trovesuite 1.0.18__py3-none-any.whl → 1.0.20__py3-none-any.whl

trovesuite/auth/auth_service.py

@@ -72,7 +72,7 @@ class AuthService:
         try:
 
             is_tenant_verified = DatabaseManager.execute_query(
-                f"SELECT is_verified FROM {db_settings.MAIN_TENANTS_TABLE} WHERE delete_status = 'NOT_DELETED' AND id = %s",
+                f"SELECT is_verified FROM {db_settings.CORE_PLATFORM_TENANTS_TABLE} WHERE delete_status = 'NOT_DELETED' AND id = %s",
                 (tenant_id,),
             )
 
@@ -98,8 +98,8 @@ class AuthService:
 
             # 1️⃣ Get all groups the user belongs to
             user_groups = DatabaseManager.execute_query(
-                f"""SELECT group_id FROM {db_settings.TENANT_USER_GROUPS_TABLE}
-                    WHERE tenant_id = %s AND delete_status = 'NOT_DELETED' AND is_active = true AND user_id = %s""",
+                f"""SELECT group_id FROM {db_settings.CORE_PLATFORM_USER_GROUPS_TABLE}
+                    WHERE tenant_id = %s AND delete_status = 'NOT_DELETED' AND is_active = true AND user_id = %s AND (is_system = false OR is_system IS NULL)""",
                 (tenant_id, user_id,),
             )
 
@@ -111,7 +111,7 @@ class AuthService:
                 login_settings_details = DatabaseManager.execute_query(
                     f"""SELECT user_id, group_id, is_suspended, can_always_login,
                     is_multi_factor_enabled, is_login_before, working_days,
-                    login_on, logout_on FROM {db_settings.TENANT_LOGIN_SETTINGS_TABLE}
+                    login_on, logout_on FROM {db_settings.CORE_PLATFORM_LOGIN_SETTINGS_TABLE}
                     WHERE tenant_id = %s AND (delete_status = 'NOT_DELETED' AND is_active = true )
                     AND (user_id = %s OR group_id = ANY(%s))
                     ORDER BY user_id NULLS LAST
@@ -122,7 +122,7 @@ class AuthService:
                 login_settings_details = DatabaseManager.execute_query(
                     f"""SELECT user_id, group_id, is_suspended, can_always_login,
                     is_multi_factor_enabled, is_login_before, working_days,
-                    login_on, logout_on FROM {db_settings.TENANT_LOGIN_SETTINGS_TABLE}
+                    login_on, logout_on FROM {db_settings.CORE_PLATFORM_LOGIN_SETTINGS_TABLE}
                     WHERE tenant_id = %s AND (delete_status = 'NOT_DELETED' AND is_active = true ) AND user_id = %s""",
                     (tenant_id, user_id,),
                 )
@@ -159,6 +159,7 @@ class AuthService:
                 # 2. time period restriction (if login_on/logout_on are set)
 
                 if login_on and logout_on:
+                    
                     # Time period restriction is active
                     logger.info(f"Checking time period restriction for user: {user_id}")
 
@@ -203,9 +204,10 @@ class AuthService:
                     f"""
                         SELECT DISTINCT ON (group_id, user_id, role_id)
                             group_id, user_id, role_id, resource_type
-                        FROM {db_settings.TENANT_ASSIGN_ROLES_TABLE}
+                        FROM {db_settings.CORE_PLATFORM_ASSIGN_ROLES_TABLE}
                         WHERE tenant_id = %s AND delete_status = 'NOT_DELETED'
                         AND is_active = true
+                        AND (is_system = false OR is_system IS NULL)
                         AND (user_id = %s OR group_id = ANY(%s))
                         ORDER BY group_id, user_id, role_id;
                     """,
@@ -217,28 +219,36 @@ class AuthService:
                     f"""
                         SELECT DISTINCT ON (user_id, role_id)
                             user_id, role_id, resource_type
-                        FROM {db_settings.TENANT_ASSIGN_ROLES_TABLE}
+                        FROM {db_settings.CORE_PLATFORM_ASSIGN_ROLES_TABLE}
                         WHERE tenant_id = %s AND delete_status = 'NOT_DELETED'
                         AND is_active = true
+                        AND (is_system = false OR is_system IS NULL)
                         AND user_id = %s
                         ORDER BY user_id, role_id;
                     """,
                     (tenant_id, user_id,),
                 )
 
