zrb 1.0.0a21__py3-none-any.whl → 1.0.0b3__py3-none-any.whl

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/auth/service/user/repository/user_db_repository.py

@@ -1,17 +1,35 @@
+import datetime
+from typing import Any, Callable
+
+import ulid
 from my_app_name.common.base_db_repository import BaseDBRepository
 from my_app_name.common.error import NotFoundError
+from my_app_name.config import (
+    APP_AUTH_GUEST_USER,
+    APP_AUTH_GUEST_USER_PERMISSIONS,
+    APP_AUTH_SUPER_USER,
+    APP_AUTH_SUPER_USER_PASSWORD,
+    APP_MAX_PARALLEL_SESSION,
+    APP_SESSION_EXPIRE_MINUTES,
+)
 from my_app_name.module.auth.service.user.repository.user_repository import (
     UserRepository,
 )
+from my_app_name.schema.permission import Permission
+from my_app_name.schema.role import Role, RolePermission
+from my_app_name.schema.session import Session, SessionResponse
 from my_app_name.schema.user import (
     User,
     UserCreateWithAudit,
     UserResponse,
+    UserRole,
     UserUpdateWithAudit,
 )
 from passlib.context import CryptContext
-from sqlalchemy.ext.asyncio import AsyncSession
-from sqlmodel import Session, select
+from sqlalchemy.engine import Engine
+from sqlalchemy.ext.asyncio import AsyncEngine
+from sqlalchemy.sql import ClauseElement, ColumnElement, Select
+from sqlmodel import SQLModel, delete, insert, select
 
 # Password hashing context
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
@@ -32,14 +50,163 @@ class UserDBRepository(
     entity_name = "user"
     column_preprocessors = {"password": hash_password}
 
