PyPI - zrb - Versions diffs - 1.0.0b9__py3-none-any.whl → 1.1.0__py3-none-any.whl - Mend

zrb 1.0.0b9py3-none-any.whl → 1.1.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (88) hide show

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/auth/migration/versions/8ed025bcc845_create_permissions.py ADDED Viewed

@@ -0,0 +1,69 @@
+"""create_permissions
+Revision ID: 8ed025bcc845
+Revises: 3093c7336477
+Create Date: 2025-02-08 19:09:14.536559
+"""
+from typing import Sequence, Union
+import sqlalchemy as sa
+import sqlmodel  # 🔥 FastApp Modification
+from alembic import op
+from module.auth.migration_metadata import metadata
+# revision identifiers, used by Alembic.
+revision: str = "8ed025bcc845"
+down_revision: Union[str, None] = "3093c7336477"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+def upgrade() -> None:
+    op.bulk_insert(
+        metadata.tables["permissions"],
+        [
+            # permission
+            {"name": "permission:create", "description": "create permission"},
+            {"name": "permission:read", "description": "read permission"},
+            {"name": "permission:update", "description": "update permission"},
+            {"name": "permission:delete", "description": "delete permission"},
+            # role
+            {"name": "role:create", "description": "create role"},
+            {"name": "role:read", "description": "read role"},
+            {"name": "role:update", "description": "update role"},
+            {"name": "role:delete", "description": "delete role"},
+            # user
+            {"name": "user:create", "description": "create user"},
+            {"name": "user:read", "description": "read user"},
+            {"name": "user:update", "description": "update user"},
+            {"name": "user:delete", "description": "delete user"},
+        ],
+    )
+    # ### end Alembic commands ###
+def downgrade() -> None:
+    op.execute(
+        sa.delete(metadata.tables["permissions"]).where(
+            metadata.tables["permissions"].c.name.in_(
+                # user
+                "user:create",
+                "user:read",
+                "user:update",
+                "user:delete",
+                # role
+                "role:create",
+                "role:read",
+                "role:update",
+                "role:delete",
+                # permission
+                "permission:create",
+                "permission:read",
+                "permission:update",
+                "permission:delete",
+            )
+        )
+    )
+    # ### end Alembic commands ###

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/auth/service/user/repository/user_db_repository.py CHANGED Viewed

@@ -49,7 +49,7 @@ class UserDBRepository(
     def _select(self) -> Select:
         return (
-            select(User, Role, Permission, UserSession)
+            select(User, Role, Permission)
             .join(UserRole, UserRole.user_id == User.id, isouter=True)
             .join(Role, Role.id == UserRole.role_id, isouter=True)
             .join(RolePermission, RolePermission.role_id == Role.id, isouter=True)
@@ -62,7 +62,7 @@ class UserDBRepository(
         user_map: dict[str, dict[str, Any]] = {}
         user_role_map: dict[str, list[str]] = {}
         user_permission_map: dict[str, list[str]] = {}
-        for user, role, permission, _ in rows:
+        for user, role, permission in rows:
             if user.id not in user_map:
                 user_map[user.id] = {"user": user, "roles": [], "permissions": []}
                 user_role_map[user.id] = []
@@ -241,6 +241,9 @@ class UserDBRepository(
         return UserSessionResponse(
             id=user_session.id,
             user_id=user_session.user_id,
+            access_token=user_session.access_token,
             access_token_expired_at=user_session.access_token_expired_at,
+            refresh_token=user_session.refresh_token,
             refresh_token_expired_at=user_session.refresh_token_expired_at,
+            token_type="bearer",
         )

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/auth/service/user/user_service.py CHANGED Viewed

