = [
-            Permission(name=permission)
-            for permission in new_permissions
-            if permission not in existing_permissions
+    async def _insert_permissions(self, session: SQLASession):
+        permissions = self.total_permissions() + [
+            x[1] for x in self.security.get_api_permission_tuples_from_builtin_roles()
         ]
-        for permission in permission_objs:
-            logger.info(f"ADDING PERMISSION {permission}")
-            session.add(permission)
-        await safe_call(session.commit())
-    async def _insert_apis(self, session: AsyncSession | Session):
-        new_apis = [api.__class__.__name__ for api in self.apis]
-        stmt = select(Api).where(Api.name.in_(new_apis))
-        result = await safe_call(session.scalars(stmt))
-        existing_apis = [api.name for api in result.all()]
-        if len(new_apis) == len(existing_apis):
-            return
-        api_objs = [Api(name=api) for api in new_apis if api not in existing_apis]
-        for api in api_objs:
-            logger.info(f"ADDING API {api}")
-            session.add(api)
-        await safe_call(session.commit())
-    async def _insert_roles(self, session: AsyncSession | Session):
-        new_roles = [x for x in [g.admin_role, g.public_role] if x is not None]
-        stmt = select(Role).where(Role.name.in_(new_roles))
-        result = await safe_call(session.scalars(stmt))
-        existing_roles = [role.name for role in result.all()]
-        if len(new_roles) == len(existing_roles):
-            return
+        permissions = list(dict.fromkeys(permissions))
+        return await self.security.create_permissions(permissions, session=session)
-        role_objs = [
-            Role(name=role) for role in new_roles if role not in existing_roles
+    async def _insert_apis(self, session: SQLASession):
+        apis = [api.__class__.__name__ for api in self.apis] + [
+            x[0] for x in self.security.get_api_permission_tuples_from_builtin_roles()
         ]
-        for role in role_objs:
-            logger.info(f"ADDING ROLE {role}")
-            session.add(role)
-        await safe_call(session.commit())
+        apis = list(dict.fromkeys(apis))
+        return await self.security.create_apis(apis, session=session)
+    async def _insert_roles(self, session: SQLASession):
+        roles = self.security.get_roles_from_builtin_roles()
+        if g.admin_role and g.admin_role not in roles:
+            roles.append(g.admin_role)
+        if g.public_role and g.public_role not in roles:
+            roles.append(g.public_role)
+        return await self.security.create_roles(roles, session=session)
+    async def _associate_permission_with_api(
+        self,
+        session: SQLASession,
+        permissions: list[Permission],
+        apis: list[Api],
+    ):
+        permission_map = {permission.name: permission for permission in permissions}
+        api_map = {api.name: api for api in apis}
+        permission_api_tuples = list[tuple[Permission, Api]]()
+        added_permission_api = set[tuple[str, str]]()
-    async def _associate_permission_with_api(self, session: AsyncSession | Session):
         for api in self.apis:
-            new_permissions = getattr(api, "permissions", [])
-            if not new_permissions:
+            api_permissions = api.permissions
+            if not api_permissions:
                 continue
-            # Get the api object
-            api_stmt = select(Api).where(Api.name == api.__class__.__name__)
-            api_obj = await safe_call(session.scalar(api_stmt))
-            if not api_obj:
-                raise ValueError(f"API {api.__class__.__name__} not found")
-            permission_stmt = select(Permission).where(
-                and_(
-                    Permission.name.in_(new_permissions),
-                    ~Permission.id.in_([p.permission_id for p in api_obj.permissions]),
-                )
-            )
-            permission_result = await safe_call(session.scalars(permission_stmt))
-            new_permissions = permission_result.all()
-            if not new_permissions:
+            for permission_name in api_permissions:
+                if (permission_name, api.__class__.__name__) in added_permission_api:
+                    continue
+                permission = permission_map[permission_name]
+                api_obj = api_map[api.__class__.__name__]
+                permission_api_tuples.append((permission, api_obj))
+                added_permission_api.add((permission.name, api_obj.name))
+        for (
+            api_name,
+            perm_name,
+        ) in self.security.get_api_permission_tuples_from_builtin_roles():
+            if (perm_name, api_name) in added_permission_api:
                 continue
+            permission = permission_map[perm_name]
+            api_obj = api_map[api_name]
+            permission_api_tuples.append((permission, api_obj))
+            added_permission_api.add((permission.name, api_obj.name))
-            for permission in new_permissions:
-                session.add(
-                    PermissionApi(permission_id=permission.id, api_id=api_obj.id)
-                )
-                logger.info(f"ASSOCIATING PERMISSION {permission} WITH API {api_obj}")
-            await safe_call(session.commit())
+        return await self.security.associate_list_of_permission_with_api(
