svc-infra 0.1.181__py3-none-any.whl → 0.1.183__py3-none-any.whl

svc_infra/auth/user_default.py

@@ -1,21 +1,41 @@
 from typing import Any, Dict
+from fastapi import HTTPException
 from fastapi_users.password import PasswordHelper
+from sqlalchemy import func
 
 from svc_infra.api.fastapi.db.service_hooks import ServiceWithHooks
 from svc_infra.api.fastapi.db.repository import Repository
 
 _pwd = PasswordHelper()
 
-def _pre_create(data: Dict[str, Any]) -> Dict[str, Any]:
+def _user_pre_create(data: Dict[str, Any]) -> Dict[str, Any]:
     data = dict(data)
+    # normalize + map fields
     if "password" in data:
         data["password_hash"] = _pwd.hash(data.pop("password"))
-    if "metadata" in data:   # pydantic alias -> model column "metadata" (extra)
+    if "metadata" in data:
         data["extra"] = data.pop("metadata")
-    data.setdefault("roles", [])
+
+    # BEFORE insert: application-level guard (nice error)
+    # case-insensitive email; handle tenant/null logic the same way as your unique index
+    email = data.get("email")
+    tenant_id = data.get("tenant_id")
+    if email:
+        where = [func.lower(Repository.model.email) == func.lower(email)]
+        if tenant_id is None:
+            where.append(Repository.model.tenant_id.is_(None))
+        else:
+            where.append(Repository.model.tenant_id == tenant_id)
+
+        # use a small “exists” helper on the repo if you have it
+        async def _exists(session):
+            return await Repository.exists(session, where=where)
+
+        data["_precreate_exists_check"] = _exists  # stash callable for service.create to run
+
     return data
 
-def _pre_update(data: Dict[str, Any]) -> Dict[str, Any]:
+def _user_pre_update(data: Dict[str, Any]) -> Dict[str, Any]:
     data = dict(data)
     if "password" in data:
         data["password_hash"] = _pwd.hash(data.pop("password"))
@@ -24,4 +44,10 @@ def _pre_update(data: Dict[str, Any]) -> Dict[str, Any]:
     return data
 
 def make_default_user_service(repo: Repository):
-    return ServiceWithHooks(repo, pre_create=_pre_create, pre_update=_pre_update)
+    class _Svc(ServiceWithHooks):
+        async def create(self, session, data):
+            exists_cb = data.pop("_precreate_exists_check", None)
+            if exists_cb and await exists_cb(session):
+                raise HTTPException(status_code=409, detail="User with this email already exists.")
+            return await super().create(session, data)
+    return _Svc(repo, pre_create=_user_pre_create, pre_update=_user_pre_update)

svc_infra/db/templates/models_schemas/auth/models.py.tmpl

@@ -4,14 +4,16 @@ from typing import Optional
 import uuid
 
 from sqlalchemy import (
-    String, Boolean, DateTime, JSON, Text, func, UniqueConstraint, Index
+    String, Boolean, DateTime, JSON, Text, func, Index
 )
 from sqlalchemy.dialects.postgresql import UUID
 from sqlalchemy.orm import Mapped, mapped_column
-from sqlalchemy.ext.mutable import MutableDict, MutableList  # <-- add
+from sqlalchemy.ext.mutable import MutableDict, MutableList
 
 from svc_infra.db.base import ModelBase
 from svc_infra.auth.user_default import _pwd
+from svc_infra.db.uniq import make_unique_indexes
+
 
 class User(ModelBase):
     __tablename__ = "users"
@@ -24,10 +26,12 @@ class User(ModelBase):
     is_superuser: Mapped[bool] = mapped_column(Boolean, default=False, nullable=False)
     is_verified: Mapped[bool] = mapped_column(Boolean, default=False, nullable=False)
 
+    # auth state
     password_hash: Mapped[str] = mapped_column(String(512), nullable=False)
 
+    # Write-only facade over password
     @property
-    def password(self) -> str:  # never readable
+    def password(self) -> str:
         raise AttributeError("password is write-only")
 
     @password.setter
@@ -53,12 +57,16 @@ class User(ModelBase):
         DateTime(timezone=True), server_default=func.now(), onupdate=func.now(), nullable=False
     )
 
-    __table_args__ = (
-        UniqueConstraint("tenant_id", "email", name="uq_users_tenant_email"),
-    )
-
     def __repr__(self) -> str:
         return f"<User id={self.id} email={self.email!r}>"
 
