PyPI - zrb - Versions diffs - 1.0.0b9__py3-none-any.whl → 1.0.0b10__py3-none-any.whl - Mend

zrb 1.0.0b9py3-none-any.whl → 1.0.0b10py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (61) hide show

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/.coveragerc ADDED Viewed

@@ -0,0 +1,11 @@
+[run]
+omit =
+    _zrb/*
+[report]
+# Show missing lines in the terminal report
+show_missing = True
+[html]
+# Set the output directory for HTML reports (optional)
+directory = htmlcov

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/.gitignore CHANGED Viewed

@@ -2,3 +2,7 @@ __pycache__
 .venv
 .env
 *.db
+htmlcov
+.coverage
+.pytest_cache

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/_zrb/column/add_column_task.py CHANGED Viewed

@@ -11,7 +11,7 @@ from my_app_name._zrb.input import (
 from my_app_name._zrb.util import get_existing_schema_names
 from zrb import AnyContext, Task, make_task
-from zrb.util.codemod.prepend_property_to_class import prepend_property_to_class
+from zrb.util.codemod.modify_class_property import append_property_to_class
 from zrb.util.file import read_file, write_file
 from zrb.util.string.conversion import to_pascal_case, to_snake_case
@@ -45,7 +45,7 @@ def update_my_app_name_schema(ctx: AnyContext):
     snake_column_name = to_snake_case(ctx.input.column)
     column_type = ctx.input.type
     # Base
-    new_code = prepend_property_to_class(
+    new_code = append_property_to_class(
         original_code=existing_code,
         class_name=f"{pascal_entity_name}Base",
         property_name=snake_column_name,
@@ -53,7 +53,7 @@ def update_my_app_name_schema(ctx: AnyContext):
         default_value=_get_default_value(column_type),
     )
     # Update
-    new_code = prepend_property_to_class(
+    new_code = append_property_to_class(
         original_code=new_code,
         class_name=f"{pascal_entity_name}Update",
         property_name=snake_column_name,
@@ -61,7 +61,7 @@ def update_my_app_name_schema(ctx: AnyContext):
         default_value="None",
     )
     # Table
-    new_code = prepend_property_to_class(
+    new_code = append_property_to_class(
         original_code=new_code,
         class_name=f"{pascal_entity_name}",
         property_name=snake_column_name,

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/_zrb/config.py CHANGED Viewed

@@ -13,6 +13,11 @@ MONOLITH_ENV_VARS = {
     "MY_APP_NAME_MODE": "monolith",
     "MY_APP_NAME_MODULES": "",
 }
+TEST_ENV_VARS = {
+    "MY_APP_NAME_DB_URL": f"sqlite:///{APP_DIR}/test.db",
+    "MY_APP_NAME_AUTH_PRIORITIZE_NEW_SESSION": "1",  # Need this because we will launch a new user session for each test
+    "MY_APP_NAME_AUTH_GUEST_USER_PERMISSIONs": "",  # Guest user should not has any privilege for testing
+}
 if platform.system() == "Windows":
     ACTIVATE_VENV_SCRIPT = "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser; . .venv\\Scripts\\Activate"  # noqa

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/_zrb/entity/add_entity_task.py CHANGED Viewed

