goosebit 0.2.4__py3-none-any.whl → 0.2.6__py3-none-any.whl

goosebit/storage/filesystem.py

@@ -0,0 +1,111 @@
+import shutil
+from pathlib import Path
+from typing import AsyncIterable
+from urllib.parse import urlparse
+
+import httpx
+from anyio import Path as AnyioPath
+from anyio import open_file
+
+from .base import StorageProtocol
+
+
+class FilesystemStorageBackend(StorageProtocol):
+    def __init__(self, base_path: Path):
+        self.base_path = Path(base_path)
+        self.base_path.mkdir(parents=True, exist_ok=True)
+
+    async def store_file(self, source_path: Path, dest_path: Path) -> str:
+        final_dest_path = self._validate_dest_path(dest_path)
+        final_dest_path.parent.mkdir(parents=True, exist_ok=True)
+
+        shutil.copy2(source_path, final_dest_path)
+
+        return final_dest_path.resolve().as_uri()
+
+    async def get_file_stream(self, uri: str) -> AsyncIterable[bytes]:  # type: ignore[override]
+        parsed = urlparse(uri)
+
+        if parsed.scheme in ("http", "https"):
+            async with httpx.AsyncClient() as client:
+                async with client.stream("GET", uri) as response:
+                    response.raise_for_status()
+                    async for chunk in response.aiter_bytes(8192):
+                        yield chunk
+
+        elif parsed.scheme == "file":
+            file_path = self._extract_path_from_uri(uri)
+            if not file_path.exists():
+                raise FileNotFoundError(f"File not found: {file_path}")
+
+            async with await open_file(file_path, "rb") as f:
+                while True:
+                    chunk = await f.read(8192)
+                    if not chunk:
+                        break
+                    yield chunk
+        else:
+            raise ValueError(f"Unsupported URI scheme '{parsed.scheme}' for filesystem backend: {uri}")
+
+    async def get_download_url(self, uri: str) -> str:
+        parsed = urlparse(uri)
+
+        if parsed.scheme in ("http", "https"):
+            return uri
+
+        elif parsed.scheme == "file":
+            file_path = self._extract_path_from_uri(uri)
+            if not file_path.exists():
+                raise FileNotFoundError(f"File not found: {file_path}")
+
+            return file_path.resolve().as_uri()
+
+        else:
+            raise ValueError(f"Unsupported URI scheme '{parsed.scheme}' for filesystem backend: {uri}")
+
+    def get_temp_dir(self) -> Path:
+        temp_dir = self.base_path / "tmp"
+        temp_dir.mkdir(parents=True, exist_ok=True)
+        return temp_dir
+
+    async def delete_file(self, uri: str) -> bool:
+        parsed = urlparse(uri)
+
+        if parsed.scheme == "file":
+            file_path = self._extract_path_from_uri(uri)
+            if file_path.exists():
+                file_path.unlink()
+                return True
+            return False
+        else:
+            raise ValueError(f"Cannot delete remote file: {uri}")
+
+    def _extract_path_from_uri(self, uri: str) -> Path:
+        parsed = urlparse(uri)
+
+        if parsed.scheme != "file":
+            raise ValueError(f"Expected file:// URI, got: {uri}")
+
+        return Path(parsed.path)
+
+    def _validate_dest_path(self, dest_path: Path) -> Path:
+        if not isinstance(dest_path, (Path, AnyioPath)):
+            raise ValueError("Destination path must be a Path object")
+
+        if isinstance(dest_path, AnyioPath):
+            dest_path = Path(str(dest_path))
+
+        if dest_path.is_absolute():
+            raise ValueError("Destination path cannot be absolute")
+
+        final_dest_path = self.base_path / dest_path
+
+        resolved_dest = final_dest_path.resolve()
+        resolved_base = self.base_path.resolve()
+
+        try:
+            resolved_dest.relative_to(resolved_base)
+        except ValueError:
+            raise ValueError("Destination path contains invalid path traversal components")
+
+        return final_dest_path

