trovesuite 1.0.22__py3-none-any.whl → 1.0.23__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. trovesuite/auth/auth_service.py +12 -32
  2. {trovesuite-1.0.22.dist-info → trovesuite-1.0.23.dist-info}/METADATA +1 -1
  3. {trovesuite-1.0.22.dist-info → trovesuite-1.0.23.dist-info}/RECORD +6 -6
  4. {trovesuite-1.0.22.dist-info → trovesuite-1.0.23.dist-info}/WHEEL +0 -0
  5. {trovesuite-1.0.22.dist-info → trovesuite-1.0.23.dist-info}/licenses/LICENSE +0 -0
  6. {trovesuite-1.0.22.dist-info → trovesuite-1.0.23.dist-info}/top_level.txt +0 -0
trovesuite/auth/auth_service.py CHANGED
@@ -229,26 +229,25 @@ class AuthService:
229
229
  (tenant_id, user_id,),
230
230
  )
231
231
 
232
- # ✅ NEW: Get system-level roles from cp_user_groups and cp_assign_roles with is_system=true
232
+ # ✅ NEW: Get system-level roles from cp_assign_roles with is_system=true
233
233
  # NOTE: system_groups, system_user_groups, and system_assign_roles are now consolidated
234
234
  # into cp_groups, cp_user_groups, and cp_assign_roles with is_system flag
235
+ # Use LEFT JOIN starting from cp_assign_roles to find BOTH direct user assignments AND group-based assignments
235
236
  logger.info(f"Fetching system-level roles for user: {user_id}")
236
237
 
237
238
  system_roles = DatabaseManager.execute_query(
238
239
  f"""
239
- SELECT DISTINCT sug.group_id, sug.user_id, sar.role_id, sar.resource_type
240
- FROM {db_settings.CORE_PLATFORM_USER_GROUPS_TABLE} sug
241
- INNER JOIN {db_settings.CORE_PLATFORM_ASSIGN_ROLES_TABLE} sar
242
- ON sug.group_id = sar.group_id AND sug.tenant_id = sar.tenant_id
243
- WHERE sug.user_id = %s AND sug.tenant_id = %s
244
- AND sug.is_system = true
245
- AND sug.is_active = true
246
- AND sug.delete_status = 'NOT_DELETED'
247
- AND sar.is_active = true
248
- AND sar.delete_status = 'NOT_DELETED'
240
+ SELECT DISTINCT COALESCE(sar.group_id::TEXT, NULL) as group_id, sar.user_id, sar.role_id, sar.resource_type
241
+ FROM {db_settings.CORE_PLATFORM_ASSIGN_ROLES_TABLE} sar
242
+ LEFT JOIN {db_settings.CORE_PLATFORM_USER_GROUPS_TABLE} sug
243
+ ON sar.group_id = sug.group_id AND sar.tenant_id = sug.tenant_id
244
+ WHERE sar.tenant_id = 'system-tenant-id'
249
245
  AND sar.is_system = true
246
+ AND sar.delete_status = 'NOT_DELETED'
247
+ AND sar.is_active = true
248
+ AND (sar.user_id = %s OR (sug.user_id = %s AND sug.tenant_id = 'system-tenant-id' AND sug.is_system = true AND sug.is_active = true AND sug.delete_status = 'NOT_DELETED'))
250
249
  """,
251
- (user_id, 'system-tenant-id')
250
+ (user_id, user_id)
252
251
  )
253
252
 
254
253
  if system_roles:
@@ -256,23 +255,6 @@ class AuthService:
256
255
  else:
257
256
  logger.info(f"No system-level roles found for user: {user_id}")
258
257
 
259
- # ✅ NEW: Also check for direct system role assignments (user_id in cp_assign_roles with is_system=true)
260
- direct_system_roles = DatabaseManager.execute_query(
261
- f"""
262
- SELECT DISTINCT NULL as group_id, sar.user_id, sar.role_id, sar.resource_type
263
- FROM {db_settings.CORE_PLATFORM_ASSIGN_ROLES_TABLE} sar
264
- WHERE sar.user_id = %s AND sar.tenant_id = %s
265
- AND sar.is_active = true
266
- AND sar.delete_status = 'NOT_DELETED'
267
- AND sar.is_system = true
268
- """,
269
- (user_id, 'system-tenant-id')
270
- )
271
-
272
- if direct_system_roles:
273
- logger.info(f"Found {len(direct_system_roles)} direct system-level role assignment(s) for user: {user_id}")
274
- system_roles.extend(direct_system_roles)
275
-
276
258
  # ✅ NEW: Merge tenant-level and system-level roles
277
259
  all_roles = get_user_roles + system_roles
278
260
  logger.info(f"Total roles (tenant + system) for user {user_id}: {len(all_roles)}")
@@ -302,9 +284,7 @@ class AuthService:
302
284
  except Exception as e:
303
285
  logger.warning(f"Error checking system roles: {str(e)}")
304
286
  # Fallback: use system_roles query results
305
- system_role_ids = {r["role_id"] for r in system_roles} if system_roles else set()
306
- if direct_system_roles:
307
- system_role_ids.update({r["role_id"] for r in direct_system_roles})
287
+ system_role_ids = {r.get("role_id") for r in system_roles if r.get("role_id")} if system_roles else set()
308
288
 
