PyPI - trovesuite - Versions diffs - 1.0.19__tar.gz → 1.0.22__tar.gz - Mend

trovesuite 1.0.19tar.gz → 1.0.22tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

{trovesuite-1.0.19/src/trovesuite.egg-info → trovesuite-1.0.22}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: trovesuite
-Version: 1.0.19
+Version: 1.0.22
 Summary: TroveSuite services package providing authentication, authorization, notifications, Azure Storage, and other enterprise services for TroveSuite applications
 Home-page: https://dev.azure.com/brightgclt/trovesuite/_git/packages
 Author: Bright Debrah Owusu

{trovesuite-1.0.19 → trovesuite-1.0.22}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [tool.poetry]
 name = "trovesuite"
-version = "1.0.19"
+version = "1.0.22"
 description = "TroveSuite services package providing authentication, authorization, notifications, Azure Storage, and other enterprise services for TroveSuite applications"
 authors = ["brightgclt <brightgclt@gmail.com>"]
 license = "MIT"
@@ -58,7 +58,7 @@ Documentation = "https://dev.azure.com/brightgclt/trovesuite/_git/packages"
 [project]
 name = "trovesuite"
-version = "1.0.19"
+version = "1.0.22"
 description = "TroveSuite services package providing authentication, authorization, notifications, Azure Storage, and other enterprise services for TroveSuite applications"
 readme = "README.md"
 license = {text = "MIT"}

{trovesuite-1.0.19 → trovesuite-1.0.22}/setup.py RENAMED Viewed

@@ -15,7 +15,7 @@ with open("pyproject.toml", "r", encoding="utf-8") as fh:
 setup(
     name="trovesuite",
-    version="1.0.19",
+    version="1.0.22",
     author="Bright Debrah Owusu",
     author_email="owusu.debrah@deladetech.com",
     description="TroveSuite services package providing authentication, authorization, notifications, and other enterprise services for TroveSuite applications",

{trovesuite-1.0.19 → trovesuite-1.0.22}/src/trovesuite/__init__.py RENAMED Viewed

@@ -11,7 +11,7 @@ from .notification import NotificationService
 from .storage import StorageService
 from .utils import Helper
-__version__ = "1.0.16"
+__version__ = "1.0.20"
 __author__ = "Bright Debrah Owusu"
 __email__ = "owusu.debrah@deladetech.com"

{trovesuite-1.0.19 → trovesuite-1.0.22}/src/trovesuite/auth/auth_service.py RENAMED Viewed

