simple-module-settings 0.0.1__py3-none-any.whl

settings/contracts/registry.py

@@ -0,0 +1,66 @@
+"""Registry of declared setting keys — lets modules advertise the keys they
+read so admins can see every knob (and its default) in one place.
+
+Usage from a consumer module's ``on_startup`` hook:
+
+    def on_startup(self, app):
+        app.state.settings.registry.add(
+            SettingDefinition(
+                key="orders.checkout.require_terms",
+                default="true",
+                description="Show the terms-and-conditions checkbox on checkout.",
+            )
+        )
+
+The registry doesn't write anything to the database — it only records
+intent. ``SettingsAccessor.get`` falls back to the registered default when
+no row exists at any scope. ``get_bool`` / ``get_int`` / ``get_json`` cast
+the stored string representation on the way out.
+
+API mirrors the other framework registries (MenuRegistry / PermissionRegistry
+/ FeatureFlagRegistry): ``add(definition)`` + ``all_definitions``. Unlike
+FeatureFlagRegistry, duplicate keys raise — settings carry defaults and a
+second registration almost always means two owners contended for the same key.
+"""
+
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+
+from settings.constants import ERR_KEY_ALREADY_EXISTS
+from settings.contracts.schemas import SettingScope, SettingValueType
+
+
+@dataclass(frozen=True, slots=True)
+class SettingDefinition:
+    """Declared metadata for a setting key."""
+
+    key: str
+    default: str = ""
+    description: str = ""
+    scope: SettingScope = SettingScope.SYSTEM
+    value_type: SettingValueType = SettingValueType.STRING
+
+
+@dataclass(slots=True)
+class SettingsRegistry:
+    """In-memory registry of declared setting keys. Populated at module boot
+    so admins (and other modules) can discover every knob the app exposes.
+    """
+
+    _defs: dict[str, SettingDefinition] = field(default_factory=dict)
+
+    def add(self, definition: SettingDefinition) -> None:
+        if definition.key in self._defs:
+            raise ValueError(f"{ERR_KEY_ALREADY_EXISTS}: {definition.key!r}")
+        self._defs[definition.key] = definition
+
+    def get(self, key: str) -> SettingDefinition | None:
+        return self._defs.get(key)
+
+    @property
+    def all_definitions(self) -> list[SettingDefinition]:
+        return list(self._defs.values())
+
+    def __contains__(self, key: str) -> bool:
+        return key in self._defs