@@ -2,8 +2,14 @@ import os
 from my_app_name._zrb.config import ACTIVATE_VENV_SCRIPT, APP_DIR
 from my_app_name._zrb.entity.add_entity_util import (
+    get_add_permission_migration_script,
+    get_auth_migration_version_dir,
+    get_existing_auth_migration_file_names,
+    get_existing_auth_migration_xcom_key,
+    get_remove_permission_migration_script,
     is_in_app_schema_dir,
     is_in_module_entity_dir,
+    is_in_module_entity_test_dir,
     is_module_api_client_file,
     is_module_client_file,
     is_module_direct_client_file,
@@ -42,8 +48,11 @@ from zrb import (
     EnvFile,
     Scaffolder,
     Task,
+    Xcom,
     make_task,
 )
+from zrb.util.codemod.modify_function import replace_function_code
+from zrb.util.file import read_file, write_file
 from zrb.util.string.conversion import to_snake_case
@@ -105,6 +114,18 @@ scaffold_my_app_name_entity = Scaffolder(
                 "my-entities": "{to_kebab_case(ctx.input.plural)}",
             },
         ),
+        # Test transformation (my_app_name/test/my_module/my_entity)
+        ContentTransformer(
+            name="transform-module-entity-test-dir",
+            match=is_in_module_entity_test_dir,
+            transform={
+                "my_module": "{to_snake_case(ctx.input.module)}",
+                "my_entity": "{to_snake_case(ctx.input.entity)}",
+                "my-entity": "{to_kebab_case(ctx.input.entity)}",
+                "my-entities": "{to_kebab_case(ctx.input.plural)}",
+                "my_column": "{to_snake_case(ctx.input.column)}",
+            },
+        ),
         # Add entity to migration metadata
         # (my_app_name/module/snake_module_name/migration_metadata.py)
         ContentTransformer(
@@ -177,11 +198,96 @@ create_my_app_name_entity_migration = CmdTask(
     ],
 )
+@make_task(
+    name="inspect-my-app-name-auth-migration",
+    input=new_entity_input,
+    retries=0,
+    upstream=scaffold_my_app_name_entity,
+)
+def inspect_my_app_name_auth_migration(ctx: AnyContext):
+    """Getting existing migration files in auth module"""
+    migration_file_names = get_existing_auth_migration_file_names()
+    xcom_key = get_existing_auth_migration_xcom_key(ctx)
+    if xcom_key not in ctx.xcom:
+        ctx.xcom[xcom_key] = Xcom([])
+    ctx.xcom[xcom_key].push(migration_file_names)
+create_my_app_name_entity_permission = CmdTask(
+    name="create-my-app-name-entity-permission",
+    input=[
+        new_entity_input,
+    ],
+    env=EnvFile(path=os.path.join(APP_DIR, "template.env")),
+    cwd=APP_DIR,
+    cmd=[
+        ACTIVATE_VENV_SCRIPT,
+        Cmd(lambda ctx: set_create_migration_db_url_env("auth")),
+        Cmd(lambda ctx: set_env("MY_APP_NAME_MODULES", "auth")),
+        Cmd(lambda ctx: cd_module_script("auth")),
+        "alembic upgrade head",
+        Cmd(
+            'alembic revision --autogenerate -m "create_{to_snake_case(ctx.input.entity)}_permission"',  # noqa
+        ),
+    ],
+    render_cmd=False,
+    retries=0,
+    upstream=[
+        prepare_venv,
+        inspect_my_app_name_auth_migration,
+    ],
+)
+@make_task(
+    name="update-my-app-name-entity-permission",
+    input=new_entity_input,
+    retries=0,
+    upstream=create_my_app_name_entity_permission,
+)
+def update_my_app_name_entity_permission(ctx: AnyContext):
+    xcom_key = get_existing_auth_migration_xcom_key(ctx)
+    existing_migration_file_names = ctx.xcom[xcom_key].pop()
+    current_migration_file_names = get_existing_auth_migration_file_names()
+    new_migration_file_names = [
+        file_name
+        for file_name in current_migration_file_names
+        if file_name not in existing_migration_file_names
+    ]
+    if len(new_migration_file_names) == 0:
+        raise Exception("No migration file created")
+    new_migration_file_path = os.path.join(
+        get_auth_migration_version_dir(), new_migration_file_names[0]
+    )
+    new_migration_code = read_file(
+        new_migration_file_path,
+        {
+            "from alembic import op": "\n".join(
+                [
+                    "from alembic import op",
+                    "from module.auth.migration_metadata import metadata",
+                ]
+            ),
+        },
+    )
+    new_migration_code = replace_function_code(
+        new_migration_code, "upgrade", get_add_permission_migration_script(ctx)
+    )
+    new_migration_code = replace_function_code(
+        new_migration_code, "downgrade", get_remove_permission_migration_script(ctx)
+    )
+    write_file(new_migration_file_path, new_migration_code)
 add_my_app_name_entity = app_create_group.add_task(
     Task(
         name="add-my-app-name-entity",
         description="🏗️ Create new entity on a module",
-        upstream=create_my_app_name_entity_migration,
+        upstream=[
+            create_my_app_name_entity_migration,
+            update_my_app_name_entity_permission,
+        ],
         successor=format_my_app_name_code,
         retries=0,
     ),

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/_zrb/entity/add_entity_util.py CHANGED Viewed