@@ -237,8 +237,8 @@ class AuthService:
             system_roles = DatabaseManager.execute_query(
                 f"""
                     SELECT DISTINCT sug.group_id, sug.user_id, sar.role_id, sar.resource_type
-                    FROM {db_settings.CORE_PLATFORM_SYSTEM_USER_GROUPS_TABLE} sug
-                    INNER JOIN {db_settings.CORE_PLATFORM_SYSTEM_ASSIGN_ROLES_TABLE} sar
+                    FROM {db_settings.CORE_PLATFORM_USER_GROUPS_TABLE} sug
+                    INNER JOIN {db_settings.CORE_PLATFORM_ASSIGN_ROLES_TABLE} sar
                         ON sug.group_id = sar.group_id AND sug.tenant_id = sar.tenant_id
                     WHERE sug.user_id = %s AND sug.tenant_id = %s
                     AND sug.is_system = true
@@ -260,7 +260,7 @@ class AuthService:
             direct_system_roles = DatabaseManager.execute_query(
                 f"""
                     SELECT DISTINCT NULL as group_id, sar.user_id, sar.role_id, sar.resource_type
-                    FROM {db_settings.CORE_PLATFORM_SYSTEM_ASSIGN_ROLES_TABLE} sar
+                    FROM {db_settings.CORE_PLATFORM_ASSIGN_ROLES_TABLE} sar
                     WHERE sar.user_id = %s AND sar.tenant_id = %s
                     AND sar.is_active = true
                     AND sar.delete_status = 'NOT_DELETED'
@@ -279,24 +279,74 @@ class AuthService:
             # GET permissions and Append to Role
             get_user_roles_with_tenant_and_permissions = []
-            # Track system role IDs for quick lookup
-            system_role_ids = {r["role_id"] for r in system_roles} if system_roles else set()
-            if direct_system_roles:
-                system_role_ids.update({r["role_id"] for r in direct_system_roles})
+            # Track system role IDs by querying cp_roles table for is_system flag (more reliable)
+            system_role_ids = set()
+            if all_roles:
+                role_ids = [r.get("role_id") for r in all_roles if r.get("role_id")]
+                if role_ids:
+                    try:
+                        # Check which roles are system roles by querying the roles table
+                        system_roles_check = DatabaseManager.execute_query(
+                            f"""SELECT id FROM {db_settings.CORE_PLATFORM_ROLES_TABLE}
+                            WHERE id = ANY(%s) AND is_system = true AND delete_status = 'NOT_DELETED'""",
+                            params=(role_ids,),
+                        )
+                        if system_roles_check:
+                            for role_record in system_roles_check:
+                                role_id = role_record.get("id") if isinstance(role_record, dict) else (role_record[0] if isinstance(role_record, (list, tuple)) and len(role_record) > 0 else None)
+                                if role_id:
+                                    system_role_ids.add(role_id)
+                        logger.info(f"Identified {len(system_role_ids)} system roles for user {user_id}")
+                    except Exception as e:
+                        logger.warning(f"Error checking system roles: {str(e)}")
+                        # Fallback: use system_roles query results
+                        system_role_ids = {r["role_id"] for r in system_roles} if system_roles else set()
+                        if direct_system_roles:
+                            system_role_ids.update({r["role_id"] for r in direct_system_roles})
             for role in all_roles:
-                role_id = role["role_id"]
-                # For system roles, use system-tenant-id; for tenant roles, use tenant_id
-                if role_id in system_role_ids:
-                    role_tenant_id = 'system-tenant-id'
+                role_id = role.get("role_id")
+                if not role_id:
+                    logger.warning(f"Skipping role with missing role_id: {role}")
+                    continue
+                # Determine which tenant_id to use for querying permissions
+                # For system roles, use 'system-tenant-id'; for tenant roles, use the user's tenant_id
+                is_system_role = role_id in system_role_ids
+                # Try the primary tenant_id first based on whether it's a system role
+                if is_system_role:
+                    primary_tenant_id = 'system-tenant-id'
+                    fallback_tenant_id = tenant_id
                 else:
-                    role_tenant_id = tenant_id
+                    primary_tenant_id = tenant_id
+                    fallback_tenant_id = 'system-tenant-id'
-                permissions = DatabaseManager.execute_query(
-                    f"""SELECT permission_id FROM {db_settings.CORE_PLATFORM_ROLE_PERMISSIONS_TABLE}
-                        WHERE role_id = %s AND tenant_id = %s""",
-                    params=(role_id, role_tenant_id),
-                )
+                # Query permissions for this role with primary tenant_id
+                permissions = []
+                try:
+                    permissions = DatabaseManager.execute_query(
+                        f"""SELECT permission_id FROM {db_settings.CORE_PLATFORM_ROLE_PERMISSIONS_TABLE}
+                        WHERE role_id = %s AND tenant_id = %s AND delete_status = 'NOT_DELETED'""",
+                        params=(role_id, primary_tenant_id),
+                    )
+                    # If no permissions found with primary tenant_id, try fallback (handles edge cases)
+                    if not permissions or len(permissions) == 0:
+                        logger.debug(f"No permissions found for role {role_id} with tenant {primary_tenant_id}, trying fallback {fallback_tenant_id}")
+                        fallback_permissions = DatabaseManager.execute_query(
+                            f"""SELECT permission_id FROM {db_settings.CORE_PLATFORM_ROLE_PERMISSIONS_TABLE}
+                            WHERE role_id = %s AND tenant_id = %s AND delete_status = 'NOT_DELETED'""",
+                            params=(role_id, fallback_tenant_id),
+                        )
+                        if fallback_permissions and len(fallback_permissions) > 0:
+                            permissions = fallback_permissions
+                            logger.info(f"Found permissions for role {role_id} in fallback tenant {fallback_tenant_id}")
+                except Exception as e:
+                    logger.error(f"Error querying permissions for role {role_id}: {str(e)}", exc_info=True)
+                    permissions = []
                 role_dict = {**role, "tenant_id": tenant_id, "permissions": [p['permission_id'] for p in permissions]}
                 get_user_roles_with_tenant_and_permissions.append(role_dict)

{trovesuite-1.0.19 → trovesuite-1.0.22/src/trovesuite.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: trovesuite
-Version: 1.0.19
+Version: 1.0.22
 Summary: TroveSuite services package providing authentication, authorization, notifications, Azure Storage, and other enterprise services for TroveSuite applications
 Home-page: https://dev.azure.com/brightgclt/trovesuite/_git/packages
 Author: Bright Debrah Owusu