settings/contracts/schemas.py

@@ -0,0 +1,154 @@
+"""SQLModel DTOs + SettingScope / SettingValueType enums."""
+
+from __future__ import annotations
+
+import json
+from datetime import datetime
+from enum import StrEnum
+
+from pydantic import ConfigDict, model_validator
+from sqlmodel import Field, SQLModel
+
+from settings.constants import (
+    DESCRIPTION_MAX_LENGTH,
+    ERR_SCOPED_REQUIRES_ID,
+    ERR_SYSTEM_SCOPE_NO_ID,
+    ERR_VALUE_MISMATCH,
+    KEY_MAX_LENGTH,
+    SCOPE_ID_MAX_LENGTH,
+    SCOPE_SYSTEM,
+    SCOPE_TENANT,
+    SCOPE_USER,
+    SYSTEM_SCOPE_ID,
+    VALUE_MAX_LENGTH,
+    VALUE_TYPE_BOOL,
+    VALUE_TYPE_FLOAT,
+    VALUE_TYPE_INT,
+    VALUE_TYPE_JSON,
+    VALUE_TYPE_STRING,
+)
+
+_BOOL_LITERALS = frozenset(
+    {"true", "false", "1", "0", "t", "f", "yes", "no", "y", "n", "on", "off"}
+)
+BOOL_LITERALS_TRUE = frozenset({"1", "true", "t", "yes", "y", "on"})
+BOOL_LITERALS_FALSE = frozenset({"0", "false", "f", "no", "n", "off"})
+
+
+class SettingScope(StrEnum):
+    """Override level for a setting entry."""
+
+    SYSTEM = SCOPE_SYSTEM
+    TENANT = SCOPE_TENANT
+    USER = SCOPE_USER
+
+
+class SettingValueType(StrEnum):
+    """How the stored ``value`` string should be interpreted."""
+
+    STRING = VALUE_TYPE_STRING
+    BOOL = VALUE_TYPE_BOOL
+    INT = VALUE_TYPE_INT
+    FLOAT = VALUE_TYPE_FLOAT
+    JSON = VALUE_TYPE_JSON
+
+
+def _validate_scope_id(scope: SettingScope, scope_id: str) -> None:
+    if scope is SettingScope.SYSTEM and scope_id:
+        raise ValueError(ERR_SYSTEM_SCOPE_NO_ID)
+    if scope is not SettingScope.SYSTEM and not scope_id:
+        raise ValueError(ERR_SCOPED_REQUIRES_ID)
+
+
+def _validate_value_matches_type(value: str, value_type: SettingValueType) -> None:
+    """Ensure ``value`` parses as the declared type. Empty values are always ok."""
+    if value == "":
+        return
+    if value_type is SettingValueType.STRING:
+        return
+    if value_type is SettingValueType.BOOL:
+        if value.strip().lower() not in _BOOL_LITERALS:
+            raise ValueError(ERR_VALUE_MISMATCH)
+        return
+    if value_type is SettingValueType.INT:
+        try:
+            int(value)
+        except ValueError as exc:
+            raise ValueError(ERR_VALUE_MISMATCH) from exc
+        return
+    if value_type is SettingValueType.FLOAT:
+        try:
+            float(value)
+        except ValueError as exc:
+            raise ValueError(ERR_VALUE_MISMATCH) from exc
+        return
+    if value_type is SettingValueType.JSON:
+        try:
+            json.loads(value)
+        except (TypeError, ValueError) as exc:
+            raise ValueError(ERR_VALUE_MISMATCH) from exc
+
+
+class SettingOut(SQLModel):
+    """A setting returned by the API."""
+
+    model_config = ConfigDict(from_attributes=True)
+
+    id: int
+    scope: SettingScope
+    scope_id: str
+    key: str
+    value: str
+    value_type: SettingValueType = SettingValueType.STRING
+    description: str | None = None
+    created_at: datetime | None = None
+    updated_at: datetime | None = None
+
+
+class SettingCreate(SQLModel):
+    """Payload to create a new setting at an explicit scope."""
+
+    scope: SettingScope = SettingScope.SYSTEM
+    scope_id: str = Field(default=SYSTEM_SCOPE_ID, max_length=SCOPE_ID_MAX_LENGTH)
+    key: str = Field(min_length=1, max_length=KEY_MAX_LENGTH)
+    value: str = Field(max_length=VALUE_MAX_LENGTH)
+    value_type: SettingValueType = SettingValueType.STRING
+    description: str | None = Field(default=None, max_length=DESCRIPTION_MAX_LENGTH)
+
+    @model_validator(mode="after")
+    def _check(self) -> SettingCreate:
+        _validate_scope_id(self.scope, self.scope_id)
+        _validate_value_matches_type(self.value, self.value_type)
+        return self
+
+
+class SettingUpdate(SQLModel):
+    """Payload to update an existing setting by id. Scope cannot change."""
+
+    value: str | None = Field(default=None, max_length=VALUE_MAX_LENGTH)
+    value_type: SettingValueType | None = None
+    description: str | None = Field(default=None, max_length=DESCRIPTION_MAX_LENGTH)
+
+    @model_validator(mode="after")
+    def _check(self) -> SettingUpdate:
+        if self.value is not None and self.value_type is not None:
+            _validate_value_matches_type(self.value, self.value_type)
+        return self
+
+
+class SettingUpsert(SQLModel):
+    """Payload for upsert operations (value + optional type + description).
+
+    ``value_type`` is optional: when absent on an update it preserves the
+    existing row's type, and on a create it defaults to ``STRING``.
+    """
+
+    value: str = Field(max_length=VALUE_MAX_LENGTH)
+    value_type: SettingValueType | None = None
+    description: str | None = Field(default=None, max_length=DESCRIPTION_MAX_LENGTH)
+
+    @model_validator(mode="after")
+    def _check(self) -> SettingUpsert:
+        if self.value_type is not None:
+            _validate_value_matches_type(self.value, self.value_type)
+        return self