+            permission_api_tuples, session=session
+        )
-    async def _associate_permission_api_with_role(
-        self, session: AsyncSession | Session
+    async def _associate_role_with_permission_api(
+        self,
+        session: SQLASession,
+        roles: list[Role],
+        permission_apis: list[PermissionApi],
     ):
-        # Read config based roles
-        roles_dict = Setting.ROLES
-        for role_name, role_permissions in roles_dict.items():
-            role_stmt = select(Role).where(Role.name == role_name)
-            role_result = await safe_call(session.scalars(role_stmt))
-            role = role_result.first()
-            if not role:
-                role = Role(name=role_name)
-                logger.info(f"ADDING ROLE {role}")
-                session.add(role)
-            for api_name, permission_name in role_permissions:
-                permission_api_stmt = (
-                    select(PermissionApi)
-                    .where(
-                        and_(Api.name == api_name, Permission.name == permission_name)
-                    )
-                    .join(Permission)
-                    .join(Api)
-                )
-                permission_api = await safe_call(session.scalar(permission_api_stmt))
-                if not permission_api:
-                    permission_stmt = select(Permission).where(
-                        Permission.name == permission_name
-                    )
-                    permission = await safe_call(session.scalar(permission_stmt))
-                    if not permission:
-                        permission = Permission(name=permission_name)
-                        logger.info(f"ADDING PERMISSION {permission}")
-                        session.add(permission)
-                    stmt = select(Api).where(Api.name == api_name)
-                    api = await safe_call(session.scalar(stmt))
-                    if not api:
-                        api = Api(name=api_name)
-                        logger.info(f"ADDING API {api}")
-                        session.add(api)
-                    permission_api = PermissionApi(permission=permission, api=api)
-                    logger.info(f"ADDING PERMISSION-API {permission_api}")
-                    session.add(permission_api)
-                # Associate role with permission-api
-                if role not in permission_api.roles:
-                    permission_api.roles.append(role)
-                    logger.info(
-                        f"ASSOCIATING {role} WITH PERMISSION-API {permission_api}"
-                    )
-                await safe_call(session.commit())
-        # Get admin role
-        if g.admin_role is None:
-            logger.warning("Admin role is not set, skipping admin role association")
-            return
-        admin_role_stmt = select(Role).where(Role.name == g.admin_role)
-        admin_role = await safe_call(session.scalar(admin_role_stmt))
-        if admin_role:
-            # Get list of permission-api.assoc_permission_api_id of the admin role
-            stmt = (
-                select(PermissionApi)
-                .where(~PermissionApi.roles.contains(admin_role))
-                .join(Api)
-            )
-            result = await safe_call(session.scalars(stmt))
-            existing_assoc_permission_api_roles = result.all()
-            # Add admin role to all permission-api objects
-            for permission_api in existing_assoc_permission_api_roles:
-                permission_api.roles.append(admin_role)
-                logger.info(
-                    f"ASSOCIATING {admin_role} WITH PERMISSION-API {permission_api}"
-                )
-            await safe_call(session.commit())
+        role_map = {role.name: role for role in roles}
+        permission_api_map = {
+            (pa.permission.name, pa.api.name): pa for pa in permission_apis
+        }
+        permission_apis_to_exclude_from_admin = list[PermissionApi]()
+        role_permission_api_tuples = list[tuple[Role, PermissionApi]]()
+        for (
+            role_name,
+            role_api_permissions,
+        ) in self.security.get_role_and_api_permission_tuples_from_builtin_roles():
+            for api_name, permission_name in role_api_permissions:
+                role = role_map[role_name]
+                permission_api = permission_api_map[(permission_name, api_name)]
+                role_permission_api_tuples.append((role, permission_api))
+                if "|" in permission_name and role_name != g.public_role:
+                    # Exclude multi-tenant permissions from admin role if not explicitly set
+                    permission_apis_to_exclude_from_admin.append(permission_api)
+        if g.admin_role:
+            admin_role = role_map[g.admin_role]
+            for permission_api in [
+                pa
+                for pa in permission_apis
+                if pa not in permission_apis_to_exclude_from_admin
+            ]:
+                role_permission_api_tuples.append((admin_role, permission_api))
+        await self.security.associate_list_of_role_with_permission_api(
+            role_permission_api_tuples, session=session
+        )
     def _mount_static_folder(self):
         """

fastapi-rtk 1.0.7__py3-none-any.whl → 1.0.9__py3-none-any.whl

fastapi-rtk 1.0.7py3-none-any.whl → 1.0.9py3-none-any.whl