-# define functional index *after* class definition
-Index("ix_users_email_lower", func.lower(User.email))
+
+# Unique indexes, including case-insensitive and/or tenant-scoped.
+for _ix in make_unique_indexes(
+    User,
+    unique_ci=["email"],            # case-insensitive unique email
+    tenant_field="tenant_id",       # scoped by tenant if provided
+):
+    # Simply iterating keeps them registered with the Table metadata.
+    # (No further action needed if you use Alembic autogenerate or metadata.create_all.)
+    pass

svc_infra/db/templates/models_schemas/entity/models.py.tmpl

@@ -1,29 +1,52 @@
+# models/${table_name}.py
 from __future__ import annotations
 from datetime import datetime
 from typing import Optional
 import uuid
 
-from sqlalchemy import String, Boolean, DateTime, JSON, Text, func, UniqueConstraint, Index
+from sqlalchemy import String, Boolean, DateTime, JSON, Text, func
 from sqlalchemy.dialects.postgresql import UUID
 from sqlalchemy.orm import Mapped, mapped_column
 from sqlalchemy.ext.mutable import MutableDict
 
 from svc_infra.db.base import ModelBase
+from svc_infra.db.uniq import make_unique_indexes
 
 
 class ${Entity}(ModelBase):
     __tablename__ = "${table_name}"
 
+    # identity
     id: Mapped[uuid.UUID] = mapped_column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
-    name: Mapped[str] = mapped_column(String(255), nullable=False)
+
+    # core fields
+    name: Mapped[str] = mapped_column(String(255), nullable=False, index=True)
     description: Mapped[Optional[str]] = mapped_column(Text)
 
-${tenant_field}${soft_delete_field}    extra: Mapped[dict] = mapped_column(MutableDict.as_mutable(JSON), default=dict)
+${tenant_field}\
+${soft_delete_field}\
+    # misc (avoid attr name "metadata" clash)
+    extra: Mapped[dict] = mapped_column(MutableDict.as_mutable(JSON), default=dict)
 
-    created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), server_default=func.now(), nullable=False)
-    updated_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), server_default=func.now(), onupdate=func.now(), nullable=False)
+    # auditing (DB-side timestamps)
+    created_at: Mapped[datetime] = mapped_column(
+        DateTime(timezone=True), server_default=func.now(), nullable=False
+    )
+    updated_at: Mapped[datetime] = mapped_column(
+        DateTime(timezone=True), server_default=func.now(), onupdate=func.now(), nullable=False
+    )
 
-${constraints}    def __repr__(self) -> str:
+    def __repr__(self) -> str:
         return f"<${Entity} id={self.id} name={self.name!r}>"
 
-${indexes}
+
+# --- Uniqueness policy --------------------------------------------------------
+# Register functional unique indexes (case-insensitive on "name"),
+# optionally scoped by tenant if present.
+for _ix in make_unique_indexes(
+    ${Entity},
+    unique_ci=["name"]${tenant_arg}
+):
+    # Iteration is enough to attach them to the Table metadata
+    # (Alembic autogenerate / metadata.create_all will pick them up)
+    pass