settings/deps.py

@@ -0,0 +1,56 @@
+"""FastAPI dependencies for the Settings module.
+
+Consumers in other modules should almost always depend on ``SettingsDep``
+(the accessor) rather than ``SettingService`` directly — the accessor is
+bound to the current request's user/tenant so ``get_bool(key)`` etc. just
+work.
+"""
+
+from __future__ import annotations
+
+from typing import Annotated
+
+from fastapi import Depends, Request
+from simple_module_db.deps import get_db
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from settings.constants import MODULE_PACKAGE
+from settings.contracts.accessor import SettingsAccessor
+from settings.contracts.registry import SettingsRegistry
+from settings.service import SettingService
+
+
+async def get_setting_service(
+    db: AsyncSession = Depends(get_db),
+) -> SettingService:
+    return SettingService(db)
+
+
+def get_settings_registry(request: Request) -> SettingsRegistry:
+    """Return the app-wide settings registry populated during boot."""
+    services = getattr(request.app.state, MODULE_PACKAGE)
+    return services.registry
+
+
+async def get_settings_accessor(
+    request: Request,
+    service: SettingService = Depends(get_setting_service),
+    registry: SettingsRegistry = Depends(get_settings_registry),
+) -> SettingsAccessor:
+    """Build a request-scoped accessor bound to the caller's user/tenant.
+
+    ``request.state.user`` is populated by ``users.middleware`` (carries a
+    ``UserContext``). ``request.state.tenant_id`` is populated by
+    ``TenantMiddleware`` when ``multi_tenant=True``. Both are optional —
+    the accessor gracefully degrades to lower scopes (or the registered
+    default) if the request is unauthenticated or untenanted.
+    """
+    user = getattr(request.state, "user", None)
+    user_id = str(user.id) if user is not None else None
+    tenant_id = getattr(request.state, "tenant_id", None)
+    return SettingsAccessor(service, registry, user_id=user_id, tenant_id=tenant_id)
+
+
+# Convenience aliases for typing annotations in consumer modules.
+SettingServiceDep = Annotated[SettingService, Depends(get_setting_service)]
+SettingsDep = Annotated[SettingsAccessor, Depends(get_settings_accessor)]