309
289
  for role in all_roles:
310
290
  role_id = role.get("role_id")
{trovesuite-1.0.22.dist-info → trovesuite-1.0.23.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: trovesuite
3
- Version: 1.0.22
3
+ Version: 1.0.23
4
4
  Summary: TroveSuite services package providing authentication, authorization, notifications, Azure Storage, and other enterprise services for TroveSuite applications
5
5
  Home-page: https://dev.azure.com/brightgclt/trovesuite/_git/packages
6
6
  Author: Bright Debrah Owusu
{trovesuite-1.0.22.dist-info → trovesuite-1.0.23.dist-info}/RECORD RENAMED
@@ -3,7 +3,7 @@ trovesuite/auth/__init__.py,sha256=OjZllVvjul1glDazJ-d5TrNjgHFigFlQQi1G99DYshk,2
3
3
  trovesuite/auth/auth_base.py,sha256=rZHQVLeJRBQ8GClgF5UwG-er4_HXVX5-nt8o6_Z29uY,75
4
4
  trovesuite/auth/auth_controller.py,sha256=PAgaVlf5TYEfkSfK4vGGsvO84i8zEmeVVXyUF2YBppI,420
5
5
  trovesuite/auth/auth_read_dto.py,sha256=e27JqKVPVUM83A_mYF452QCflsvGNo7aKje7q_urwFc,571
6
- trovesuite/auth/auth_service.py,sha256=ZSqR8K9HGhza7sJBd-ylsUXwMIyDH8IgCL6rKa6iQg0,23048
6
+ trovesuite/auth/auth_service.py,sha256=TQOJFG0AzhPGwZBAXVxMkHxyG2wyct4Zcoq4z0cVBO4,22201
7
7
  trovesuite/auth/auth_write_dto.py,sha256=rdwI7w6-9QZGv1H0PAGrjkLBCzaMHjgPIXeLb9RmNec,234
8
8
  trovesuite/configs/__init__.py,sha256=h1mSZOaZ3kUy1ZMO_m9O9KklsxywM0RfMVZLh9h9WvQ,328
9
9
  trovesuite/configs/database.py,sha256=IPSu8fXjxyYeJ3bFknJG06Qm2L2ub6Ht19xhKv8g7nA,11731
@@ -27,8 +27,8 @@ trovesuite/storage/storage_write_dto.py,sha256=vl1iCZ93bpFmpvkCrn587QtMtOA_TPDse
27
27
  trovesuite/utils/__init__.py,sha256=mDZuY77BphvQFYLmcWxjP5Tcq9ZZ3WXJWBKB1v6wzHU,185
28
28
  trovesuite/utils/helper.py,sha256=NySt18kl4Dc78tN5HiB7SpsCH5DWy3QvG1AMtl-ASBM,26951
29
29
  trovesuite/utils/templates.py,sha256=_92k4-EkqWs-h0LNJxPgorbspmp24kDngS7O3qWIFyQ,20388
30
- trovesuite-1.0.22.dist-info/licenses/LICENSE,sha256=EJT35ct-Q794JYPdAQy3XNczQGKkU1HzToLeK1YVw2s,1070
31
- trovesuite-1.0.22.dist-info/METADATA,sha256=aUNNd-C2rKgW-tVERlGWzDQsuRHLkZ37qlg1C9EBXfc,21737
32
- trovesuite-1.0.22.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
33
- trovesuite-1.0.22.dist-info/top_level.txt,sha256=GzKhG_-MTaxeHrIgkGkBH_nof2vroGFBrjeHKWUIwNc,11
34
- trovesuite-1.0.22.dist-info/RECORD,,
30
+ trovesuite-1.0.23.dist-info/licenses/LICENSE,sha256=EJT35ct-Q794JYPdAQy3XNczQGKkU1HzToLeK1YVw2s,1070
31
+ trovesuite-1.0.23.dist-info/METADATA,sha256=jkuPAVvbn9wDBw_R2Yvk-m7HlhaN7NSnBHpiGQjLXYw,21737
32
+ trovesuite-1.0.23.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
33
+ trovesuite-1.0.23.dist-info/top_level.txt,sha256=GzKhG_-MTaxeHrIgkGkBH_nof2vroGFBrjeHKWUIwNc,11
34
+ trovesuite-1.0.23.dist-info/RECORD,,