-            # ✅ NEW: Get system-level roles from main.system_user_groups and main.system_assign_roles
+            # ✅ NEW: Get system-level roles from cp_user_groups and cp_assign_roles with is_system=true
+            # NOTE: system_groups, system_user_groups, and system_assign_roles are now consolidated
+            # into cp_groups, cp_user_groups, and cp_assign_roles with is_system flag
             logger.info(f"Fetching system-level roles for user: {user_id}")
 
             system_roles = DatabaseManager.execute_query(
                 f"""
                     SELECT DISTINCT sug.group_id, sug.user_id, sar.role_id, sar.resource_type
-                    FROM {db_settings.MAIN_SYSTEM_USER_GROUPS_TABLE} sug
-                    INNER JOIN {db_settings.MAIN_SYSTEM_ASSIGN_ROLES_TABLE} sar ON sug.group_id = sar.group_id
-                    WHERE sug.user_id = %s
+                    FROM {db_settings.CORE_PLATFORM_USER_GROUPS_TABLE} sug
+                    INNER JOIN {db_settings.CORE_PLATFORM_ASSIGN_ROLES_TABLE} sar 
+                        ON sug.group_id = sar.group_id AND sug.tenant_id = sar.tenant_id
+                    WHERE sug.user_id = %s AND sug.tenant_id = %s
+                    AND sug.is_system = true
+                    AND sug.is_active = true
+                    AND sug.delete_status = 'NOT_DELETED'
                     AND sar.is_active = true
                     AND sar.delete_status = 'NOT_DELETED'
+                    AND sar.is_system = true
                 """,
-                (user_id,)
+                (user_id, 'system-tenant-id')
             )
 
             if system_roles:
@@ -246,16 +256,17 @@ class AuthService:
             else:
                 logger.info(f"No system-level roles found for user: {user_id}")
 
-            # ✅ NEW: Also check for direct system role assignments (user_id in system_assign_roles)
+            # ✅ NEW: Also check for direct system role assignments (user_id in cp_assign_roles with is_system=true)
             direct_system_roles = DatabaseManager.execute_query(
                 f"""
                     SELECT DISTINCT NULL as group_id, sar.user_id, sar.role_id, sar.resource_type
-                    FROM {db_settings.MAIN_SYSTEM_ASSIGN_ROLES_TABLE} sar
-                    WHERE sar.user_id = %s
+                    FROM {db_settings.CORE_PLATFORM_ASSIGN_ROLES_TABLE} sar
+                    WHERE sar.user_id = %s AND sar.tenant_id = %s
                     AND sar.is_active = true
                     AND sar.delete_status = 'NOT_DELETED'
+                    AND sar.is_system = true
                 """,
-                (user_id,)
+                (user_id, 'system-tenant-id')
             )
 
             if direct_system_roles:
@@ -268,10 +279,23 @@ class AuthService:
 
             # GET permissions and Append to Role
             get_user_roles_with_tenant_and_permissions = []
+            # Track system role IDs for quick lookup
+            system_role_ids = {r["role_id"] for r in system_roles} if system_roles else set()
+            if direct_system_roles:
+                system_role_ids.update({r["role_id"] for r in direct_system_roles})
+            
             for role in all_roles:
+                role_id = role["role_id"]
+                # For system roles, use system-tenant-id; for tenant roles, use tenant_id
+                if role_id in system_role_ids:
+                    role_tenant_id = 'system-tenant-id'
+                else:
+                    role_tenant_id = tenant_id
+                
                 permissions = DatabaseManager.execute_query(
-                    f"""SELECT permission_id FROM {db_settings.MAIN_ROLE_PERMISSIONS_TABLE} WHERE role_id = %s""",
-                    params=(role["role_id"],),
+                    f"""SELECT permission_id FROM {db_settings.CORE_PLATFORM_ROLE_PERMISSIONS_TABLE} 
+                        WHERE role_id = %s AND tenant_id = %s""",
+                    params=(role_id, role_tenant_id),
                 )
 
                 role_dict = {**role, "tenant_id": tenant_id, "permissions": [p['permission_id'] for p in permissions]}

trovesuite/configs/settings.py

@@ -10,6 +10,11 @@ class Settings:
     DB_PORT: str = os.getenv("DB_PORT")
     DB_PASSWORD: str = os.getenv("DB_PASSWORD")
     