goosebit/storage/s3.py

@@ -0,0 +1,104 @@
+import asyncio
+from pathlib import Path
+from typing import AsyncIterable
+from urllib.parse import urlparse
+
+from boto3.session import Session
+from botocore.config import Config
+from botocore.exceptions import ClientError
+
+from .base import StorageProtocol
+
+
+class S3StorageBackend(StorageProtocol):
+    def __init__(
+        self,
+        bucket: str,
+        region: str = "us-east-1",
+        endpoint_url: str | None = None,
+        access_key_id: str | None = None,
+        secret_access_key: str | None = None,
+    ):
+        self.bucket = bucket
+
+        config = Config(
+            region_name=region,
+            connect_timeout=10,
+            read_timeout=60,
+            retries={"max_attempts": 5, "mode": "adaptive"},
+            signature_version="s3v4",
+        )
+
+        session_config = {}
+        if access_key_id is not None:
+            session_config["aws_access_key_id"] = access_key_id
+        if secret_access_key is not None:
+            session_config["aws_secret_access_key"] = secret_access_key
+
+        session = Session(**session_config)
+
+        self.s3_client = session.client("s3", config=config, endpoint_url=endpoint_url)
+
+    async def store_file(self, source_path: Path, dest_path: Path) -> str:
+        key = str(dest_path).replace("\\", "/").lstrip("/")  # Convert path to S3 key
+
+        try:
+            loop = asyncio.get_event_loop()
+            await loop.run_in_executor(None, self.s3_client.upload_file, str(source_path), self.bucket, key)
+            return f"s3://{self.bucket}/{key}"
+        except ClientError as e:
+            raise ValueError(f"S3 upload failed: {e}")
+
+    async def get_file_stream(self, uri: str) -> AsyncIterable[bytes]:  # type: ignore[override]
+        key = self._extract_key_from_uri(uri)
+
+        try:
+            loop = asyncio.get_running_loop()
+            response = await loop.run_in_executor(None, lambda: self.s3_client.get_object(Bucket=self.bucket, Key=key))
+
+            body = response["Body"]
+            try:
+                while True:
+                    chunk = await loop.run_in_executor(None, body.read, 8192)
+                    if not chunk:
+                        break
+                    yield chunk
+            finally:
+                await loop.run_in_executor(None, body.close)
+
+        except ClientError as e:
+            raise ValueError(f"S3 download failed: {e}")
+
+    async def get_download_url(self, uri: str) -> str:
+        parsed = urlparse(uri)
+        if parsed.scheme in ("http", "https"):
+            return uri
+        else:
+            raise ValueError(f"Fallback to streaming as S3 service might not be exposed externally: {uri}")
+
+    def get_temp_dir(self) -> Path:
+        import tempfile
+
+        temp_dir = Path(tempfile.gettempdir()).joinpath("goosebit-s3-temp")
+        temp_dir.mkdir(parents=True, exist_ok=True)
+        return temp_dir
+
+    async def delete_file(self, uri: str) -> bool:
+        parsed = urlparse(uri)
+        if parsed.scheme != "s3":
+            raise ValueError(f"Cannot delete remote file: {uri}")
+
+        key = self._extract_key_from_uri(uri)
+
+        try:
+            loop = asyncio.get_event_loop()
+            await loop.run_in_executor(None, lambda: self.s3_client.delete_object(Bucket=self.bucket, Key=key))
+            return True
+        except ClientError as e:
+            raise ValueError(f"S3 delete failed: {e}")
+
+    def _extract_key_from_uri(self, uri: str) -> str:
+        if not uri.startswith(f"s3://{self.bucket}/"):
+            raise ValueError(f"Invalid S3 URI for bucket {self.bucket}: {uri}")
+
+        return uri.replace(f"s3://{self.bucket}/", "")