svc_infra/db/uniq.py

@@ -0,0 +1,98 @@
+from __future__ import annotations
+from typing import Iterable, Sequence, Tuple, Union, List, Optional
+from sqlalchemy import Index, func
+
+
+ColumnSpec = Union[str, Sequence[str]]  # "email" or ("first_name","last_name")
+
+
+def _as_tuple(spec: ColumnSpec) -> Tuple[str, ...]:
+    return (spec,) if isinstance(spec, str) else tuple(spec)
+
+
+def make_unique_indexes(
+        model: type,
+        *,
+        # Case-sensitive uniqueness specs (exact match)
+        unique_cs: Iterable[ColumnSpec] = (),
+        # Case-insensitive uniqueness specs: lower() applied to string columns
+        unique_ci: Iterable[ColumnSpec] = (),
+        # Optional tenant scoping (e.g. "tenant_id"). If provided:
+        #   - when tenant is NULL -> global uniqueness
+        #   - when tenant is NOT NULL -> uniqueness within tenant
+        tenant_field: Optional[str] = None,
+        # Prefix for index names
+        name_prefix: str = "uq",
+) -> List[Index]:
+    """
+    Returns a list of SQLAlchemy Index objects enforcing uniqueness.
+
+    Notes:
+    - For case-insensitive specs, we use functional unique indexes with lower(col).
+    - If tenant_field is given and the tenant column is nullable, we generate two partial
+      unique indexes: one for tenant IS NULL (global), one for tenant IS NOT NULL (scoped).
+    - Attach these indexes after your model class definition, before migrations/DDL run:
+        Indexes = make_unique_indexes(User, unique_ci=["email"], tenant_field="tenant_id")
+        for ix in Indexes:
+            ix.create(model.metadata.bind)  # OR just rely on Alembic autogenerate / metadata.create_all
+      Most apps just *define* them at module import time:
+        for ix in Indexes:  # they auto-register with the Table; no manual create() needed
+            pass
+    """
+    idxs: List[Index] = []
+
+    def _col(name: str):
+        return getattr(model, name)
+
+    def _to_sa_cols(spec: Tuple[str, ...], *, ci: bool):
+        cols = []
+        for cname in spec:
+            c = _col(cname)
+            cols.append(func.lower(c) if ci else c)
+        return tuple(cols)
+
+    tenant_col = _col(tenant_field) if tenant_field else None
+
+    # Helper: name like uq_<table>_<tenant?>_<ci/cs>_<joined-columns>
+    def _name(ci: bool, spec: Tuple[str, ...], null_bucket: Optional[str] = None):
+        parts = [name_prefix, model.__tablename__]
+        if tenant_field:
+            parts.append(tenant_field)
+        if null_bucket:
+            parts.append(null_bucket)
+        parts.append("ci" if ci else "cs")
+        parts.extend(spec)
+        return "_".join(parts)
+
+    # Build indexes for both CS and CI specs
+    for ci, spec_list in ((False, unique_cs), (True, unique_ci)):
+        for spec in spec_list:
+            spec_t = _as_tuple(spec)
+            cols = _to_sa_cols(spec_t, ci=ci)
+
+            if tenant_col is None:
+                # simple global unique (with or without lower())
+                idxs.append(Index(_name(ci, spec_t), *cols, unique=True))
+            else:
+                # two partial unique indexes to treat NULL tenant as its own bucket
+                # 1) global bucket (tenant IS NULL)
+                idxs.append(
+                    Index(
+                        _name(ci, spec_t, "null"),
+                        *cols,
+                        unique=True,
+                        postgresql_where=tenant_col.is_(None),
+                    )
+                )
+                # 2) per-tenant bucket (tenant IS NOT NULL)
+                idxs.append(
+                    Index(
+                        _name(ci, spec_t, "notnull"),
+                        tenant_col,
+                        *cols,
+                        unique=True,
+                        postgresql_where=tenant_col.isnot(None),
+                    )
+                )
+
+    return idxs

{svc_infra-0.1.181.dist-info → svc_infra-0.1.183.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: svc-infra
-Version: 0.1.181
+Version: 0.1.183
 Summary: Infrastructure for building and deploying prod-ready services
 License: MIT
 Keywords: fastapi,sqlalchemy,alembic,auth,infra,async,pydantic