+    # CORS Endpoint
+    # LOCAL_HOST_URL = os.getenv("LOCAL_HOST_URL")
+    # FRONTEND_SERVER_URL_1 = os.getenv("FRONTEND_SERVER_URL")
+    # FRONTEND_SERVER_URL_2 = os.getenv("FRONTEND_SERVER_URL")
+
     # Application settings
     DEBUG: bool = os.getenv("DEBUG", "True").lower() in ("true",1)
     APP_NAME: str = os.getenv("APP_NAME", "Python Template API")
@@ -30,56 +35,52 @@ class Settings:
     ACCESS_TOKEN_EXPIRE_MINUTES: int = int(os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", "120"))
     
     # =============================================================================
-    # SHARED TABLES (main schema)
+    # SHARED TABLES (core_platform schema)
     # =============================================================================
-    MAIN_TENANTS_TABLE = os.getenv("MAIN_TENANTS_TABLE", "main.tenants")
-    MAIN_TENANT_RESOURCE_ID_TABLE = os.getenv("MAIN_TENANT_RESOURCE_ID_TABLE", "main.tenant_resource_ids")
-    MAIN_SUBSCRIPTIONS_TABLE = os.getenv("MAIN_SUBSCRIPTIONS_TABLE", "main.subscriptions")
-    MAIN_APPS_TABLE = os.getenv("MAIN_APPS_TABLE", "main.apps")
-    MAIN_USERS_TABLE = os.getenv("MAIN_USERS_TABLE", "main.users")
-    MAIN_RESOURCE_TYPES_TABLE = os.getenv("MAIN_RESOURCE_TYPES_TABLE", "main.resource_types")
-    MAIN_RESOURCE_ID_TABLE = os.getenv("MAIN_RESOURCE_ID_TABLE", "main.resource_ids")
-    MAIN_RESOURCES_TABLE = os.getenv("MAIN_RESOURCES_TABLE", "main.resources")
-    MAIN_PERMISSIONS_TABLE = os.getenv("MAIN_PERMISSIONS_TABLE", "main.permissions")
-    MAIN_ROLES_TABLE = os.getenv("MAIN_ROLES_TABLE", "main.roles")
-    MAIN_ROLE_PERMISSIONS_TABLE = os.getenv("MAIN_ROLE_PERMISSIONS_TABLE", "main.role_permissions")
-    MAIN_USER_SUBSCRIPTIONS_TABLE = os.getenv("MAIN_USER_SUBSCRIPTIONS_TABLE", "main.user_subscriptions")
-    MAIN_USER_SUBSCRIPTION_HISTORY_TABLE = os.getenv("MAIN_USER_SUBSCRIPTION_HISTORY_TABLE", "main.user_subscription_history")
-    MAIN_OTP = os.getenv("MAIN_OTP", "main.otps")
-    MAIN_PASSWORD_POLICY = os.getenv("MAIN_PASSWORD_POLICY", "main.password_policies")
-    MAIN_MULTI_FACTOR_SETTINGS = os.getenv("MAIN_MULTI_FACTOR_SETTINGS", "main.multi_factor_settings")
-    MAIN_USER_LOGIN_TRACKING = os.getenv("MAIN_USER_LOGIN_TRACKING", "main.user_login_tracking")
-    MAIN_ENTERPRISE_SUBSCRIPTIONS_TABLE = os.getenv("MAIN_ENTERPRISE_SUBSCRIPTIONS_TABLE", "main.enterprise_subscriptions")
-    MAIN_CHANGE_PASSWORD_POLICY_TABLE = os.getenv("MAIN_CHANGE_PASSWORD_POLICY_TABLE", "main.change_password_policy")