settings/endpoints/api.py

@@ -0,0 +1,202 @@
+"""REST API endpoints for the Settings module."""
+
+from __future__ import annotations
+
+from fastapi import APIRouter, Depends, HTTPException, Query
+
+from settings.constants import (
+    API_BY_ID_PATH,
+    API_RESOLVE_PATH,
+    API_SYSTEM_PATH,
+    API_TENANT_PATH,
+    API_USER_PATH,
+    ERR_SETTING_NOT_FOUND,
+    QP_SCOPE,
+    QP_SCOPE_ID,
+    QP_TENANT_ID,
+    QP_USER_ID,
+    STATUS_CREATED,
+    STATUS_NO_CONTENT,
+    STATUS_NOT_FOUND,
+    SYSTEM_SCOPE_ID,
+)
+from settings.contracts.schemas import (
+    SettingCreate,
+    SettingOut,
+    SettingScope,
+    SettingUpdate,
+    SettingUpsert,
+)
+from settings.deps import get_setting_service
+from settings.service import SettingService
+
+router = APIRouter()
+
+
+def _not_found() -> HTTPException:
+    return HTTPException(status_code=STATUS_NOT_FOUND, detail=ERR_SETTING_NOT_FOUND)
+
+
+# ── List / filter ───────────────────────────────────────────────────
+
+
+@router.get("/", response_model=list[SettingOut])
+async def list_settings(
+    scope: SettingScope | None = Query(default=None, alias=QP_SCOPE),
+    scope_id: str = Query(default=SYSTEM_SCOPE_ID, alias=QP_SCOPE_ID),
+    service: SettingService = Depends(get_setting_service),
+) -> list[SettingOut]:
+    if scope is None:
+        return await service.list_all()
+    return await service.list_by_scope(scope, scope_id)
+
+
+# ── Resolution (USER > TENANT > SYSTEM) ─────────────────────────────
+
+
+@router.get(API_RESOLVE_PATH, response_model=SettingOut)
+async def resolve_setting(
+    key: str,
+    user_id: str | None = Query(default=None, alias=QP_USER_ID),
+    tenant_id: str | None = Query(default=None, alias=QP_TENANT_ID),
+    service: SettingService = Depends(get_setting_service),
+) -> SettingOut:
+    result = await service.resolve(key, user_id=user_id, tenant_id=tenant_id)
+    if result is None:
+        raise _not_found()
+    return result
+
+
+# ── Scoped (system / tenant / user) ─────────────────────────────────
+
+
+@router.get(API_SYSTEM_PATH, response_model=SettingOut)
+async def get_system_setting(
+    key: str, service: SettingService = Depends(get_setting_service)
+) -> SettingOut:
+    result = await service.get_scoped(SettingScope.SYSTEM, SYSTEM_SCOPE_ID, key)
+    if result is None:
+        raise _not_found()
+    return result
+
+
+@router.put(API_SYSTEM_PATH, response_model=SettingOut)
+async def upsert_system_setting(
+    key: str,
+    data: SettingUpsert,
+    service: SettingService = Depends(get_setting_service),
+) -> SettingOut:
+    return await service.upsert_scoped(SettingScope.SYSTEM, SYSTEM_SCOPE_ID, key, data)
+
+
+@router.delete(API_SYSTEM_PATH, status_code=STATUS_NO_CONTENT)
+async def delete_system_setting(
+    key: str, service: SettingService = Depends(get_setting_service)
+) -> None:
+    if not await service.delete_scoped(SettingScope.SYSTEM, SYSTEM_SCOPE_ID, key):
+        raise _not_found()
+
+
+@router.get(API_TENANT_PATH, response_model=SettingOut)
+async def get_tenant_setting(
+    scope_id: str,
+    key: str,
+    service: SettingService = Depends(get_setting_service),
+) -> SettingOut:
+    result = await service.get_scoped(SettingScope.TENANT, scope_id, key)
+    if result is None:
+        raise _not_found()
+    return result
+
+
+@router.put(API_TENANT_PATH, response_model=SettingOut)
+async def upsert_tenant_setting(
+    scope_id: str,
+    key: str,
+    data: SettingUpsert,
+    service: SettingService = Depends(get_setting_service),
+) -> SettingOut:
+    return await service.upsert_scoped(SettingScope.TENANT, scope_id, key, data)
+
+
+@router.delete(API_TENANT_PATH, status_code=STATUS_NO_CONTENT)
+async def delete_tenant_setting(
+    scope_id: str,
+    key: str,
+    service: SettingService = Depends(get_setting_service),
+) -> None:
+    if not await service.delete_scoped(SettingScope.TENANT, scope_id, key):
+        raise _not_found()
+
+
+@router.get(API_USER_PATH, response_model=SettingOut)
+async def get_user_setting(
+    scope_id: str,
+    key: str,
+    service: SettingService = Depends(get_setting_service),
+) -> SettingOut:
+    result = await service.get_scoped(SettingScope.USER, scope_id, key)
+    if result is None:
+        raise _not_found()
+    return result
+
+
+@router.put(API_USER_PATH, response_model=SettingOut)
+async def upsert_user_setting(
+    scope_id: str,
+    key: str,
+    data: SettingUpsert,
+    service: SettingService = Depends(get_setting_service),
+) -> SettingOut:
+    return await service.upsert_scoped(SettingScope.USER, scope_id, key, data)
+
+
+@router.delete(API_USER_PATH, status_code=STATUS_NO_CONTENT)
+async def delete_user_setting(
+    scope_id: str,
+    key: str,
+    service: SettingService = Depends(get_setting_service),
+) -> None:
+    if not await service.delete_scoped(SettingScope.USER, scope_id, key):
+        raise _not_found()
+
+
+# ── Id-based CRUD (admin tooling) ───────────────────────────────────
+
+
+@router.post("/", response_model=SettingOut, status_code=STATUS_CREATED)
+async def create_setting(
+    data: SettingCreate,
+    service: SettingService = Depends(get_setting_service),
+) -> SettingOut:
+    return await service.create(data)
+
+
+@router.get(API_BY_ID_PATH, response_model=SettingOut)
+async def get_setting(
+    setting_id: int, service: SettingService = Depends(get_setting_service)
+) -> SettingOut:
+    result = await service.get_by_id(setting_id)
+    if result is None:
+        raise _not_found()
+    return result
+
+
+@router.put(API_BY_ID_PATH, response_model=SettingOut)
+async def update_setting(
+    setting_id: int,
+    data: SettingUpdate,
+    service: SettingService = Depends(get_setting_service),
+) -> SettingOut:
+    result = await service.update(setting_id, data)
+    if result is None:
+        raise _not_found()
+    return result
+
+
+@router.delete(API_BY_ID_PATH, status_code=STATUS_NO_CONTENT)
+async def delete_setting(
+    setting_id: int, service: SettingService = Depends(get_setting_service)
+) -> None:
+    if not await service.delete(setting_id):
+        raise _not_found()

