trovesuite 1.0.17__py3-none-any.whl → 1.0.18__py3-none-any.whl

trovesuite/auth/auth_service.py

@@ -98,8 +98,9 @@ class AuthService:
 
             # 1️⃣ Get all groups the user belongs to
             user_groups = DatabaseManager.execute_query(
-                f"""SELECT group_id FROM "{tenant_id}".{db_settings.TENANT_USER_GROUPS_TABLE}
-                    WHERE delete_status = 'NOT_DELETED' AND is_active = true AND user_id = %s""",(user_id,),
+                f"""SELECT group_id FROM {db_settings.TENANT_USER_GROUPS_TABLE}
+                    WHERE tenant_id = %s AND delete_status = 'NOT_DELETED' AND is_active = true AND user_id = %s""",
+                (tenant_id, user_id,),
             )
 
             # 2️⃣ Prepare list of group_ids
@@ -110,20 +111,20 @@ class AuthService:
                 login_settings_details = DatabaseManager.execute_query(
                     f"""SELECT user_id, group_id, is_suspended, can_always_login,
                     is_multi_factor_enabled, is_login_before, working_days,
-                    login_on, logout_on FROM "{tenant_id}".{db_settings.TENANT_LOGIN_SETTINGS_TABLE}
-                    WHERE (delete_status = 'NOT_DELETED' AND is_active = true )
+                    login_on, logout_on FROM {db_settings.TENANT_LOGIN_SETTINGS_TABLE}
+                    WHERE tenant_id = %s AND (delete_status = 'NOT_DELETED' AND is_active = true )
                     AND (user_id = %s OR group_id = ANY(%s))
                     ORDER BY user_id NULLS LAST
                     LIMIT 1""",
-                    (user_id, group_ids),
+                    (tenant_id, user_id, group_ids),
                 )
             else:
                 login_settings_details = DatabaseManager.execute_query(
                     f"""SELECT user_id, group_id, is_suspended, can_always_login,
                     is_multi_factor_enabled, is_login_before, working_days,
-                    login_on, logout_on FROM "{tenant_id}".{db_settings.TENANT_LOGIN_SETTINGS_TABLE}
-                    WHERE (delete_status = 'NOT_DELETED' AND is_active = true ) AND user_id = %s""",
-                    (user_id,),
+                    login_on, logout_on FROM {db_settings.TENANT_LOGIN_SETTINGS_TABLE}
+                    WHERE tenant_id = %s AND (delete_status = 'NOT_DELETED' AND is_active = true ) AND user_id = %s""",
+                    (tenant_id, user_id,),
                 )
 
             if not login_settings_details or len(login_settings_details) == 0:
@@ -202,13 +203,13 @@ class AuthService:
                     f"""
                         SELECT DISTINCT ON (group_id, user_id, role_id)
                             group_id, user_id, role_id, resource_type
-                        FROM "{tenant_id}".{db_settings.TENANT_ASSIGN_ROLES_TABLE}
-                        WHERE delete_status = 'NOT_DELETED'
+                        FROM {db_settings.TENANT_ASSIGN_ROLES_TABLE}
+                        WHERE tenant_id = %s AND delete_status = 'NOT_DELETED'
                         AND is_active = true
                         AND (user_id = %s OR group_id = ANY(%s))
                         ORDER BY group_id, user_id, role_id;
                     """,
-                    (user_id, group_ids),
+                    (tenant_id, user_id, group_ids),
                 )
             else:
                 # No groups, just check roles for user
@@ -216,13 +217,13 @@ class AuthService:
                     f"""
                         SELECT DISTINCT ON (user_id, role_id)
                             user_id, role_id, resource_type
-                        FROM "{tenant_id}".{db_settings.TENANT_ASSIGN_ROLES_TABLE}
-                        WHERE delete_status = 'NOT_DELETED'
+                        FROM {db_settings.TENANT_ASSIGN_ROLES_TABLE}
+                        WHERE tenant_id = %s AND delete_status = 'NOT_DELETED'
                         AND is_active = true
                         AND user_id = %s
                         ORDER BY user_id, role_id;
                     """,
-                    (user_id,),
+                    (tenant_id, user_id,),
                 )
 
             # ✅ NEW: Get system-level roles from main.system_user_groups and main.system_assign_roles
@@ -301,7 +302,6 @@ class AuthService:
                 error="Authorization check failed due to an internal error"
             )
 