+    CORE_PLATFORM_TENANTS_TABLE = os.getenv("CORE_PLATFORM_TENANTS_TABLE", "core_platform.cp_tenants")
+    CORE_PLATFORM_TENANT_RESOURCE_ID_TABLE = os.getenv("CORE_PLATFORM_TENANT_RESOURCE_ID_TABLE", "core_platform.cp_resource_ids")
+    CORE_PLATFORM_SUBSCRIPTIONS_TABLE = os.getenv("CORE_PLATFORM_SUBSCRIPTIONS_TABLE", "core_platform.cp_subscriptions")
+    CORE_PLATFORM_APPS_TABLE = os.getenv("CORE_PLATFORM_APPS_TABLE", "core_platform.cp_apps")
+    CORE_PLATFORM_USERS_TABLE = os.getenv("CORE_PLATFORM_USERS_TABLE", "core_platform.cp_users")
+    CORE_PLATFORM_RESOURCE_TYPES_TABLE = os.getenv("CORE_PLATFORM_RESOURCE_TYPES_TABLE", "core_platform.cp_resource_types")
+    CORE_PLATFORM_RESOURCE_ID_TABLE = os.getenv("CORE_PLATFORM_RESOURCE_ID_TABLE", "core_platform.cp_shared_resource_ids")
+    CORE_PLATFORM_RESOURCES_TABLE = os.getenv("CORE_PLATFORM_RESOURCES_TABLE", "core_platform.resources")
+    CORE_PLATFORM_PERMISSIONS_TABLE = os.getenv("CORE_PLATFORM_PERMISSIONS_TABLE", "core_platform.cp_permissions")
+    CORE_PLATFORM_ROLES_TABLE = os.getenv("CORE_PLATFORM_ROLES_TABLE", "core_platform.cp_roles")
+    CORE_PLATFORM_ROLE_PERMISSIONS_TABLE = os.getenv("CORE_PLATFORM_ROLE_PERMISSIONS_TABLE", "core_platform.cp_role_permissions")
+    CORE_PLATFORM_USER_SUBSCRIPTIONS_TABLE = os.getenv("CORE_PLATFORM_USER_SUBSCRIPTIONS_TABLE", "core_platform.cp_user_subscriptions")
+    CORE_PLATFORM_USER_SUBSCRIPTION_HISTORY_TABLE = os.getenv("CORE_PLATFORM_USER_SUBSCRIPTION_HISTORY_TABLE", "core_platform.cp_user_subscription_histories")
+    CORE_PLATFORM_OTP = os.getenv("CORE_PLATFORM_OTP", "core_platform.cp_otps")
+    CORE_PLATFORM_PASSWORD_POLICY = os.getenv("CORE_PLATFORM_PASSWORD_POLICY", "core_platform.cp_password_policies")
+    CORE_PLATFORM_MULTI_FACTOR_SETTINGS = os.getenv("CORE_PLATFORM_MULTI_FACTOR_SETTINGS", "core_platform.cp_multi_factor_settings")
+    CORE_PLATFORM_USER_LOGIN_TRACKING = os.getenv("CORE_PLATFORM_USER_LOGIN_TRACKING", "core_platform.cp_user_login_tracking")
+    CORE_PLATFORM_ENTERPRISE_SUBSCRIPTIONS_TABLE = os.getenv("CORE_PLATFORM_ENTERPRISE_SUBSCRIPTIONS_TABLE", "core_platform.cp_enterprise_subscriptions")
+    CORE_PLATFORM_CHANGE_PASSWORD_POLICY_TABLE = os.getenv("CORE_PLATFORM_CHANGE_PASSWORD_POLICY_TABLE", "core_platform.cp_change_password_policy")
+    CORE_PLATFORM_APP_FEATURES_TABLE = os.getenv("CORE_PLATFORM_APP_FEATURES_TABLE", "core_platform.cp_app_features")
 