@@ -3,20 +3,83 @@ import os
 from my_app_name._zrb.config import APP_DIR
 from zrb.context.any_context import AnyContext
-from zrb.util.codemod.append_code_to_class import append_code_to_class
-from zrb.util.codemod.append_code_to_function import append_code_to_function
-from zrb.util.codemod.prepend_code_to_module import prepend_code_to_module
-from zrb.util.codemod.prepend_parent_to_class import prepend_parent_class
+from zrb.util.codemod.modify_class import append_code_to_class
+from zrb.util.codemod.modify_class_parent import prepend_parent_class
+from zrb.util.codemod.modify_function import append_code_to_function
+from zrb.util.codemod.modify_module import prepend_code_to_module
 from zrb.util.file import read_file, write_file
 from zrb.util.string.conversion import to_kebab_case, to_pascal_case, to_snake_case
+def get_add_permission_migration_script(ctx: AnyContext) -> str:
+    kebab_entity_name = to_kebab_case(ctx.input.entity)
+    return "\n".join(
+        [
+            "op.bulk_insert(",
+            '    metadata.tables["permissions"],',
+            "    [",
+            f'        {{"name": "{kebab_entity_name}:create", "description": "create {kebab_entity_name}"}},',  # noqa
+            f'        {{"name": "{kebab_entity_name}:read", "description": "read {kebab_entity_name}"}},',  # noqa
+            f'        {{"name": "{kebab_entity_name}:update", "description": "update {kebab_entity_name}"}},',  # noqa
+            f'        {{"name": "{kebab_entity_name}:delete", "description": "delete {kebab_entity_name}"}},',  # noqa
+            "    ]",
+            ")",
+        ]
+    )
+def get_remove_permission_migration_script(ctx: AnyContext) -> str:
+    kebab_entity_name = to_kebab_case(ctx.input.entity)
+    return "\n".join(
+        [
+            "op.execute(",
+            '    sa.delete(metadata.tables["permissions"])',
+            '    .where(metadata.tables["permissions"].c.name.in_(',
+            f'        "{kebab_entity_name}:create",',
+            f'        "{kebab_entity_name}:read",',
+            f'        "{kebab_entity_name}:update",',
+            f'        "{kebab_entity_name}:delete",',
+            "    ))",
+            ")",
+        ]
+    )
+def get_auth_migration_version_dir() -> str:
+    return os.path.join(APP_DIR, "module", "auth", "migration", "versions")
+def get_existing_auth_migration_file_names() -> list[str]:
+    migration_version_dir = get_auth_migration_version_dir()
+    return [
+        file_name
+        for file_name in os.listdir(migration_version_dir)
+        if file_name.endswith(".py")
+    ]
+def get_existing_auth_migration_xcom_key(ctx: AnyContext) -> str:
+    snake_entity_name = to_snake_case(ctx.input.entity)
+    return f"existing_my_app_name_auth_{snake_entity_name}_migration"
 def is_in_app_schema_dir(ctx: AnyContext, file_path: str) -> bool:
     return file_path.startswith(
         os.path.join(APP_DIR, "schema", to_snake_case(ctx.input.entity))
     )
+def is_in_module_entity_test_dir(ctx: AnyContext, file_path: str) -> bool:
+    return file_path.startswith(
+        os.path.join(
+            APP_DIR,
+            "test",
+            to_snake_case(ctx.input.module),
+            to_snake_case(ctx.input.entity),
+        )
+    )
 def is_in_module_entity_dir(ctx: AnyContext, file_path: str) -> bool:
     return file_path.startswith(
         os.path.join(

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/_zrb/entity/template/app_template/test/my_module/my_entity/test_create_my_entity.py ADDED Viewed