-
     @staticmethod
     def check_permission(users_data: list, action=None, resource_type=None) -> bool:
         """

trovesuite/configs/settings.py

@@ -58,25 +58,28 @@ class Settings:
     MAIN_SYSTEM_ASSIGN_ROLES_TABLE = os.getenv("MAIN_SYSTEM_ASSIGN_ROLES_TABLE", "main.system_assign_roles")
     
     # =============================================================================
-    # TENANT-SPECIFIC TABLES (tenant schemas)
+    # TENANT-SPECIFIC TABLES (now in main schema with tenant_id)
     # =============================================================================
-    TENANT_SUBSCRIPTIONS_TABLE = os.getenv("TENANT_SUBSCRIPTIONS_TABLE")
-    TENANT_GROUPS_TABLE = os.getenv("TENANT_GROUPS_TABLE")
-    TENANT_LOGIN_SETTINGS_TABLE = os.getenv("TENANT_LOGIN_SETTINGS_TABLE")
-    TENANT_RESOURCES_TABLE = os.getenv("TENANT_RESOURCES_TABLE")
-    TENANT_ASSIGN_ROLES_TABLE = os.getenv("TENANT_ASSIGN_ROLES_TABLE")
-    TENANT_RESOURCE_ID_TABLE = os.getenv("TENANT_RESOURCE_ID_TABLE")
-    TENANT_SUBSCRIPTION_HISTORY_TABLE = os.getenv("TENANT_SUBSCRIPTION_HISTORY_TABLE")
-    TENANT_RESOURCE_DELETION_CHAT_HISTORY_TABLE = os.getenv("TENANT_RESOURCE_DELETION_CHAT_HISTORY_TABLE")
-    TENANT_USER_GROUPS_TABLE = os.getenv("TENANT_USER_GROUPS_TABLE")
-    TENANT_ACTIVITY_LOGS_TABLE = os.getenv("TENANT_ACTIVITY_LOGS_TABLE")
-    TENANT_ORGANIZATIONS_TABLE = os.getenv("TENANT_ORGANIZATIONS_TABLE", "organizations")
-    TENANT_BUSINESSES_TABLE = os.getenv("TENANT_BUSINESSES_TABLE", "businesses")
-    TENANT_BUSINESS_APPS_TABLE = os.getenv("TENANT_BUSINESS_APPS_TABLE", "business_apps")
-    TENANT_LOCATIONS_TABLE = os.getenv("TENANT_LOCATIONS_TABLE", "locations")
-    TENANT_ASSIGN_LOCATIONS_TABLE = os.getenv("TENANT_ASSIGN_LOCATIONS_TABLE", "assign_locations")
-    TENANT_UNIT_OF_MEASURE_TABLE = os.getenv("TENANT_UNIT_OF_MEASURE_TABLE")
-    TENANT_CURRENCY=os.getenv("TENANT_CURRENCY")
+    # NOTE: These tables have been migrated from separate tenant schemas to main schema.
+    # All tables now include tenant_id column for multi-tenant isolation.
+    # =============================================================================
+    TENANT_SUBSCRIPTIONS_TABLE = os.getenv("TENANT_SUBSCRIPTIONS_TABLE", "main.tenant_subscriptions")
+    TENANT_GROUPS_TABLE = os.getenv("TENANT_GROUPS_TABLE", "main.tenant_groups")
+    TENANT_LOGIN_SETTINGS_TABLE = os.getenv("TENANT_LOGIN_SETTINGS_TABLE", "main.tenant_login_settings")
+    TENANT_RESOURCES_TABLE = os.getenv("TENANT_RESOURCES_TABLE", "main.tenant_resources")
+    TENANT_ASSIGN_ROLES_TABLE = os.getenv("TENANT_ASSIGN_ROLES_TABLE", "main.tenant_assign_roles")
+    TENANT_RESOURCE_ID_TABLE = os.getenv("TENANT_RESOURCE_ID_TABLE", "main.tenant_resource_ids")
+    TENANT_SUBSCRIPTION_HISTORY_TABLE = os.getenv("TENANT_SUBSCRIPTION_HISTORY_TABLE", "main.tenant_subscription_histories")
+    TENANT_RESOURCE_DELETION_CHAT_HISTORY_TABLE = os.getenv("TENANT_RESOURCE_DELETION_CHAT_HISTORY_TABLE", "main.tenant_resource_deletion_chat_histories")
+    TENANT_USER_GROUPS_TABLE = os.getenv("TENANT_USER_GROUPS_TABLE", "main.tenant_user_groups")
+    TENANT_ACTIVITY_LOGS_TABLE = os.getenv("TENANT_ACTIVITY_LOGS_TABLE", "main.tenant_activity_logs")
+    TENANT_ORGANIZATIONS_TABLE = os.getenv("TENANT_ORGANIZATIONS_TABLE", "main.tenant_organizations")
+    TENANT_BUSINESSES_TABLE = os.getenv("TENANT_BUSINESSES_TABLE", "main.tenant_businesses")
+    TENANT_BUSINESS_APPS_TABLE = os.getenv("TENANT_BUSINESS_APPS_TABLE", "main.tenant_business_apps")
+    TENANT_LOCATIONS_TABLE = os.getenv("TENANT_LOCATIONS_TABLE", "main.tenant_locations")
+    TENANT_ASSIGN_LOCATIONS_TABLE = os.getenv("TENANT_ASSIGN_LOCATIONS_TABLE", "main.tenant_assign_locations")
+    TENANT_UNIT_OF_MEASURE_TABLE = os.getenv("TENANT_UNIT_OF_MEASURE_TABLE", "main.tenant_unit_of_measure")
+    TENANT_CURRENCY = os.getenv("TENANT_CURRENCY", "main.tenant_currency")
 