-    # System-level tables
-    MAIN_SYSTEM_GROUPS_TABLE = os.getenv("MAIN_SYSTEM_GROUPS_TABLE", "main.system_groups")
-    MAIN_SYSTEM_USER_GROUPS_TABLE = os.getenv("MAIN_SYSTEM_USER_GROUPS_TABLE", "main.system_user_groups")
-    MAIN_SYSTEM_ASSIGN_ROLES_TABLE = os.getenv("MAIN_SYSTEM_ASSIGN_ROLES_TABLE", "main.system_assign_roles")
-    
     # =============================================================================
-    # TENANT-SPECIFIC TABLES (now in main schema with tenant_id)
+    # CORE PLATFORM TABLES (prefixed with cp_, now in core_platform schema with tenant_id)
     # =============================================================================
-    # NOTE: These tables have been migrated from separate tenant schemas to main schema.
-    # All tables now include tenant_id column for multi-tenant isolation.
+    # NOTE: These tables have been renamed from tenant_ prefix to cp_ (core platform).
+    # All tables include tenant_id column for multi-tenant isolation.
+    # Tables with is_system column can contain both user and system data.
     # =============================================================================
-    TENANT_SUBSCRIPTIONS_TABLE = os.getenv("TENANT_SUBSCRIPTIONS_TABLE", "main.tenant_subscriptions")
-    TENANT_GROUPS_TABLE = os.getenv("TENANT_GROUPS_TABLE", "main.tenant_groups")
-    TENANT_LOGIN_SETTINGS_TABLE = os.getenv("TENANT_LOGIN_SETTINGS_TABLE", "main.tenant_login_settings")
-    TENANT_RESOURCES_TABLE = os.getenv("TENANT_RESOURCES_TABLE", "main.tenant_resources")
-    TENANT_ASSIGN_ROLES_TABLE = os.getenv("TENANT_ASSIGN_ROLES_TABLE", "main.tenant_assign_roles")
-    TENANT_RESOURCE_ID_TABLE = os.getenv("TENANT_RESOURCE_ID_TABLE", "main.tenant_resource_ids")
-    TENANT_SUBSCRIPTION_HISTORY_TABLE = os.getenv("TENANT_SUBSCRIPTION_HISTORY_TABLE", "main.tenant_subscription_histories")
-    TENANT_RESOURCE_DELETION_CHAT_HISTORY_TABLE = os.getenv("TENANT_RESOURCE_DELETION_CHAT_HISTORY_TABLE", "main.tenant_resource_deletion_chat_histories")
-    TENANT_USER_GROUPS_TABLE = os.getenv("TENANT_USER_GROUPS_TABLE", "main.tenant_user_groups")
-    TENANT_ACTIVITY_LOGS_TABLE = os.getenv("TENANT_ACTIVITY_LOGS_TABLE", "main.tenant_activity_logs")
-    TENANT_ORGANIZATIONS_TABLE = os.getenv("TENANT_ORGANIZATIONS_TABLE", "main.tenant_organizations")
-    TENANT_BUSINESSES_TABLE = os.getenv("TENANT_BUSINESSES_TABLE", "main.tenant_businesses")