settings/endpoints/module_api.py

@@ -0,0 +1,102 @@
+"""REST endpoints for the per-module settings admin UI.
+
+PUT drops fields whose value is the mask sentinel so the UI can echo back
+masked secrets without clobbering the real value.
+"""
+
+from __future__ import annotations
+
+import json
+from typing import Any
+
+from fastapi import APIRouter, Depends, HTTPException, Request, Response, status
+from pydantic import ValidationError
+
+from settings._module_settings import (
+    SECRET_MASK,
+    collect_module_settings,
+    is_secret_field,
+    serialize,
+)
+from settings.constants import MODULE_PACKAGE
+from settings.contracts.events import SettingsReloaded
+from settings.deps import get_setting_service
+from settings.hydrate import hydrate_settings
+from settings.reload import apply_changes_and_reload
+from settings.service import SettingService
+from settings.store import SettingsStore
+
+router = APIRouter(prefix="/modules", tags=["Settings Modules"])
+
+
+def _strip_mask_sentinels(changes: dict[str, Any]) -> dict[str, Any]:
+    """Drop secret fields whose value is the UI mask sentinel."""
+    return {
+        name: value
+        for name, value in changes.items()
+        if not (isinstance(value, str) and value == SECRET_MASK and is_secret_field(name))
+    }
+
+
+@router.get("")
+async def list_modules(request: Request) -> dict[str, Any]:
+    views = collect_module_settings(request.app)
+    return {"modules": serialize(views)}
+
+
+@router.put("/{package}")
+async def update_module(
+    package: str,
+    changes: dict[str, Any],
+    request: Request,
+    service: SettingService = Depends(get_setting_service),
+) -> dict[str, Any]:
+    registry = getattr(request.app.state, MODULE_PACKAGE).module_registry
+    if registry.get(package) is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Unknown module package")
+
+    cleaned = _strip_mask_sentinels(changes)
+    if not cleaned:
+        return {"ok": True, "changed": []}
+
+    store = SettingsStore(service)
+    bus = request.app.state.sm.event_bus
+    try:
+        await apply_changes_and_reload(request.app, bus, store, package=package, changes=cleaned)
+    except ValidationError as exc:
+        # ``exc.errors()`` still leaves ``ctx.error`` holding the raw Python
+        # exception (not JSON-serializable). Round-trip through pydantic's
+        # own JSON encoder to get clean, serializable errors.
+        clean = json.loads(exc.json(include_url=False))
+        raise HTTPException(status_code=422, detail=clean) from exc
+    except KeyError as exc:
+        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail=str(exc)) from exc
+
+    return {"ok": True, "changed": sorted(cleaned)}
+
+
+@router.delete("/{package}/{field}", status_code=status.HTTP_204_NO_CONTENT)
+async def clear_module_field(
+    package: str,
+    field: str,
+    request: Request,
+    service: SettingService = Depends(get_setting_service),
+) -> Response:
+    registry = getattr(request.app.state, MODULE_PACKAGE).module_registry
+    cls = registry.get(package)
+    if cls is None:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Unknown module package")
+    if field not in cls.model_fields:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Unknown field")
+
+    store = SettingsStore(service)
+    await store.clear_override(package, field)
+
+    hydrated = await hydrate_settings(cls, store, package)
+    services = getattr(request.app.state, package)
+    services.settings = hydrated
+
+    bus = request.app.state.sm.event_bus
+    await bus.publish(SettingsReloaded(package=package, changed=(field,)))
+
+    return Response(status_code=status.HTTP_204_NO_CONTENT)