     # Mail Configurations
     MAIL_SENDER_EMAIL=os.getenv("MAIL_SENDER_EMAIL")

trovesuite/utils/helper.py

@@ -96,14 +96,14 @@ class Helper:
 
             try:
                 if tenant_id:
-                    # For tenant-specific resource IDs, check tenant schema
+                    # For tenant-specific resource IDs, check shared schema with tenant_id filter
                     # Note: TENANT_RESOURCE_ID_TABLE needs to be defined in settings
                     tenant_resource_table = getattr(db_settings, 'TENANT_RESOURCE_ID_TABLE', None)
                     if tenant_resource_table:
                         resource_exists = DatabaseManager.execute_scalar(
-                            f"""SELECT COUNT(1) FROM "{tenant_id}".{tenant_resource_table}
-                            WHERE id = %s""",
-                            (candidate,),
+                            f"""SELECT COUNT(1) FROM {tenant_resource_table}
+                            WHERE tenant_id = %s AND id = %s""",
+                            (tenant_id, candidate,),
                         )
                     else:
                         # Fallback: assume no conflict if table not configured
@@ -289,10 +289,10 @@ class Helper:
             logger.debug(f"Activity log values - performed_by_email: {performed_by_email}, performed_by_contact: {performed_by_contact}, performed_by_fullname: {performed_by_fullname}")
 
             result = DatabaseManager.execute_update(
-                f"""INSERT INTO "{tenant_id}".{tenant_activity_logs_table}
-                    (id, action, resource_type, old_data, new_data, description, performed_by_email, performed_by_contact, performed_by_fullname, cdate, ctime, cdatetime)
-                    VALUES (%s, %s, NULLIF(%s, '')::text, %s::jsonb, %s::jsonb, %s, %s, %s, %s, %s, %s, %s)""",
-                (log_id, action, resource_type, old_json, new_json, description, performed_by_email, performed_by_contact, performed_by_fullname, cdate, ctime, cdatetime),
+                f"""INSERT INTO {tenant_activity_logs_table}
+                    (id, tenant_id, action, resource_type, old_data, new_data, description, performed_by_email, performed_by_contact, performed_by_fullname, cdate, ctime, cdatetime)
+                    VALUES (%s, %s, %s, NULLIF(%s, '')::text, %s::jsonb, %s::jsonb, %s, %s, %s, %s, %s, %s, %s)""",
+                (log_id, tenant_id, action, resource_type, old_json, new_json, description, performed_by_email, performed_by_contact, performed_by_fullname, cdate, ctime, cdatetime),
             )
 