+    def __init__(
+        self,
+        engine: Engine | AsyncEngine,
+        super_user_username: str = APP_AUTH_SUPER_USER,
+        super_user_password: str = APP_AUTH_SUPER_USER_PASSWORD,
+        guest_user_username: str = APP_AUTH_GUEST_USER,
+        guest_user_password: str = APP_AUTH_SUPER_USER_PASSWORD,
+        guest_user_permission_names: list[str] = APP_AUTH_GUEST_USER_PERMISSIONS,
+        max_parallel_session: int = APP_MAX_PARALLEL_SESSION,
+        session_expire_minutes: int = APP_SESSION_EXPIRE_MINUTES,
+        filter_param_parser: (
+            Callable[[SQLModel, str], list[ClauseElement]] | None
+        ) = None,
+        sort_param_parser: Callable[[SQLModel, str], list[ColumnElement]] | None = None,
+    ):
+        super().__init__(
+            engine=engine,
+            filter_param_parser=filter_param_parser,
+            sort_param_parser=sort_param_parser,
+        )
+        self._super_user_username = super_user_username
+        self._super_user_passwored = super_user_password
+        self._guest_user_username = guest_user_username
+        self._guest_user_password = guest_user_password
+        self._guest_user_permission_names = guest_user_permission_names
+        self._max_parallel_session = max_parallel_session
+        self._session_expire_minutes = session_expire_minutes
+        self._super_user: User | None = None
+        self._guest_user: User | None = None
+
+    def _select(self) -> Select:
+        return (
+            select(User, Role, Permission, Session)
+            .join(UserRole, UserRole.user_id == User.id, isouter=True)
+            .join(Role, Role.id == UserRole.role_id, isouter=True)
+            .join(RolePermission, RolePermission.role_id == Role.id, isouter=True)
+            .join(
+                Permission, Permission.id == RolePermission.permission_id, isouter=True
+            )
+            .join(Session, Session.user_id == User.id)
+        )
+
+    def _rows_to_responses(self, rows: list[tuple[Any, ...]]) -> list[UserResponse]:
+        user_map: dict[str, dict[str, Any]] = {}
+        user_role_map: dict[str, list[str]] = {}
+        user_permission_map: dict[str, list[str]] = {}
+        for user, role, permission, _ in rows:
+            if user.id not in user_map:
+                user_map[user.id] = {"user": user, "roles": [], "permissions": []}
+                user_role_map[user.id] = []
+                user_permission_map[user.id] = []
+            if role is not None and role.id not in user_role_map[user.id]:
+                user_role_map[user.id].append(role.id)
+                user_map[user.id]["roles"].append(role.model_dump())
+            if (
+                permission is not None
+                and permission.id not in user_permission_map[user.id]
+            ):
+                user_permission_map[user.id].append(permission.id)
+                user_map[user.id]["permissions"].append(permission.model_dump())
+        return [
+            UserResponse(
+                **data["user"].model_dump(),
+                roles=list(data["roles"]),
+                permissions=list(data["permissions"]),
+            )
+            for data in user_map.values()
+        ]
+
+    async def add_roles(self, data: dict[str, list[str]], created_by: str):
+        now = datetime.datetime.now(datetime.timezone.utc)
+        data_dict_list: list[dict[str, Any]] = []
+        for user_id, role_ids in data.items():
+            for role_id in role_ids:
+                data_dict_list.append(
+                    self._model_to_data_dict(
+                        UserRole(
+                            id=ulid.new().str,
+                            user_id=user_id,
+                            role_id=role_id,
+                            created_at=now,
+                            created_by=created_by,
+                        )
+                    )
+                )
+        async with self._session_scope() as session:
+            await self._execute_statement(
+                session, insert(UserRole).values(data_dict_list)
+            )
+
+    async def remove_all_roles(self, user_ids: list[str] = []):
+        async with self._session_scope() as session:
+            await self._execute_statement(
+                session,
+                delete(UserRole).where(UserRole.user_id._in(user_ids)),
+            )
+
     async def get_by_credentials(self, username: str, password: str) -> UserResponse:
-        statement = select(User).where(User.username == username)
-        if self.is_async:
-            async with AsyncSession(self.engine) as session:
-                user = await session.exec(statement).first
-        else:
-            with Session(self.engine) as session:
-                user = session.exec(statement).first()
-        if not user or not pwd_context.verify(password, user.hashed_password):
-            raise NotFoundError(f"{self.entity_name} not found")
-        return self._to_response(user)
+        rows = await self._select_to_response(
+            lambda q: q.where(
+                User.username == username, User.password == hash_password(password)
+            )
+        )
+        return self._ensure_one(rows)
+
+    async def get_by_token(self, token: str) -> UserResponse:
+        rows = await self._select_tor_response(
+            lambda q: q.where(Session.token == token)
+        )
+        return self._ensure_one(rows)
+
+    async def add_token(self, user_id: str, token: str):
+        async with self._session_scope() as session:
+            await self._execute_statement(
+                session,
+                insert(Session).values(
+                    {
+                        "id": ulid.new().str,
+                        "user_id": user_id,
+                        "token": token,
+                        "created_by": "system",
+                        "created_at": datetime.datetime.now(datetime.timezone.utc),
+                    }
+                ),
+            )
+
+    async def remove_token(self, user_id: str, token: str):
+        async with self._session_scope() as session:
+            await self._execute_statement(
+                session,
+                delete(Session).where(
+                    Session.token == token, Session.user_id == user_id
+                ),
+            )
+
+    async def get_sessions(self, user_id: str) -> list[SessionResponse]:
+        async with self._session_scope() as session:
+            statement = select(Session).where(Session.user_id == user_id)
+            result = await self._execute_statement(session, statement)
+            return [
+                SessionResponse(**session.model_dump())
+                for session in result.scalars().all()
+            ]
+
+    async def remove_session(self, user_id: str, session_id: str) -> SessionResponse:
+        async with self._session_scope() as session:
+            statement = select(Session).where(
+                Session.user_id == user_id, Session.id == session_id
+            )
+            result = await self._execute_statement(session, statement)
+            session = result.scalar_one_or_none()
+            if not session:
+                raise NotFoundError(f"{self.entity_name} not found")
+            await self._execute_statement(
+                session,
+                delete(Session).where(
+                    Session.id == session_id, Session.user_id == user_id
+                ),
+            )
+            return SessionResponse(**session.model_dump())