goosebit/ui/bff/common/columns.py

@@ -0,0 +1,50 @@
+from .responses import DTColumnDescription
+
+
+class DeviceColumns:
+    id = DTColumnDescription(title="ID", data="id", name="id", searchable=True, orderable=True)
+    name = DTColumnDescription(title="Name", data="name", name="name", searchable=True, orderable=True)
+    hw_model = DTColumnDescription(title="Model", data="hw_model")
+    hw_revision = DTColumnDescription(title="Revision", data="hw_revision")
+    feed = DTColumnDescription(title="Feed", data="feed", name="feed", searchable=True, orderable=True)
+    sw_version = DTColumnDescription(
+        title="Installed Software", data="sw_version", name="sw_version", searchable=True, orderable=True
+    )
+    sw_target_version = DTColumnDescription(title="Target Software", data="sw_target_version")
+    update_mode = DTColumnDescription(
+        title="Update Mode", data="update_mode", name="update_mode", searchable=True, orderable=True
+    )
+    last_state = DTColumnDescription(
+        title="State", data="last_state", name="last_state", searchable=True, orderable=True
+    )
+    force_update = DTColumnDescription(title="Force Update", data="force_update")
+    progress = DTColumnDescription(title="Progress", data="progress")
+    last_ip = DTColumnDescription(title="Last IP", data="last_ip")
+    polling = DTColumnDescription(title="Polling", data="polling")
+    last_seen = DTColumnDescription(title="Last Seen", data="last_seen")
+
+
+class RolloutColumns:
+    id = DTColumnDescription(title="ID", data="id", visible=False)
+    created_at = DTColumnDescription(title="Created", data="created_at", name="created_at", orderable=True)
+    name = DTColumnDescription(title="Name", data="name", name="name", searchable=True, orderable=True)
+    feed = DTColumnDescription(title="Feed", data="feed", name="feed", searchable=True, orderable=True)
+    sw_file = DTColumnDescription(title="Software File", data="sw_file", name="sw_file")
+    sw_version = DTColumnDescription(title="Software Version", data="sw_version", name="sw_version")
+    paused = DTColumnDescription(title="Paused", name="paused", data="paused")
+    success_count = DTColumnDescription(title="Success Count", data="success_count", name="success_count")
+    failure_count = DTColumnDescription(title="Failure Count", data="failure_count", name="failure_count")
+
+
+class SoftwareColumns:
+    id = DTColumnDescription(title="ID", data="id", visible=False)
+    name = DTColumnDescription(title="Name", data="name", name="name")
+    version = DTColumnDescription(title="Version", data="version", name="version", searchable=True, orderable=True)
+    compatibility = DTColumnDescription(title="Compatibility", name="compatibility", data="compatibility")
+    size = DTColumnDescription(title="Size", name="size", data="size")
+
+
+class SettingsUsersColumns:
+    username = DTColumnDescription(title="Username", data="username", searchable=True, orderable=True)
+    enabled = DTColumnDescription(title="Enabled", data="enabled")
+    permissions = DTColumnDescription(title="Permissions", data="permissions")

goosebit/ui/bff/common/requests.py

@@ -10,14 +10,6 @@ class DataTableSearchSchema(BaseModel):
     regex: bool | None = False
 
 
-class DataTableColumnSchema(BaseModel):
-    data: str | None
-    name: str | None = None
-    searchable: bool | None = None
-    orderable: bool | None = None
-    search: DataTableSearchSchema = DataTableSearchSchema()
-
-
 class DataTableOrderDirection(StrEnum):
     ASCENDING = "asc"
     DESCENDING = "desc"
@@ -36,21 +28,17 @@ class DataTableOrderSchema(BaseModel):
 
 class DataTableRequest(BaseModel):
     draw: int = 1
-    columns: list[DataTableColumnSchema] = list()
     order: list[DataTableOrderSchema] = list()
     start: int = 0
-    length: int = 0
+    length: int | None = None
     search: DataTableSearchSchema = DataTableSearchSchema()
 
     @computed_field  # type: ignore[misc]
     @property
     def order_query(self) -> str | None:
         try:
-            column = self.order[0].column
-            if column is None:
-                return None
-            if self.columns[column].name is None:
+            if len(self.order) == 0 or self.order[0].direction is None or self.order[0].name is None:
                 return None
-            return f"{self.order[0].direction}{self.columns[column].data}"
+            return f"{self.order[0].direction}{self.order[0].name}"
         except LookupError:
             return None

goosebit/ui/bff/common/responses.py

@@ -0,0 +1,17 @@
+from __future__ import annotations
+
+from pydantic import BaseModel
+
+
+class DTColumnDescription(BaseModel):
+    title: str
+    data: str
+    name: str | None = None
+
+    searchable: bool | None = None
+    orderable: bool | None = None
+    visible: bool | None = None
+
+
+class DTColumns(BaseModel):
+    columns: list[DTColumnDescription]

goosebit/ui/bff/devices/device/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa : F401

goosebit/ui/bff/devices/device/routes.py

@@ -0,0 +1,17 @@
+from __future__ import annotations
+
+from fastapi import APIRouter, Security
+
+from goosebit.api.v1.devices.device import routes
+from goosebit.auth import validate_user_permissions
+from goosebit.auth.permissions import GOOSEBIT_PERMISSIONS
+
+router = APIRouter(prefix="/{dev_id}")
+
+router.add_api_route(
+    "/log",
+    routes.device_logs,
+    methods=["GET"],
+    dependencies=[Security(validate_user_permissions, scopes=[GOOSEBIT_PERMISSIONS["device"]["read"]()])],
+    name="bff_device_logs",
+)