             logger.info(f"Activity logged successfully. Rows affected: {result}")
@@ -301,9 +301,9 @@ class Helper:
             if result > 0:
                 verify_data = DatabaseManager.execute_query(
                     f"""SELECT performed_by_email, performed_by_contact, performed_by_fullname
-                    FROM "{tenant_id}".{tenant_activity_logs_table}
-                    WHERE id = %s""",
-                    (log_id,)
+                    FROM {tenant_activity_logs_table}
+                    WHERE tenant_id = %s AND id = %s""",
+                    (tenant_id, log_id,)
                 )
                 if verify_data:
                     logger.debug(f"Verification - Inserted activity log data: {verify_data[0]}")
@@ -416,8 +416,8 @@ class Helper:
             # Get table names from settings with fallbacks
             main_users_table = getattr(db_settings, 'MAIN_USERS_TABLE', 'main.users')
             main_roles_table = getattr(db_settings, 'MAIN_ROLES_TABLE', 'main.roles')
-            tenant_assign_roles_table = getattr(db_settings, 'TENANT_ASSIGN_ROLES_TABLE', 'assign_roles')
-            tenant_user_groups_table = getattr(db_settings, 'TENANT_USER_GROUPS_TABLE', 'user_groups')
+            tenant_assign_roles_table = getattr(db_settings, 'TENANT_ASSIGN_ROLES_TABLE', 'main.tenant_assign_roles')
+            tenant_user_groups_table = getattr(db_settings, 'TENANT_USER_GROUPS_TABLE', 'main.tenant_user_groups')
 
             # Query to get users with admin roles - both direct and through groups
             query = f"""
@@ -430,9 +430,10 @@ class Helper:
                     -- Direct role assignment
                     u.id IN (
                         SELECT ar.user_id
-                        FROM "{tenant_id}".{tenant_assign_roles_table} ar
+                        FROM {tenant_assign_roles_table} ar
                         INNER JOIN {main_roles_table} r ON ar.role_id = r.id
-                        WHERE ar.delete_status = 'NOT_DELETED'
+                        WHERE ar.tenant_id = %s
+                        AND ar.delete_status = 'NOT_DELETED'
                         AND ar.is_active = true
                         AND r.delete_status = 'NOT_DELETED'
                         AND r.is_active = true
@@ -443,10 +444,12 @@ class Helper:
                     -- Group-based role assignment
                     u.id IN (
                         SELECT ug.user_id
-                        FROM "{tenant_id}".{tenant_user_groups_table} ug
-                        INNER JOIN "{tenant_id}".{tenant_assign_roles_table} ar ON ug.group_id = ar.group_id
+                        FROM {tenant_user_groups_table} ug
+                        INNER JOIN {tenant_assign_roles_table} ar ON ug.group_id = ar.group_id
                         INNER JOIN {main_roles_table} r ON ar.role_id = r.id
-                        WHERE ug.delete_status = 'NOT_DELETED'
+                        WHERE ug.tenant_id = %s
+                        AND ar.tenant_id = %s
+                        AND ug.delete_status = 'NOT_DELETED'
                         AND ug.is_active = true
                         AND ar.delete_status = 'NOT_DELETED'
                         AND ar.is_active = true
@@ -458,7 +461,7 @@ class Helper:
                 )
             """
 
-            results = DatabaseManager.execute_query(query)
+            results = DatabaseManager.execute_query(query, (tenant_id, tenant_id, tenant_id,))
 
             admin_users = []
             if results:

{trovesuite-1.0.17.dist-info → trovesuite-1.0.18.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: trovesuite
-Version: 1.0.17
+Version: 1.0.18
 Summary: TroveSuite services package providing authentication, authorization, notifications, Azure Storage, and other enterprise services for TroveSuite applications
 Home-page: https://dev.azure.com/brightgclt/trovesuite/_git/packages
 Author: Bright Debrah Owusu