{svc_infra-0.1.181.dist-info → svc_infra-0.1.183.dist-info}/RECORD

@@ -31,7 +31,7 @@ svc_infra/auth/integration.py,sha256=L230xUw7vRM0AJIZwNzufRQrfNTPRdczp4BPd_NILeo
 svc_infra/auth/oauth_router.py,sha256=JY3VQ9_0oS_a2gGg418IDG2TbK79sQWcpA9KPiOAfjY,4918
 svc_infra/auth/providers.py,sha256=fiw0ouuGKtwcwMY0Zw7cEv-CXNaUYDnqo_NmiWiB8Lc,3185
 svc_infra/auth/settings.py,sha256=wVCLQnpA9M6zfiWyUpSdn9fo4q-Z4WpVyC3KvkG3HYg,1742
-svc_infra/auth/user_default.py,sha256=Jn2XeeW8QgijZfxXUsV4T4CvaewsWA6VsDVqotYIgxQ,968
+svc_infra/auth/user_default.py,sha256=1GKxiJNUFKKghtGiIQKdC_rD1cs4vVye0zUTSPMrrDg,2081
 svc_infra/auth/users.py,sha256=4rlTCELU-po7bF7u6z02Bd8pXLGcLI2Adj0VjA-gg5E,2098
 svc_infra/cli/__init__.py,sha256=g47RSROuFW8LSsB6WFNSus5BnUl9z_DrPK9idYo3O6M,401
 svc_infra/cli/cmds/__init__.py,sha256=263YKSg73Ik-SQeilyGePdc663BYi4RfBrc0wMFxeoU,212
@@ -49,15 +49,16 @@ svc_infra/db/core.py,sha256=3Efm88fajfKJa8gDiiTVkhx2ci_UbrLiR4B8gMQYuwU,10745
 svc_infra/db/scaffold.py,sha256=NBz8BJR8MPvntCGv5HKoqNNR41SMnCkb-DlCCIsu0fo,9878
 svc_infra/db/templates/__init__.py,sha256=3PRa4v05RGyjX6LZXSOf-eMRir8vij7tET95limMips,45
 svc_infra/db/templates/models_schemas/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-svc_infra/db/templates/models_schemas/auth/models.py.tmpl,sha256=oBr-xVlR5OgeMTztd1qPmPc4TLjdHLJyieATkheo710,2514
+svc_infra/db/templates/models_schemas/auth/models.py.tmpl,sha256=CR5TqE_S6xaVgotLF3jSFuigxL8V_aoMwubttnEx2js,2776
 svc_infra/db/templates/models_schemas/auth/schemas.py.tmpl,sha256=w79j8GeRPpywg9OVBmEuoksPVZLf9hUfEcRS4hBbiJQ,1717
-svc_infra/db/templates/models_schemas/entity/models.py.tmpl,sha256=dZk7a3WwpddSylPW81ARTyjbqJ-4rduX8-KAZ3Tlomo,1173
+svc_infra/db/templates/models_schemas/entity/models.py.tmpl,sha256=PXy8S9Zbd8JQWkSDMOdr-ubn_O1wNdZvFJdeOinoPV4,1777
 svc_infra/db/templates/models_schemas/entity/schemas.py.tmpl,sha256=zBhid1jFPwVN86OvkiIJkTFphN7LDcs_Hs9kxxeoNjE,1009
 svc_infra/db/templates/setup/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 svc_infra/db/templates/setup/alembic.ini.tmpl,sha256=QAQ_3-p8GnrpLoX2g-Fpi6aMfrS3m4ZMJ34OTfujnrI,780
 svc_infra/db/templates/setup/env_async.py.tmpl,sha256=05uDe_jiEkJOdXcSIgJovN3TxPG8wm8BjUoSdktsH_0,6224
 svc_infra/db/templates/setup/env_sync.py.tmpl,sha256=vlUKrhnQiBqAGDfbtx0D_CahF1Hjj8uTIQ5lNnx_l0Q,6273
 svc_infra/db/templates/setup/script.py.mako.tmpl,sha256=EgltN1ghYU7rH1zAujsLWLe1NThI-41x9fabByne5II,509
+svc_infra/db/uniq.py,sha256=9YCqTPp-Aexk7XJB-df_avs2-UvFUKa8YfQ94nQJKC0,3800
 svc_infra/db/utils.py,sha256=PxaZ6AesRlDyQk7tOzi9YaeF7Ge4zsZP83wqkKHu5-E,30838
 svc_infra/mcp/__init__.py,sha256=SiJ50LO7J6AneYswZe1kUX3dKXiECPpsjGPjT0SGtuc,1272
 svc_infra/mcp/svc_infra_mcp.py,sha256=VTU8esJ4FH9WNgxplufUWCVqGkxwscaLnBBtj-B5iCQ,1343
@@ -75,7 +76,7 @@ svc_infra/observability/templates/prometheus_rules.yml,sha256=sbVLm1h40FMkGSeWO4
 svc_infra/observability/tracing/__init__.py,sha256=TOs2yCicqBdo4OfOHTMmqeHsn7DBRu5EdvF2L5f31Y0,237
 svc_infra/observability/tracing/setup.py,sha256=21Ob276U4KZOs6M2o1O79wQXFHV0gY6YdMyjeqMrzMU,5042
 svc_infra/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-svc_infra-0.1.181.dist-info/METADATA,sha256=ROhEqWKfcG8dG1UciKFoMaldw79uud74mfs0ic6pdTU,4981
-svc_infra-0.1.181.dist-info/WHEEL,sha256=IYZQI976HJqqOpQU6PHkJ8fb3tMNBFjg-Cn-pwAbaFM,88
-svc_infra-0.1.181.dist-info/entry_points.txt,sha256=6x_nZOsjvn6hRZsMgZLgTasaCSKCgAjsGhACe_CiP0U,48
-svc_infra-0.1.181.dist-info/RECORD,,
+svc_infra-0.1.183.dist-info/METADATA,sha256=DYUWWxezbPlw5QrZXXjPNjS_fjWD0zTBW9hxcv86bSw,4981
+svc_infra-0.1.183.dist-info/WHEEL,sha256=IYZQI976HJqqOpQU6PHkJ8fb3tMNBFjg-Cn-pwAbaFM,88
+svc_infra-0.1.183.dist-info/entry_points.txt,sha256=6x_nZOsjvn6hRZsMgZLgTasaCSKCgAjsGhACe_CiP0U,48
+svc_infra-0.1.183.dist-info/RECORD,,