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/auth/service/user/repository/user_repository.py

@@ -1,5 +1,6 @@
 from abc import ABC, abstractmethod
 
+from my_app_name.schema.session import SessionResponse
 from my_app_name.schema.user import (
     User,
     UserCreateWithAudit,
@@ -9,34 +10,83 @@ from my_app_name.schema.user import (
 
 
 class UserRepository(ABC):
+
+    @abstractmethod
+    async def get_by_id(self, id: str) -> UserResponse:
+        """Get user by id"""
+
+    @abstractmethod
+    async def get_by_ids(self, id_list: list[str]) -> UserResponse:
+        """Get users by ids"""
+
+    @abstractmethod
+    async def add_roles(self, data: dict[str, list[str]], created_by: str):
+        """Add roles to user"""
+
+    @abstractmethod
+    async def remove_all_roles(self, user_ids: list[str] = []):
+        """Remove roles from user"""
+
     @abstractmethod
-    async def create(self, user_data: UserCreateWithAudit) -> UserResponse:
-        pass
+    async def get(
+        self,
+        page: int = 1,
+        page_size: int = 10,
+        filter: str | None = None,
+        sort: str | None = None,
+    ) -> list[User]:
+        """Get users by filter and sort"""
 
     @abstractmethod
-    async def get_by_id(self, user_id: str) -> UserResponse:
-        pass
+    async def count(self, filter: str | None = None) -> int:
+        """Count users by filter"""
 
     @abstractmethod
-    async def get_all(self) -> list[User]:
-        pass
+    async def create(self, data: UserCreateWithAudit) -> User:
+        """Create a new user"""
 
     @abstractmethod
-    async def update(
-        self, user_id: str, user_data: UserUpdateWithAudit
-    ) -> UserResponse:
-        pass
+    async def create_bulk(self, data: list[UserCreateWithAudit]) -> list[User]:
+        """Create some users"""
 
     @abstractmethod
-    async def delete(self, user_id: str) -> UserResponse:
-        pass
+    async def delete(self, id: str) -> User:
+        """Delete a user"""
 
     @abstractmethod
-    async def create_bulk(
-        self, user_data_list: list[UserCreateWithAudit]
-    ) -> list[UserResponse]:
-        pass
+    async def delete_bulk(self, id_list: list[str]) -> list[User]:
+        """Delete some users"""
+
+    @abstractmethod
+    async def update(self, id: str, data: UserUpdateWithAudit) -> User:
+        """Update a user"""
+
+    @abstractmethod
+    async def update_bulk(
+        self, id_list: list[str], data: UserUpdateWithAudit
+    ) -> list[User]:
+        """Update some users"""
 
     @abstractmethod
     async def get_by_credentials(self, username: str, password: str) -> UserResponse:
-        pass
+        """Get user by credential"""
+
+    @abstractmethod
+    async def get_by_token(self, token: str) -> UserResponse:
+        """Get user by token"""
+
+    @abstractmethod
+    async def add_token(self, user_id: str, token: str):
+        """Add token to user"""
+
+    @abstractmethod
+    async def remove_token(self, user_id: str, token: str):
+        """Remove token from user"""
+
+    @abstractmethod
+    async def get_sessions(self, user_id: str) -> list[SessionResponse]:
+        """Get sessions"""
+
+    @abstractmethod
+    async def remove_session(self, user_id: str, session_id: str) -> SessionResponse:
+        """Remove a session"""

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/auth/service/user/repository/user_repository_factory.py

@@ -1,4 +1,4 @@
-from my_app_name.common.db_engine import engine
+from my_app_name.common.db_engine_factory import db_engine
 from my_app_name.config import APP_REPOSITORY_TYPE
 from my_app_name.module.auth.service.user.repository.user_db_repository import (
     UserDBRepository,
@@ -8,6 +8,6 @@ from my_app_name.module.auth.service.user.repository.user_repository import (
 )
 
 if APP_REPOSITORY_TYPE == "db":
-    user_repository: UserRepository = UserDBRepository(engine)
+    user_repository: UserRepository = UserDBRepository(db_engine)
 else:
     user_repository: UserRepository = None