@@ -46,8 +46,20 @@ class UserService(BaseService):
         methods=["get"],
         response_model=AuthUserResponse,
     )
-    async def get_current_user(self, access_token: str) -> AuthUserResponse:
-        return self._get_auth_user_by_access_token(access_token)
+    async def get_current_user(self, access_token: str | None) -> AuthUserResponse:
+        if access_token is None or access_token == "":
+            return self._get_guest_user()
+        try:
+            user_session = await self.user_repository.get_user_session_by_access_token(
+                access_token
+            )
+            user_id = user_session.user_id
+            if user_id == self.config.super_user:
+                return self._get_super_user()
+            user = await self.user_repository.get_by_id(user_id)
+            return self._to_auth_user_response(user)
+        except NotFoundError:
+            return self._get_guest_user()
     @BaseService.route(
         "/api/v1/user-sessions",
@@ -78,7 +90,7 @@ class UserService(BaseService):
     async def update_user_session(self, refresh_token: str) -> UserSessionResponse:
         current_user = await self._get_auth_user_by_refresh_token(refresh_token)
         current_user_session = (
-            await self.user_respository.get_user_sesion_by_refresh_token(refresh_token)
+            await self.user_repository.get_user_session_by_refresh_token(refresh_token)
         )
         token_data = self._create_user_token_data(current_user.username)
         return await self.user_repository.update_user_session(
@@ -94,7 +106,7 @@ class UserService(BaseService):
     )
     async def delete_user_session(self, refresh_token: str) -> UserSessionResponse:
         current_user_session = (
-            await self.user_respository.get_user_sesion_by_refresh_token(refresh_token)
+            await self.user_repository.get_user_session_by_refresh_token(refresh_token)
         )
         await self.user_repository.delete_user_sessions([current_user_session.id])
         return current_user_session
@@ -231,23 +243,6 @@ class UserService(BaseService):
         user = await self.user_repository.get_by_id(user_id)
         return self._to_auth_user_response(user)
-    async def _get_auth_user_by_access_token(
-        self, access_token: str
-    ) -> AuthUserResponse:
-        if access_token is None or access_token == "":
-            return self._get_guest_user()
-        user_session = await self.user_repository.get_user_session_by_access_token(
-            access_token
-        )
-        user_id = user_session.user_id
-        if user_id == self.config.super_user:
-            return self._get_super_user()
-        try:
-            user = await self.user_repository.get_by_id(user_id)
-            return self._to_auth_user_response(user)
-        except NotFoundError:
-            return self._get_guest_user()
     async def _get_user_by_credentials(
         self, credentials: UserCredentials
     ) -> AuthUserResponse:

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/gateway/config/navigation.py ADDED Viewed

@@ -0,0 +1,39 @@
+from my_app_name.module.gateway.schema.navigation import Navigation, Page, PageGroup
+APP_NAVIGATION = Navigation()
+APP_NAVIGATION.append_page(Page(name="gateway.home", caption="Home", url="/"))
+auth_menu = APP_NAVIGATION.append_page_group(
+    PageGroup(
+        name="auth",
+        caption="Authorization",
+    )
+)
+auth_menu.append_page(
+    Page(
+        name="auth.permission",
+        caption="Permission",
+        url="/auth/permissions",
+        permission="permission:read",
+    )
+)
+auth_menu.append_page(
+    Page(
+        name="auth.role",
+        caption="Role",
+        url="/auth/roles",
+        permission="role:read",
+    )
+)
+auth_menu.append_page(
+    Page(
+        name="auth.user",
+        caption="User",
+        url="/auth/users",
+        permission="user:read",
+    )
+)

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/gateway/route.py CHANGED Viewed