settings/endpoints/views.py

@@ -0,0 +1,120 @@
+"""Inertia view endpoints for the Settings module.
+
+Page component identifiers are inlined as string literals here (instead of
+imported from ``settings.constants``) so the ``SM003`` orphan-page doctor
+check — which parses calls to ``inertia.render`` via AST literal matching —
+can correlate views to their ``pages/*.tsx`` files. The literals must match
+``PAGE_BROWSE`` / ``PAGE_CREATE`` / ``PAGE_EDIT`` in ``constants.py``, and
+a test in ``test_settings_module.py`` enforces that invariant.
+"""
+
+from __future__ import annotations
+
+from fastapi import APIRouter, Depends, Request
+from inertia import InertiaResponse
+from pydantic import ValidationError
+from simple_module_hosting.inertia_deps import InertiaDep
+from simple_module_hosting.inertia_utils import redirect_back_with_errors, validation_errors_to_dict
+from starlette.responses import RedirectResponse
+
+from settings._module_settings import collect_module_settings, serialize
+from settings.constants import (
+    ERR_SETTING_NOT_FOUND,
+    PROP_ERROR,
+    PROP_MODULES,
+    PROP_SETTING,
+    PROP_SETTINGS,
+    VIEW_CREATE_PATH,
+    VIEW_EDIT_PATH,
+    VIEW_MODULES_PATH,
+)
+from settings.contracts.schemas import SettingCreate, SettingUpdate
+from settings.deps import get_setting_service
+from settings.service import SettingService
+
+_REDIRECT_SETTINGS = "/settings"
+
+router = APIRouter()
+
+
+@router.get("/", response_model=None)
+async def browse(
+    inertia: InertiaDep,
+    service: SettingService = Depends(get_setting_service),
+) -> InertiaResponse:
+    items = await service.list_all()
+    return await inertia.render(
+        "Settings/Browse",
+        {PROP_SETTINGS: [item.model_dump(mode="json") for item in items]},
+    )
+
+
+@router.get(VIEW_CREATE_PATH, response_model=None)
+async def create_view(inertia: InertiaDep) -> InertiaResponse:
+    return await inertia.render("Settings/Create")
+
+
+@router.get(VIEW_EDIT_PATH, response_model=None)
+async def edit_view(
+    setting_id: int,
+    inertia: InertiaDep,
+    service: SettingService = Depends(get_setting_service),
+) -> InertiaResponse:
+    item = await service.get_by_id(setting_id)
+    if item is None:
+        return await inertia.render("Settings/Browse", {PROP_ERROR: ERR_SETTING_NOT_FOUND})
+    return await inertia.render("Settings/Edit", {PROP_SETTING: item.model_dump(mode="json")})
+
+
+# ── Form actions (POST/PUT/DELETE → redirect) ─────────────────
+
+
+@router.post("/", response_model=None)
+async def create_action(
+    request: Request,
+    service: SettingService = Depends(get_setting_service),
+) -> RedirectResponse:
+    body = await request.json()
+    try:
+        data = SettingCreate(**body)
+    except ValidationError as exc:
+        return redirect_back_with_errors(request, validation_errors_to_dict(exc))
+    await service.create(data)
+    return RedirectResponse(_REDIRECT_SETTINGS, status_code=303)
+
+
+@router.put("/{setting_id}", response_model=None)
+async def update_action(
+    setting_id: int,
+    request: Request,
+    service: SettingService = Depends(get_setting_service),
+) -> RedirectResponse:
+    body = await request.json()
+    try:
+        data = SettingUpdate(**body)
+    except ValidationError as exc:
+        return redirect_back_with_errors(request, validation_errors_to_dict(exc))
+    await service.update(setting_id, data)
+    return RedirectResponse(_REDIRECT_SETTINGS, status_code=303)
+
+
+@router.delete("/{setting_id}", response_model=None)
+async def delete_action(
+    setting_id: int,
+    service: SettingService = Depends(get_setting_service),
+) -> RedirectResponse:
+    await service.delete(setting_id)
+    return RedirectResponse(_REDIRECT_SETTINGS, status_code=303)
+
+
+@router.get(VIEW_MODULES_PATH, response_model=None)
+async def modules_view(request: Request, inertia: InertiaDep) -> InertiaResponse:
+    """Read-only view of every module's pydantic ``BaseSettings`` instance.
+
+    Auto-discovered from ``app.state.sm.modules``; secrets are masked server-side.
+    """
+    views = collect_module_settings(request.app)
+    return await inertia.render(
+        "Settings/ModulesEdit",
+        {PROP_MODULES: serialize(views)},
+    )