{trovesuite-1.0.17.dist-info → trovesuite-1.0.18.dist-info}/RECORD

@@ -3,12 +3,12 @@ trovesuite/auth/__init__.py,sha256=OjZllVvjul1glDazJ-d5TrNjgHFigFlQQi1G99DYshk,2
 trovesuite/auth/auth_base.py,sha256=rZHQVLeJRBQ8GClgF5UwG-er4_HXVX5-nt8o6_Z29uY,75
 trovesuite/auth/auth_controller.py,sha256=PAgaVlf5TYEfkSfK4vGGsvO84i8zEmeVVXyUF2YBppI,420
 trovesuite/auth/auth_read_dto.py,sha256=e27JqKVPVUM83A_mYF452QCflsvGNo7aKje7q_urwFc,571
-trovesuite/auth/auth_service.py,sha256=G2_lkXdMnuqpBjKFYGlRUrUvVyq8keukXaSyboiWiUM,18106
+trovesuite/auth/auth_service.py,sha256=YtPtYvzOAiYnsvRutYcYFsyOuJxc41MAmIGY4qiPsM4,18202
 trovesuite/auth/auth_write_dto.py,sha256=rdwI7w6-9QZGv1H0PAGrjkLBCzaMHjgPIXeLb9RmNec,234
 trovesuite/configs/__init__.py,sha256=h1mSZOaZ3kUy1ZMO_m9O9KklsxywM0RfMVZLh9h9WvQ,328
 trovesuite/configs/database.py,sha256=IPSu8fXjxyYeJ3bFknJG06Qm2L2ub6Ht19xhKv8g7nA,11731
 trovesuite/configs/logging.py,sha256=mGjR2d4urVNry9l5_aXycMMtcY2RAFIpEL35hw33KZg,9308
-trovesuite/configs/settings.py,sha256=9kl4f7AOtulUnmoWcrLVa8LKjGirZkPYSWtACoTqr5U,5652
+trovesuite/configs/settings.py,sha256=baXR6OQefNm0vkyTWNCbL8jGdgD-k9RwDid5cyZSme0,6339
 trovesuite/entities/__init__.py,sha256=Dbl_03Bueyh2vOP2hykd40MmNMrl5nNHSRGP-kqwwNo,160
 trovesuite/entities/health.py,sha256=KaW7yxTQdymIPlnkJJkDqEebBXkD0a7A66i5GgNZLoE,2700
 trovesuite/entities/sh_response.py,sha256=1_sw3PpVaDxWsNiBU0W9YLHZgTFxEj4JJBLBfSY63Ho,1579
@@ -25,10 +25,10 @@ trovesuite/storage/storage_read_dto.py,sha256=o7EVJdwrwVZAaeyGU9O01WMECGVaytkvLR
 trovesuite/storage/storage_service.py,sha256=V7LIePIV6b_iuhm-9x8r4zwpZHgeRPL1YIe5IBnxhco,19768
 trovesuite/storage/storage_write_dto.py,sha256=vl1iCZ93bpFmpvkCrn587QtMtOA_TPDseXSoTuj9RTQ,1355
 trovesuite/utils/__init__.py,sha256=mDZuY77BphvQFYLmcWxjP5Tcq9ZZ3WXJWBKB1v6wzHU,185
-trovesuite/utils/helper.py,sha256=k7Meg8sN4aPBdqcjaF1tQcZ32KvuA-IqjpWniQP_Mpk,26438
+trovesuite/utils/helper.py,sha256=GY9PUUgAQsOYrsNrzNHdyfPlAyZvQy-49m-XxpQokz0,26660
 trovesuite/utils/templates.py,sha256=_92k4-EkqWs-h0LNJxPgorbspmp24kDngS7O3qWIFyQ,20388
-trovesuite-1.0.17.dist-info/licenses/LICENSE,sha256=EJT35ct-Q794JYPdAQy3XNczQGKkU1HzToLeK1YVw2s,1070
-trovesuite-1.0.17.dist-info/METADATA,sha256=UB2VoJbb7XXl1GUPVjq8BL_zXB_DMQMzSmuYabHBuAo,21737
-trovesuite-1.0.17.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-trovesuite-1.0.17.dist-info/top_level.txt,sha256=GzKhG_-MTaxeHrIgkGkBH_nof2vroGFBrjeHKWUIwNc,11
-trovesuite-1.0.17.dist-info/RECORD,,
+trovesuite-1.0.18.dist-info/licenses/LICENSE,sha256=EJT35ct-Q794JYPdAQy3XNczQGKkU1HzToLeK1YVw2s,1070
+trovesuite-1.0.18.dist-info/METADATA,sha256=rNEcWB2xkxHziv7voEoirrUhJlsF4qZFOMeLtGD5SMg,21737
+trovesuite-1.0.18.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+trovesuite-1.0.18.dist-info/top_level.txt,sha256=GzKhG_-MTaxeHrIgkGkBH_nof2vroGFBrjeHKWUIwNc,11
+trovesuite-1.0.18.dist-info/RECORD,,