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/auth/service/user/user_service.py

@@ -0,0 +1,127 @@
+from logging import Logger
+
+from my_app_name.common.base_service import BaseService
+from my_app_name.module.auth.service.user.repository.user_repository import (
+    UserRepository,
+)
+from my_app_name.schema.user import (
+    MultipleUserResponse,
+    UserCreateWithRolesAndAudit,
+    UserResponse,
+    UserUpdateWithRolesAndAudit,
+)
+
+
+class UserService(BaseService):
+
+    def __init__(self, logger: Logger, user_repository: UserRepository):
+        super().__init__(logger)
+        self.user_repository = user_repository
+
+    @BaseService.route(
+        "/api/v1/users/{user_id}",
+        methods=["get"],
+        response_model=UserResponse,
+    )
+    async def get_user_by_id(self, user_id: str) -> UserResponse:
+        return await self.user_repository.get_by_id(user_id)
+
+    @BaseService.route(
+        "/api/v1/users",
+        methods=["get"],
+        response_model=MultipleUserResponse,
+    )
+    async def get_users(
+        self,
+        page: int = 1,
+        page_size: int = 10,
+        sort: str | None = None,
+        filter: str | None = None,
+    ) -> MultipleUserResponse:
+        users = await self.user_repository.get(page, page_size, filter, sort)
+        count = await self.user_repository.count(filter)
+        return MultipleUserResponse(data=users, count=count)
+
+    @BaseService.route(
+        "/api/v1/users/bulk",
+        methods=["post"],
+        response_model=list[UserResponse],
+    )
+    async def create_user_bulk(
+        self, data: list[UserCreateWithRolesAndAudit]
+    ) -> list[UserResponse]:
+        role_ids = [row.get_role_ids() for row in data]
+        data = [row.get_user_create_with_audit() for row in data]
+        users = await self.user_repository.create_bulk(data)
+        if len(users) > 0:
+            created_by = users[0].created_by
+            await self.user_repository.add_roles(
+                data={user.id: role_ids[i] for i, user in enumerate(data)},
+                created_by=created_by,
+            )
+        return await self.user_repository.get_by_ids([user.id for user in users])
+
+    @BaseService.route(
+        "/api/v1/users",
+        methods=["post"],
+        response_model=UserResponse,
+    )
+    async def create_user(self, data: UserCreateWithRolesAndAudit) -> UserResponse:
+        role_ids = data.get_role_ids()
+        data = data.get_user_create_with_audit()
+        user = await self.user_repository.create(data)
+        await self.user_repository.add_roles(
+            data={user.id: role_ids}, created_by=user.created_by
+        )
+        return await self.user_repository.get_by_id(user.id)
+
+    @BaseService.route(
+        "/api/v1/users/bulk",
+        methods=["put"],
+        response_model=UserResponse,
+    )
+    async def update_user_bulk(
+        self, user_ids: list[str], data: UserUpdateWithRolesAndAudit
+    ) -> UserResponse:
+        role_ids = [row.get_role_ids() for row in data]
+        data = [row.get_user_create_with_audit() for row in data]
+        users = await self.user_repository.update_bulk(user_ids, data)
+        if len(users) > 0:
+            updated_by = users[0].updated_by
+            await self.user_repository.remove_all_roles([user.id for user in users])
+            await self.user_repository.add_roles(
+                data={user.id: role_ids[i] for i, user in enumerate(data)},
+                updated_by=updated_by,
+            )
+        return await self.user_repository.get_by_ids([user.id for user in users])
+
+    @BaseService.route(
+        "/api/v1/users/{user_id}",
+        methods=["put"],
+        response_model=UserResponse,
+    )
+    async def update_user(
+        self, user_id: str, data: UserUpdateWithRolesAndAudit
+    ) -> UserResponse:
+        user = await self.user_repository.update(user_id, data)
+        return await self.user_repository.get_by_id(user.id)
+
+    @BaseService.route(
+        "/api/v1/users/{user_id}",
+        methods=["delete"],
+        response_model=UserResponse,
+    )
+    async def delete_user_bulk(
+        self, user_ids: list[str], deleted_by: str
+    ) -> UserResponse:
+        users = await self.user_repository.delete_bulk(user_ids)
+        return await self.user_repository.get_by_ids([user.id for user in users])
+
+    @BaseService.route(
+        "/api/v1/users/{user_id}",
+        methods=["delete"],
+        response_model=UserResponse,
+    )
+    async def delete_user(self, user_id: str, deleted_by: str) -> UserResponse:
+        user = await self.user_repository.delete(user_id)
+        return await self.user_repository.get_by_id(user.id)