-    TENANT_BUSINESS_APPS_TABLE = os.getenv("TENANT_BUSINESS_APPS_TABLE", "main.tenant_business_apps")
-    TENANT_LOCATIONS_TABLE = os.getenv("TENANT_LOCATIONS_TABLE", "main.tenant_locations")
-    TENANT_ASSIGN_LOCATIONS_TABLE = os.getenv("TENANT_ASSIGN_LOCATIONS_TABLE", "main.tenant_assign_locations")
-    TENANT_UNIT_OF_MEASURE_TABLE = os.getenv("TENANT_UNIT_OF_MEASURE_TABLE", "main.tenant_unit_of_measure")
-    TENANT_CURRENCY = os.getenv("TENANT_CURRENCY", "main.tenant_currency")
+    CORE_PLATFORM_GROUPS_TABLE = os.getenv("CORE_PLATFORM_GROUPS_TABLE", "core_platform.cp_groups")
+    CORE_PLATFORM_LOGIN_SETTINGS_TABLE = os.getenv("CORE_PLATFORM_LOGIN_SETTINGS_TABLE", "core_platform.cp_login_settings")
+    CORE_PLATFORM_RESOURCES_TABLE = os.getenv("CORE_PLATFORM_RESOURCES_TABLE", "core_platform.cp_resources")
+    CORE_PLATFORM_ASSIGN_ROLES_TABLE = os.getenv("CORE_PLATFORM_ASSIGN_ROLES_TABLE", "core_platform.cp_assign_roles")
+    CORE_PLATFORM_RESOURCE_ID_TABLE = os.getenv("CORE_PLATFORM_RESOURCE_ID_TABLE", "core_platform.cp_resource_ids")
+    CORE_PLATFORM_SUBSCRIPTION_HISTORY_TABLE = os.getenv("CORE_PLATFORM_SUBSCRIPTION_HISTORY_TABLE", "core_platform.cp_user_subscription_histories")
+    CORE_PLATFORM_RESOURCE_DELETION_CHAT_HISTORY_TABLE = os.getenv("CORE_PLATFORM_RESOURCE_DELETION_CHAT_HISTORY_TABLE", "core_platform.cp_resource_deletion_chat_histories")
+    CORE_PLATFORM_USER_GROUPS_TABLE = os.getenv("CORE_PLATFORM_USER_GROUPS_TABLE", "core_platform.cp_user_groups")
+    CORE_PLATFORM_ACTIVITY_LOGS_TABLE = os.getenv("CORE_PLATFORM_ACTIVITY_LOGS_TABLE", "core_platform.cp_activity_logs")
+    CORE_PLATFORM_ORGANIZATIONS_TABLE = os.getenv("CORE_PLATFORM_ORGANIZATIONS_TABLE", "core_platform.cp_organizations")
+    CORE_PLATFORM_BUSINESSES_TABLE = os.getenv("CORE_PLATFORM_BUSINESSES_TABLE", "core_platform.cp_businesses")
+    CORE_PLATFORM_BUSINESS_APPS_TABLE = os.getenv("CORE_PLATFORM_BUSINESS_APPS_TABLE", "core_platform.cp_business_apps")
+    CORE_PLATFORM_LOCATIONS_TABLE = os.getenv("CORE_PLATFORM_LOCATIONS_TABLE", "core_platform.cp_locations")
+    CORE_PLATFORM_ASSIGN_LOCATIONS_TABLE = os.getenv("CORE_PLATFORM_ASSIGN_LOCATIONS_TABLE", "core_platform.cp_assign_locations")
+    CORE_PLATFORM_UNIT_OF_MEASURE_TABLE = os.getenv("CORE_PLATFORM_UNIT_OF_MEASURE_TABLE", "core_platform.cp_unit_of_measures")
+    CORE_PLATFORM_CURRENCY = os.getenv("CORE_PLATFORM_CURRENCY", "core_platform.cp_currencies")
 