@@ -0,0 +1,53 @@
+from fastapi.testclient import TestClient
+from my_app_name.main import app
+from my_app_name.test._util.access_token import get_admin_access_token
+def test_create_my_entity():
+    client = TestClient(app, base_url="http://localhost")
+    access_token = get_admin_access_token()
+    new_my_entity_data = {
+        "my_column": "new-my-entity",
+    }
+    response = client.post(
+        "/api/v1/my-entities",
+        json=new_my_entity_data,
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert response.status_code == 200
+    response_data = response.json()
+    assert response_data.get("id") is not None
+    assert response_data.get("id") != ""
+    assert response_data.get("my_column") == "new-my-entity"
+def test_create_my_entity_bulk():
+    client = TestClient(app, base_url="http://localhost")
+    access_token = get_admin_access_token()
+    new_first_my_entity_data = {
+        "my_column": "new-my-entity-bulk-1",
+    }
+    new_second_my_entity_data = {
+        "my_column": "new-my-entity-bulk-2",
+    }
+    new_my_entity_data = [new_first_my_entity_data, new_second_my_entity_data]
+    response = client.post(
+        "/api/v1/my-entities/bulk",
+        json=new_my_entity_data,
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert response.status_code == 200
+    response_data = response.json()
+    assert len(response_data) == 2
+    # Id should not be empty
+    assert response_data[0] is not None
+    assert response_data[0] != ""
+    assert response_data[1] is not None
+    assert response_data[1] != ""
+    # Data should match
+    assert new_first_my_entity_data["my_column"] in [
+        row["my_column"] for row in response_data
+    ]
+    assert new_second_my_entity_data["my_column"] in [
+        row["my_column"] for row in response_data
+    ]

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/_zrb/entity/template/app_template/test/my_module/my_entity/test_delete_my_entity.py ADDED Viewed

@@ -0,0 +1,62 @@
+from fastapi.testclient import TestClient
+from my_app_name.main import app
+from my_app_name.test._util.access_token import get_admin_access_token
+def test_delete_my_entity():
+    client = TestClient(app, base_url="http://localhost")
+    access_token = get_admin_access_token()
+    new_my_entity_data = {
+        "my_column": "to-be-deleted-my-entity",
+    }
+    insert_response = client.post(
+        "/api/v1/my-entities",
+        json=new_my_entity_data,
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert insert_response.status_code == 200
+    id = insert_response.json().get("id")
+    # deleting
+    response = client.delete(
+        f"/api/v1/my-entities/{id}", headers={"Authorization": f"Bearer {access_token}"}
+    )
+    assert response.status_code == 200
+    response_data = response.json()
+    assert response_data.get("id") == id
+    assert response_data.get("my_column") == "to-be-deleted-my-entity"
+def test_delete_my_entity_bulk():
+    client = TestClient(app, base_url="http://localhost")
+    access_token = get_admin_access_token()
+    new_first_my_entity_data = {
+        "my_column": "to-be-deleted-my-entity-bulk-1",
+    }
+    new_second_my_entity_data = {
+        "my_column": "to-be-deleted-my-entity-bulk-2",
+    }
+    new_my_entity_data = [new_first_my_entity_data, new_second_my_entity_data]
+    insert_response = client.post(
+        "/api/v1/my-entities/bulk",
+        json=new_my_entity_data,
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert insert_response.status_code == 200
+    ids = [row["id"] for row in insert_response.json()]
+    # deleting (use client.request since client.delete doesn't support json param)
+    response = client.request(
+        "DELETE",
+        f"/api/v1/my-entities/bulk",
+        json=ids,
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert response.status_code == 200
+    response_data = response.json()
+    # Data should match
+    assert len([row["id"] for row in response_data if row["id"] in ids]) == 2
+    assert new_first_my_entity_data["my_column"] in [
+        row["my_column"] for row in response_data
+    ]
+    assert new_second_my_entity_data["my_column"] in [
+        row["my_column"] for row in response_data
+    ]

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/_zrb/entity/template/app_template/test/my_module/my_entity/test_read_my_entity.py ADDED Viewed