@@ -1,18 +1,21 @@
-import os
+from typing import Annotated
-from fastapi import FastAPI, HTTPException, Request
+from fastapi import Depends, FastAPI, HTTPException, Request
 from fastapi.exception_handlers import http_exception_handler
-from fastapi.responses import HTMLResponse
+from fastapi.responses import HTMLResponse, RedirectResponse
 from my_app_name.common.app_factory import app
 from my_app_name.common.schema import BasicResponse
 from my_app_name.config import (
-    APP_GATEWAY_VIEW_PATH,
+    APP_AUTH_ACCESS_TOKEN_COOKIE_NAME,
     APP_MAIN_MODULE,
     APP_MODE,
     APP_MODULES,
 )
+from my_app_name.module.auth.client.auth_client_factory import auth_client
 from my_app_name.module.gateway.subroute.auth import serve_auth_route
-from my_app_name.module.gateway.util.view import render, render_error
+from my_app_name.module.gateway.util.auth import get_current_user
+from my_app_name.module.gateway.util.view import render_content, render_error
+from my_app_name.schema.user import AuthUserResponse
 def serve_route(app: FastAPI):
@@ -21,18 +24,48 @@ def serve_route(app: FastAPI):
     if APP_MODE == "monolith" or APP_MAIN_MODULE == "gateway":
         _serve_health_check(app)
         _serve_readiness_check(app)
-        _serve_homepage(app)
+        _serve_common_pages(app)
         _handle_404(app)
     # Serve auth routes
     serve_auth_route(app)
-def _serve_homepage(app: FastAPI):
+def _serve_common_pages(app: FastAPI):
     @app.get("/", include_in_schema=False)
-    def home_page():
-        return render(
-            view_path=os.path.join(APP_GATEWAY_VIEW_PATH, "content", "homepage.html")
+    def home_page(
+        current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    ):
+        return render_content(
+            view_path="homepage.html",
+            current_user=current_user,
+            page_name="gateway.home",
+        )
+    @app.get("/login", include_in_schema=False)
+    def login_page(
+        current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    ):
+        if not current_user.is_guest:
+            return RedirectResponse("/")
+        return render_content(
+            view_path="login.html",
+            current_user=current_user,
+            page_name="gateway.home",
+            partials={"show_user_info": False},
+        )
+    @app.get("/logout", include_in_schema=False)
+    def logout_page(
+        current_user: Annotated[AuthUserResponse, Depends(get_current_user)],
+    ):
+        if current_user is None:
+            return RedirectResponse("/")
+        return render_content(
+            view_path="logout.html",
+            current_user=current_user,
+            page_name="gateway.home",
+            partials={"show_user_info": False},
         )
@@ -60,7 +93,15 @@ def _handle_404(app: FastAPI):
         if request.url.path.startswith("/api"):
             # Re-raise the exception to let FastAPI handle it
             return await http_exception_handler(request, exc)
-        return render_error(error_message="Not found", status_code=404)
+        # Get current user by cookies
+        current_user = None
+        cookie_access_token = request.cookies.get(APP_AUTH_ACCESS_TOKEN_COOKIE_NAME)
+        if cookie_access_token is not None and cookie_access_token != "":
+            current_user = await auth_client.get_current_user(cookie_access_token)
+        # Show error page
+        return render_error(
+            error_message="Not found", status_code=404, current_user=current_user
+        )
 serve_route(app)

zrb/builtin/project/add/fastapp/fastapp_template/my_app_name/module/gateway/schema/navigation.py ADDED Viewed

@@ -0,0 +1,95 @@
+from my_app_name.schema.user import AuthUserResponse
+from pydantic import BaseModel
+class Page(BaseModel):
+    name: str
+    caption: str
+    url: str
+    permission: str | None = None
+class AccessiblePage(BaseModel):
+    name: str
+    caption: str
+    url: str
+    active: bool
+class PageGroup(BaseModel):
+    name: str
+    caption: str
+    pages: list[Page] = []
+    def append_page(self, submenu: Page) -> Page:
+        self.pages.append(submenu)
+        return submenu
+    def get_accessible_pages(
+        self, submenu_name: str | None = None, user: AuthUserResponse | None = None
+    ) -> list[AccessiblePage]:
+        return [
+            AccessiblePage(
+                name=page.name,
+                caption=page.caption,
+                url=page.url,
+                active=page.name == submenu_name,
+            )
+            for page in self.pages
+            if _has_permission(user, page.permission)
+        ]
+class AccessiblePageGroup(BaseModel):
+    name: str
+    caption: str
+    pages: list[AccessiblePage]
+    active: bool
+class Navigation(BaseModel):
+    items: list[PageGroup | Page] = []
+    def append_page_group(self, page_group: PageGroup) -> PageGroup:
+        self.items.append(page_group)
+        return page_group
+    def append_page(self, page: Page) -> Page:
+        self.items.append(page)
+        return page
+    def get_accessible_items(
+        self, page_name: str | None, user: AuthUserResponse | None
+    ) -> list[AccessiblePageGroup | AccessiblePage]:
+        accessible_items = []
+        for item in self.items:
+            if isinstance(item, Page) and _has_permission(user, item.permission):
+                accessible_items.append(
+                    AccessiblePage(
+                        name=item.name,
+                        caption=item.caption,
+                        url=item.url,
+                        active=item.name == page_name,
+                    )
+                )
+                continue
+            accessible_submenus = item.get_accessible_pages(page_name, user)
+            if accessible_submenus:
+                active = any(submenu.active for submenu in accessible_submenus)
+                accessible_items.append(
+                    AccessiblePageGroup(
+                        name=item.name,
+                        caption=item.caption,
+                        pages=accessible_submenus,
+                        active=active,
+                    )
+                )
+        return accessible_items
+def _has_permission(user: AuthUserResponse | None, permission: str | None):
+    if permission is None:
+        return True
+    if user is not None:
+        return user.has_permission(permission)
+    return False

zrb 1.0.0b9__py3-none-any.whl → 1.1.0__py3-none-any.whl

zrb 1.0.0b9py3-none-any.whl → 1.1.0py3-none-any.whl