     # Mail Configurations
     MAIL_SENDER_EMAIL=os.getenv("MAIL_SENDER_EMAIL")

trovesuite/utils/helper.py

@@ -263,12 +263,12 @@ class Helper:
             if user_id:
                 try:
                     logger.debug(f"Fetching user information for user_id={user_id}")
-                    main_users_table = getattr(db_settings, 'MAIN_USERS_TABLE', 'main.users')
+                    main_users_table = getattr(db_settings, 'MAIN_USERS_TABLE', 'main.cp_users')
                     user_data = DatabaseManager.execute_query(
                         f"""SELECT email, contact, fullname
                         FROM {main_users_table}
-                        WHERE id = %s""",
-                        (user_id,)
+                        WHERE id = %s AND tenant_id = %s""",
+                        (user_id, tenant_id)
                     )
                     logger.debug(f"User data query returned: {user_data}")
 
@@ -423,15 +423,16 @@ class Helper:
             query = f"""
                 SELECT DISTINCT u.id as user_id, u.email, u.fullname
                 FROM {main_users_table} u
-                WHERE u.delete_status = 'NOT_DELETED'
+                WHERE u.tenant_id = %s
+                AND u.delete_status = 'NOT_DELETED'
                 AND u.is_active = true
                 AND u.can_login = true
                 AND (
                     -- Direct role assignment
-                    u.id IN (
-                        SELECT ar.user_id
+                    (u.id, u.tenant_id) IN (
+                        SELECT ar.user_id, ar.tenant_id
                         FROM {tenant_assign_roles_table} ar
-                        INNER JOIN {main_roles_table} r ON ar.role_id = r.id
+                        INNER JOIN {main_roles_table} r ON ar.role_id = r.id AND ar.tenant_id = r.tenant_id
                         WHERE ar.tenant_id = %s
                         AND ar.delete_status = 'NOT_DELETED'
                         AND ar.is_active = true
@@ -442,11 +443,11 @@ class Helper:
                     )
                     OR
                     -- Group-based role assignment
-                    u.id IN (
-                        SELECT ug.user_id
+                    (u.id, u.tenant_id) IN (
+                        SELECT ug.user_id, ug.tenant_id
                         FROM {tenant_user_groups_table} ug
-                        INNER JOIN {tenant_assign_roles_table} ar ON ug.group_id = ar.group_id
-                        INNER JOIN {main_roles_table} r ON ar.role_id = r.id
+                        INNER JOIN {tenant_assign_roles_table} ar ON ug.group_id = ar.group_id AND ug.tenant_id = ar.tenant_id
+                        INNER JOIN {main_roles_table} r ON ar.role_id = r.id AND ar.tenant_id = r.tenant_id
                         WHERE ug.tenant_id = %s
                         AND ar.tenant_id = %s
                         AND ug.delete_status = 'NOT_DELETED'
@@ -461,7 +462,7 @@ class Helper:
                 )
             """
 
-            results = DatabaseManager.execute_query(query, (tenant_id, tenant_id, tenant_id,))
+            results = DatabaseManager.execute_query(query, (tenant_id, tenant_id, tenant_id, tenant_id,))
 
             admin_users = []
             if results:
@@ -567,15 +568,15 @@ class Helper:
             actor_email = "no-reply@trovesuite.com"
 
             if actor_user_id:
-                main_users_table = getattr(db_settings, 'MAIN_USERS_TABLE', 'main.users')
+                main_users_table = getattr(db_settings, 'MAIN_USERS_TABLE', 'main.cp_users')
                 actor_details = DatabaseManager.execute_query(
                     f"""SELECT fullname, email
                         FROM {main_users_table}
-                        WHERE id = %s""",
-                    (actor_user_id,),
+                        WHERE id = %s AND tenant_id = %s""",
+                    (actor_user_id, tenant_id),
                 )
 
-                if actor_details:
+                if actor_details and len(actor_details) > 0:
                     actor_data = dict(actor_details[0])
                     actor_name_candidate = (actor_data.get("fullname") or "").strip()
                     actor_name = actor_name_candidate or actor_data.get("email") or actor_name

{trovesuite-1.0.18.dist-info → trovesuite-1.0.20.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: trovesuite
-Version: 1.0.18
+Version: 1.0.20
 Summary: TroveSuite services package providing authentication, authorization, notifications, Azure Storage, and other enterprise services for TroveSuite applications
 Home-page: https://dev.azure.com/brightgclt/trovesuite/_git/packages
 Author: Bright Debrah Owusu