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/auth/service/user/user_service_factory.py

@@ -0,0 +1,7 @@
+from my_app_name.common.logger_factory import logger
+from my_app_name.module.auth.service.user.repository.user_repository_factory import (
+    user_repository,
+)
+from my_app_name.module.auth.service.user.user_service import UserService
+
+user_service = UserService(logger, user_repository=user_repository)

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/gateway/route.py

@@ -1,11 +1,42 @@
-from fastapi import FastAPI
-from my_app_name.common.app import app
+import os
+
+from fastapi import FastAPI, HTTPException, Request
+from fastapi.exception_handlers import http_exception_handler
+from fastapi.responses import HTMLResponse
+from my_app_name.common.app_factory import app
 from my_app_name.common.schema import BasicResponse
-from my_app_name.config import APP_MAIN_MODULE, APP_MODE, APP_MODULES
+from my_app_name.config import (
+    APP_GATEWAY_VIEW_PATH,
+    APP_MAIN_MODULE,
+    APP_MODE,
+    APP_MODULES,
+)
 from my_app_name.module.gateway.subroute.auth import serve_auth_route
+from my_app_name.module.gateway.util.view import render, render_error
+
+
+def serve_route(app: FastAPI):
+    if APP_MODE != "monolith" and "gateway" not in APP_MODULES:
+        return
+    if APP_MODE == "monolith" or APP_MAIN_MODULE == "gateway":
+        _serve_health_check(app)
+        _serve_readiness_check(app)
+        _serve_homepage(app)
+        _handle_404(app)
+
+    # Serve auth routes
+    serve_auth_route(app)
 
 
-def serve_health_check(app: FastAPI):
+def _serve_homepage(app: FastAPI):
+    @app.get("/", include_in_schema=False)
+    def home_page():
+        return render(
+            view_path=os.path.join(APP_GATEWAY_VIEW_PATH, "content", "homepage.html")
+        )
+
+
+def _serve_health_check(app: FastAPI):
     @app.api_route("/health", methods=["GET", "HEAD"], response_model=BasicResponse)
     async def health():
         """
@@ -14,7 +45,7 @@ def serve_health_check(app: FastAPI):
         return BasicResponse(message="ok")
 
 
-def serve_readiness_check(app: FastAPI):
+def _serve_readiness_check(app: FastAPI):
     @app.api_route("/readiness", methods=["GET", "HEAD"], response_model=BasicResponse)
     async def readiness():
         """
@@ -23,15 +54,13 @@ def serve_readiness_check(app: FastAPI):
         return BasicResponse(message="ok")
 
 
-def serve_route(app: FastAPI):
-    if APP_MODE != "monolith" and "gateway" not in APP_MODULES:
-        return
-    if APP_MODE == "monolith" or APP_MAIN_MODULE == "gateway":
-        serve_health_check(app)
-        serve_readiness_check(app)
-
-    # Serve Auth Route
-    serve_auth_route(app)
+def _handle_404(app: FastAPI):
+    @app.exception_handler(404)
+    async def default_404(request: Request, exc: HTTPException) -> HTMLResponse:
+        if request.url.path.startswith("/api"):
+            # Re-raise the exception to let FastAPI handle it
+            return await http_exception_handler(request, exc)
+        return render_error(error_message="Not found", status_code=404)
 
 
 serve_route(app)