goosebit/ui/bff/devices/requests.py

@@ -10,3 +10,4 @@ class DevicesPatchRequest(BaseModel):
     pinned: bool | None = None
     feed: str | None = None
     force_update: bool | None = None
+    auth_token: str | None = None

goosebit/ui/bff/devices/responses.py

@@ -21,11 +21,15 @@ class BFFDeviceResponse(BaseModel):
         if dt_query.search.value:
             query = query.filter(search_filter(dt_query.search.value))
 
+        filtered_records = await query.count()
+
         if dt_query.order_query:
             query = query.order_by(dt_query.order_query)
 
-        filtered_records = await query.count()
-        devices = await query.offset(dt_query.start).limit(dt_query.length).all()
+        if dt_query.length is not None:
+            query = query.limit(dt_query.length)
+
+        devices = await query.offset(dt_query.start).all()
         data = [DeviceSchema.model_validate(d) for d in devices]
 
         return cls(data=data, draw=dt_query.draw, records_total=total_records, records_filtered=filtered_records)

goosebit/ui/bff/devices/routes.py

@@ -1,33 +1,41 @@
 from __future__ import annotations
 
+import asyncio
 from typing import Annotated
 
-from fastapi import APIRouter, Depends, Security
+from fastapi import APIRouter, Depends, HTTPException, Security
 from fastapi.requests import Request
 from tortoise.expressions import Q
 
 from goosebit.api.responses import StatusResponse
 from goosebit.api.v1.devices import routes
 from goosebit.auth import validate_user_permissions
+from goosebit.auth.permissions import GOOSEBIT_PERMISSIONS
 from goosebit.db.models import Device, Software, UpdateModeEnum, UpdateStateEnum
+from goosebit.device_manager import DeviceManager, get_device
+from goosebit.schema.devices import DeviceSchema
+from goosebit.schema.software import SoftwareSchema
 from goosebit.ui.bff.common.requests import DataTableRequest
 from goosebit.ui.bff.common.util import parse_datatables_query
-from goosebit.updater.manager import get_update_manager
 
+from ..common.columns import DeviceColumns
+from ..common.responses import DTColumns
+from . import device
 from .requests import DevicesPatchRequest
 from .responses import BFFDeviceResponse
 
 router = APIRouter(prefix="/devices")
+router.include_router(device.router)
 
 
 @router.get(
     "",
-    dependencies=[Security(validate_user_permissions, scopes=["home.read"])],
+    dependencies=[Security(validate_user_permissions, scopes=[GOOSEBIT_PERMISSIONS["device"]["read"]()])],
 )
 async def devices_get(dt_query: Annotated[DataTableRequest, Depends(parse_datatables_query)]) -> BFFDeviceResponse:
     def search_filter(search_value: str):
         return (
-            Q(uuid__icontains=search_value)
+            Q(id__icontains=search_value)
             | Q(name__icontains=search_value)
             | Q(feed__icontains=search_value)
             | Q(sw_version__icontains=search_value)
@@ -37,32 +45,47 @@ async def devices_get(dt_query: Annotated[DataTableRequest, Depends(parse_datata
 
     query = Device.all().prefetch_related("assigned_software", "hardware", "assigned_software__compatibility")
 
-    return await BFFDeviceResponse.convert(dt_query, query, search_filter)
+    response = await BFFDeviceResponse.convert(dt_query, query, search_filter)
+
+    async def set_assigned_sw(d: DeviceSchema):
+        device = await get_device(d.id)
+        _, target = await DeviceManager.get_update(device)
+        if target is not None:
+            await target.fetch_related("compatibility")
+            d.assigned_software = SoftwareSchema.model_validate(target)
+        return d
+
+    response.data = await asyncio.gather(*[set_assigned_sw(d) for d in response.data])
+    return response
 