@@ -0,0 +1,65 @@
+from fastapi.testclient import TestClient
+from my_app_name.main import app
+from my_app_name.test._util.access_token import get_admin_access_token
+def test_read_my_entity_by_id():
+    client = TestClient(app, base_url="http://localhost")
+    access_token = get_admin_access_token()
+    new_my_entity_data = {
+        "my_column": "to-be-read-my-entity",
+    }
+    insert_response = client.post(
+        "/api/v1/my-entities",
+        json=new_my_entity_data,
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert insert_response.status_code == 200
+    id = insert_response.json().get("id")
+    # fetching
+    response = client.get(
+        f"/api/v1/my-entities/{id}", headers={"Authorization": f"Bearer {access_token}"}
+    )
+    assert response.status_code == 200
+    response_data = response.json()
+    assert response_data.get("id") == id
+    assert response_data.get("my_column") == "to-be-read-my-entity"
+def test_read_my_entity_bulk():
+    client = TestClient(app, base_url="http://localhost")
+    access_token = get_admin_access_token()
+    new_first_my_entity_data = {
+        "my_column": "to-be-read-my-entity-bulk-1",
+    }
+    new_second_my_entity_data = {
+        "my_column": "to-be-read-my-entity-bulk-2",
+    }
+    new_my_entity_data = [new_first_my_entity_data, new_second_my_entity_data]
+    insert_response = client.post(
+        "/api/v1/my-entities/bulk",
+        json=new_my_entity_data,
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert insert_response.status_code == 200
+    ids = [row["id"] for row in insert_response.json()]
+    # fetching
+    response = client.get(
+        f"/api/v1/my-entities",
+        params={
+            "filter": "my_column:like:to-be-read-my-entity-bulk-%",
+        },
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert response.status_code == 200
+    response_data_count = response.json()["count"]
+    assert response_data_count == 2
+    response_data = response.json()["data"]
+    # Data should match
+    assert len([row["id"] for row in response_data if row["id"] in ids]) == 2
+    assert new_first_my_entity_data["my_column"] in [
+        row["my_column"] for row in response_data
+    ]
+    assert new_second_my_entity_data["my_column"] in [
+        row["my_column"] for row in response_data
+    ]

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/_zrb/entity/template/app_template/test/my_module/my_entity/test_update_my_entity.py ADDED Viewed

@@ -0,0 +1,61 @@
+from fastapi.testclient import TestClient
+from my_app_name.main import app
+from my_app_name.test._util.access_token import get_admin_access_token
+def test_update_my_entity():
+    client = TestClient(app, base_url="http://localhost")
+    access_token = get_admin_access_token()
+    new_my_entity_data = {
+        "my_column": "to-be-updated-my-entity",
+    }
+    insert_response = client.post(
+        "/api/v1/my-entities",
+        json=new_my_entity_data,
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert insert_response.status_code == 200
+    id = insert_response.json().get("id")
+    # updating
+    updated_my_entity_data = {
+        "my_column": "updated-my-entity",
+    }
+    response = client.put(
+        f"/api/v1/my-entities/{id}",
+        json=updated_my_entity_data,
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert response.status_code == 200
+    response_data = response.json()
+    assert response_data.get("id") == id
+    assert response_data.get("my_column") == "updated-my-entity"
+def test_update_my_entity_bulk():
+    client = TestClient(app, base_url="http://localhost")
+    access_token = get_admin_access_token()
+    new_first_my_entity_data = {
+        "my_column": "to-be-updated-my-entity-bulk-1",
+    }
+    insert_response = client.post(
+        "/api/v1/my-entities/bulk",
+        json=[new_first_my_entity_data],
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert insert_response.status_code == 200
+    ids = [row["id"] for row in insert_response.json()]
+    # updating (we only test with one data)
+    updated_my_entity_data = {"my_column": "updated-my-entity-bulk-1"}
+    response = client.put(
+        f"/api/v1/my-entities/bulk",
+        json={
+            "my_entity_ids": ids,
+            "data": updated_my_entity_data,
+        },
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    assert response.status_code == 200
+    response_data = response.json()
+    assert len(response_data) == 1
+    response_data[0].get("id") == ids[0]
+    response_data[0].get("my_column") == updated_my_entity_data["my_column"]

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/_zrb/entity/template/gateway_subroute.py CHANGED Viewed