{trovesuite-1.0.18.dist-info → trovesuite-1.0.20.dist-info}/RECORD

@@ -3,12 +3,12 @@ trovesuite/auth/__init__.py,sha256=OjZllVvjul1glDazJ-d5TrNjgHFigFlQQi1G99DYshk,2
 trovesuite/auth/auth_base.py,sha256=rZHQVLeJRBQ8GClgF5UwG-er4_HXVX5-nt8o6_Z29uY,75
 trovesuite/auth/auth_controller.py,sha256=PAgaVlf5TYEfkSfK4vGGsvO84i8zEmeVVXyUF2YBppI,420
 trovesuite/auth/auth_read_dto.py,sha256=e27JqKVPVUM83A_mYF452QCflsvGNo7aKje7q_urwFc,571
-trovesuite/auth/auth_service.py,sha256=YtPtYvzOAiYnsvRutYcYFsyOuJxc41MAmIGY4qiPsM4,18202
+trovesuite/auth/auth_service.py,sha256=L_X8gofmiTHB5MsWCtEx_mKo00fTn_vmXCiJ-qZNkXI,19702
 trovesuite/auth/auth_write_dto.py,sha256=rdwI7w6-9QZGv1H0PAGrjkLBCzaMHjgPIXeLb9RmNec,234
 trovesuite/configs/__init__.py,sha256=h1mSZOaZ3kUy1ZMO_m9O9KklsxywM0RfMVZLh9h9WvQ,328
 trovesuite/configs/database.py,sha256=IPSu8fXjxyYeJ3bFknJG06Qm2L2ub6Ht19xhKv8g7nA,11731
 trovesuite/configs/logging.py,sha256=mGjR2d4urVNry9l5_aXycMMtcY2RAFIpEL35hw33KZg,9308
-trovesuite/configs/settings.py,sha256=baXR6OQefNm0vkyTWNCbL8jGdgD-k9RwDid5cyZSme0,6339
+trovesuite/configs/settings.py,sha256=2S1zPHJiYWaK6xT-tnZBfT2gJ-C0O6qXMtVQt_Xtyi4,7200
 trovesuite/entities/__init__.py,sha256=Dbl_03Bueyh2vOP2hykd40MmNMrl5nNHSRGP-kqwwNo,160
 trovesuite/entities/health.py,sha256=KaW7yxTQdymIPlnkJJkDqEebBXkD0a7A66i5GgNZLoE,2700
 trovesuite/entities/sh_response.py,sha256=1_sw3PpVaDxWsNiBU0W9YLHZgTFxEj4JJBLBfSY63Ho,1579
@@ -25,10 +25,10 @@ trovesuite/storage/storage_read_dto.py,sha256=o7EVJdwrwVZAaeyGU9O01WMECGVaytkvLR
 trovesuite/storage/storage_service.py,sha256=V7LIePIV6b_iuhm-9x8r4zwpZHgeRPL1YIe5IBnxhco,19768
 trovesuite/storage/storage_write_dto.py,sha256=vl1iCZ93bpFmpvkCrn587QtMtOA_TPDseXSoTuj9RTQ,1355
 trovesuite/utils/__init__.py,sha256=mDZuY77BphvQFYLmcWxjP5Tcq9ZZ3WXJWBKB1v6wzHU,185
-trovesuite/utils/helper.py,sha256=GY9PUUgAQsOYrsNrzNHdyfPlAyZvQy-49m-XxpQokz0,26660
+trovesuite/utils/helper.py,sha256=NySt18kl4Dc78tN5HiB7SpsCH5DWy3QvG1AMtl-ASBM,26951
 trovesuite/utils/templates.py,sha256=_92k4-EkqWs-h0LNJxPgorbspmp24kDngS7O3qWIFyQ,20388
-trovesuite-1.0.18.dist-info/licenses/LICENSE,sha256=EJT35ct-Q794JYPdAQy3XNczQGKkU1HzToLeK1YVw2s,1070
-trovesuite-1.0.18.dist-info/METADATA,sha256=rNEcWB2xkxHziv7voEoirrUhJlsF4qZFOMeLtGD5SMg,21737
-trovesuite-1.0.18.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-trovesuite-1.0.18.dist-info/top_level.txt,sha256=GzKhG_-MTaxeHrIgkGkBH_nof2vroGFBrjeHKWUIwNc,11
-trovesuite-1.0.18.dist-info/RECORD,,
+trovesuite-1.0.20.dist-info/licenses/LICENSE,sha256=EJT35ct-Q794JYPdAQy3XNczQGKkU1HzToLeK1YVw2s,1070
+trovesuite-1.0.20.dist-info/METADATA,sha256=V-X2zCbuvkbw0ED9GIztWA6APS4YpNugE3dWWf1c0vQ,21737
+trovesuite-1.0.20.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+trovesuite-1.0.20.dist-info/top_level.txt,sha256=GzKhG_-MTaxeHrIgkGkBH_nof2vroGFBrjeHKWUIwNc,11
+trovesuite-1.0.20.dist-info/RECORD,,