 
 @router.patch(
     "",
-    dependencies=[Security(validate_user_permissions, scopes=["device.write"])],
+    dependencies=[Security(validate_user_permissions, scopes=[GOOSEBIT_PERMISSIONS["device"]["write"]()])],
 )
 async def devices_patch(_: Request, config: DevicesPatchRequest) -> StatusResponse:
-    for uuid in config.devices:
-        updater = await get_update_manager(uuid)
+    for dev_id in config.devices:
+        if await Device.get_or_none(id=dev_id) is None:
+            raise HTTPException(404, f"Device with ID {dev_id} not found")
+        device = await get_device(dev_id)
+        if config.feed is not None:
+            await DeviceManager.update_feed(device, config.feed)
         if config.software is not None:
             if config.software == "rollout":
-                await updater.update_update(UpdateModeEnum.ROLLOUT, None)
+                await DeviceManager.update_update(device, UpdateModeEnum.ROLLOUT, None)
             elif config.software == "latest":
-                await updater.update_update(UpdateModeEnum.LATEST, None)
+                await DeviceManager.update_update(device, UpdateModeEnum.LATEST, None)
             else:
                 software = await Software.get_or_none(id=config.software)
-                await updater.update_update(UpdateModeEnum.ASSIGNED, software)
+                await DeviceManager.update_update(device, UpdateModeEnum.ASSIGNED, software)
         if config.pinned is not None:
-            await updater.update_update(UpdateModeEnum.PINNED, None)
+            await DeviceManager.update_update(device, UpdateModeEnum.PINNED, None)
         if config.name is not None:
-            await updater.update_name(config.name)
-        if config.feed is not None:
-            await updater.update_feed(config.feed)
+            await DeviceManager.update_name(device, config.name)
         if config.force_update is not None:
-            await updater.update_force_update(config.force_update)
+            await DeviceManager.update_force_update(device, config.force_update)
+        if config.auth_token is not None:
+            await DeviceManager.update_auth_token(device, config.auth_token)
     return StatusResponse(success=True)
 
 
@@ -70,6 +93,37 @@ router.add_api_route(
     "",
     routes.devices_delete,
     methods=["DELETE"],
-    dependencies=[Security(validate_user_permissions, scopes=["device.delete"])],
+    dependencies=[Security(validate_user_permissions, scopes=[GOOSEBIT_PERMISSIONS["device"]["delete"]()])],
     name="bff_devices_delete",
 )
+
+
+@router.get(
+    "/columns",
+    dependencies=[Security(validate_user_permissions, scopes=[GOOSEBIT_PERMISSIONS["device"]["read"]()])],
+    response_model_exclude_none=True,
+)
+async def devices_get_columns(request: Request) -> DTColumns:
+    config = request.scope["config"]
+    columns = list(
+        filter(
+            None,
+            [
+                DeviceColumns.id,
+                DeviceColumns.name,
+                DeviceColumns.hw_model,
+                DeviceColumns.hw_revision,
+                DeviceColumns.feed,
+                DeviceColumns.sw_version,
+                DeviceColumns.sw_target_version,
+                DeviceColumns.update_mode,
+                DeviceColumns.last_state,
+                DeviceColumns.force_update,
+                DeviceColumns.progress,
+                DeviceColumns.last_ip if config.track_device_ip else None,
+                DeviceColumns.polling,
+                DeviceColumns.last_seen,
+            ],
+        )
+    )
+    return DTColumns(columns=columns)

goosebit/ui/bff/download/routes.py

@@ -1,8 +1,9 @@
 from fastapi import APIRouter, HTTPException
 from fastapi.requests import Request
-from fastapi.responses import FileResponse, RedirectResponse
+from fastapi.responses import FileResponse, RedirectResponse, StreamingResponse
 
 from goosebit.db.models import Software
+from goosebit.storage import storage
 
 router = APIRouter(prefix="/download", tags=["download"])
 
@@ -18,5 +19,15 @@ async def download_file(_: Request, file_id: int):
             media_type="application/octet-stream",
             filename=software.path.name,
         )
-    else:
-        return RedirectResponse(url=software.uri)
+
+    try:
+        url = await storage.get_download_url(software.uri)
+        return RedirectResponse(url=url)
+    except ValueError:
+        # Fallback to streaming if redirect fails.
+        file_stream = storage.get_file_stream(software.uri)
+        return StreamingResponse(
+            file_stream,
+            media_type="application/octet-stream",
+            headers={"Content-Disposition": f"attachment; filename={software.path.name}"},
+        )

goosebit/ui/bff/rollouts/responses.py

@@ -19,11 +19,15 @@ class BFFRolloutsResponse(BaseModel):
         if dt_query.search.value:
             query = query.filter(search_filter(dt_query.search.value))
 