@@ -3,18 +3,26 @@
 @app.get("/api/v1/my-entities", response_model=MultipleMyEntityResponse)
 async def get_my_entities(
+    current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
     page: int = 1,
     page_size: int = 10,
     sort: str | None = None,
     filter: str | None = None,
 ) -> MultipleMyEntityResponse:
+    if not current_user.has_permission("my-entity:read"):
+        raise ForbiddenError("Access denied")
     return await my_module_client.get_my_entities(
         page=page, page_size=page_size, sort=sort, filter=filter
     )
 @app.get("/api/v1/my-entities/{my_entity_id}", response_model=MyEntityResponse)
-async def get_my_entity_by_id(my_entity_id: str) -> MyEntityResponse:
+async def get_my_entity_by_id(
+    current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    my_entity_id: str,
+) -> MyEntityResponse:
+    if not current_user.has_permission("my-entity:read"):
+        raise ForbiddenError("Access denied")
     return await my_module_client.get_my_entity_by_id(my_entity_id)
@@ -22,9 +30,14 @@ async def get_my_entity_by_id(my_entity_id: str) -> MyEntityResponse:
     "/api/v1/my-entities/bulk",
     response_model=list[MyEntityResponse],
 )
-async def create_my_entity_bulk(data: list[MyEntityCreate]):
+async def create_my_entity_bulk(
+    current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    data: list[MyEntityCreate],
+) -> list[MyEntityResponse]:
+    if not current_user.has_permission("my-entity:create"):
+        raise ForbiddenError("Access denied")
     return await my_module_client.create_my_entity_bulk(
-        [row.with_audit(created_by="system") for row in data]
+        [row.with_audit(created_by=current_user.id) for row in data]
     )
@@ -32,17 +45,30 @@ async def create_my_entity_bulk(data: list[MyEntityCreate]):
     "/api/v1/my-entities",
     response_model=MyEntityResponse,
 )
-async def create_my_entity(data: MyEntityCreate):
-    return await my_module_client.create_my_entity(data.with_audit(created_by="system"))
+async def create_my_entity(
+    current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    data: MyEntityCreate,
+) -> MyEntityResponse:
+    if not current_user.has_permission("my-entity:create"):
+        raise ForbiddenError("Access denied")
+    return await my_module_client.create_my_entity(
+        data.with_audit(created_by=current_user.id)
+    )
 @app.put(
     "/api/v1/my-entities/bulk",
     response_model=list[MyEntityResponse],
 )
-async def update_my_entity_bulk(my_entity_ids: list[str], data: MyEntityUpdate):
+async def update_my_entity_bulk(
+    current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    my_entity_ids: list[str],
+    data: MyEntityUpdate,
+) -> list[MyEntityResponse]:
+    if not current_user.has_permission("my-entity:update"):
+        raise ForbiddenError("Access denied")
     return await my_module_client.update_my_entity_bulk(
-        my_entity_ids, data.with_audit(updated_by="system")
+        my_entity_ids, data.with_audit(updated_by=current_user.id)
     )
@@ -50,9 +76,15 @@ async def update_my_entity_bulk(my_entity_ids: list[str], data: MyEntityUpdate):
     "/api/v1/my-entities/{my_entity_id}",
     response_model=MyEntityResponse,
 )
-async def update_my_entity(my_entity_id: str, data: MyEntityUpdate):
+async def update_my_entity(
+    current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    my_entity_id: str,
+    data: MyEntityUpdate,
+) -> MyEntityResponse:
+    if not current_user.has_permission("my-entity:update"):
+        raise ForbiddenError("Access denied")
     return await my_module_client.update_my_entity(
-        my_entity_id, data.with_audit(updated_by="system")
+        my_entity_id, data.with_audit(updated_by=current_user.id)
     )
@@ -60,9 +92,14 @@ async def update_my_entity(my_entity_id: str, data: MyEntityUpdate):
     "/api/v1/my-entities/bulk",
     response_model=list[MyEntityResponse],
 )
-async def delete_my_entity_bulk(my_entity_ids: list[str]):
+async def delete_my_entity_bulk(
+    current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    my_entity_ids: list[str],
+) -> list[MyEntityResponse]:
+    if not current_user.has_permission("my-entity:delete"):
+        raise ForbiddenError("Access denied")
     return await my_module_client.delete_my_entity_bulk(
-        my_entity_ids, deleted_by="system"
+        my_entity_ids, deleted_by=current_user.id
     )
@@ -70,5 +107,12 @@ async def delete_my_entity_bulk(my_entity_ids: list[str]):
     "/api/v1/my-entities/{my_entity_id}",
     response_model=MyEntityResponse,
 )
-async def delete_my_entity(my_entity_id: str):
-    return await my_module_client.delete_my_entity(my_entity_id, deleted_by="system")
+async def delete_my_entity(
+    current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    my_entity_id: str,
+) -> MyEntityResponse:
+    if not current_user.has_permission("my-entity:delete"):
+        raise ForbiddenError("Access denied")
+    return await my_module_client.delete_my_entity(
+        my_entity_id, deleted_by=current_user.id
+    )

zrb 1.0.0b9__py3-none-any.whl → 1.0.0b10__py3-none-any.whl

zrb 1.0.0b9py3-none-any.whl → 1.0.0b10py3-none-any.whl