+        filtered_records = await query.count()
+
         if dt_query.order_query:
             query = query.order_by(dt_query.order_query)
 
-        filtered_records = await query.count()
-        rollouts = await query.offset(dt_query.start).limit(dt_query.length).all()
+        if dt_query.length is not None:
+            query = query.limit(dt_query.length)
+
+        rollouts = await query.offset(dt_query.start).all()
         data = [RolloutSchema.model_validate(r) for r in rollouts]
 
         return cls(data=data, draw=dt_query.draw, records_total=total_records, records_filtered=filtered_records)

goosebit/ui/bff/rollouts/routes.py

@@ -5,10 +5,13 @@ from tortoise.expressions import Q
 
 from goosebit.api.v1.rollouts import routes
 from goosebit.auth import validate_user_permissions
+from goosebit.auth.permissions import GOOSEBIT_PERMISSIONS
 from goosebit.db.models import Rollout
 from goosebit.ui.bff.common.requests import DataTableRequest
 from goosebit.ui.bff.common.util import parse_datatables_query
 
+from ..common.columns import RolloutColumns
+from ..common.responses import DTColumns
 from .responses import BFFRolloutsResponse
 
 router = APIRouter(prefix="/rollouts")
@@ -16,7 +19,7 @@ router = APIRouter(prefix="/rollouts")
 
 @router.get(
     "",
-    dependencies=[Security(validate_user_permissions, scopes=["rollout.read"])],
+    dependencies=[Security(validate_user_permissions, scopes=[GOOSEBIT_PERMISSIONS["rollout"]["read"]()])],
 )
 async def rollouts_get(dt_query: Annotated[DataTableRequest, Depends(parse_datatables_query)]) -> BFFRolloutsResponse:
     def search_filter(search_value):
@@ -31,7 +34,7 @@ router.add_api_route(
     "",
     routes.rollouts_put,
     methods=["POST"],
-    dependencies=[Security(validate_user_permissions, scopes=["rollout.write"])],
+    dependencies=[Security(validate_user_permissions, scopes=[GOOSEBIT_PERMISSIONS["rollout"]["write"]()])],
     name="bff_rollouts_post",
 )
 
@@ -40,7 +43,7 @@ router.add_api_route(
     "",
     routes.rollouts_patch,
     methods=["PATCH"],
-    dependencies=[Security(validate_user_permissions, scopes=["rollout.write"])],
+    dependencies=[Security(validate_user_permissions, scopes=[GOOSEBIT_PERMISSIONS["rollout"]["write"]()])],
     name="bff_rollouts_patch",
 )
 
@@ -49,6 +52,31 @@ router.add_api_route(
     "",
     routes.rollouts_delete,
     methods=["DELETE"],
-    dependencies=[Security(validate_user_permissions, scopes=["rollout.delete"])],
+    dependencies=[Security(validate_user_permissions, scopes=[GOOSEBIT_PERMISSIONS["rollout"]["delete"]()])],
     name="bff_rollouts_delete",
 )
+
+
+@router.get(
+    "/columns",
+    dependencies=[Security(validate_user_permissions, scopes=[GOOSEBIT_PERMISSIONS["rollout"]["read"]()])],
+    response_model_exclude_none=True,
+)
+async def devices_get_columns() -> DTColumns:
+    columns = list(
+        filter(
+            None,
+            [
+                RolloutColumns.id,
+                RolloutColumns.created_at,
+                RolloutColumns.name,
+                RolloutColumns.feed,
+                RolloutColumns.sw_file,
+                RolloutColumns.sw_version,
+                RolloutColumns.paused,
+                RolloutColumns.success_count,
+                RolloutColumns.failure_count,
+            ],
+        )
+    )
+    return DTColumns(columns=columns)

goosebit/ui/bff/routes.py

@@ -1,11 +1,14 @@
 from __future__ import annotations
 
-from fastapi import APIRouter
+from fastapi import APIRouter, Depends
 
-from . import devices, download, rollouts, software
+from goosebit.auth import validate_current_user
 
-router = APIRouter(prefix="/bff", tags=["bff"])
+from . import devices, download, rollouts, settings, software
+
+router = APIRouter(prefix="/bff", tags=["bff"], dependencies=[Depends(validate_current_user)])
 router.include_router(devices.router)
 router.include_router(software.router)
 router.include_router(rollouts.router)
 router.include_router(download.router)
+router.include_router(settings.router)

goosebit/ui/bff/settings/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa: F401