This commit is contained in:
24
orm/draft.py
24
orm/draft.py
@@ -28,27 +28,27 @@ class DraftAuthor(Base):
|
||||
|
||||
class Draft(Base):
|
||||
__tablename__ = "draft"
|
||||
|
||||
# required
|
||||
created_at: int = Column(Integer, nullable=False, default=lambda: int(time.time()))
|
||||
updated_at: int | None = Column(Integer, nullable=True, index=True)
|
||||
deleted_at: int | None = Column(Integer, nullable=True, index=True)
|
||||
created_by: int = Column(ForeignKey("author.id"), nullable=False)
|
||||
|
||||
body: str = Column(String, nullable=False, comment="Body")
|
||||
# optional
|
||||
layout: str = Column(String, nullable=True, default="article")
|
||||
slug: str = Column(String, unique=True)
|
||||
cover: str | None = Column(String, nullable=True, comment="Cover image url")
|
||||
cover_caption: str | None = Column(String, nullable=True, comment="Cover image alt caption")
|
||||
title: str = Column(String, nullable=True)
|
||||
subtitle: str | None = Column(String, nullable=True)
|
||||
lead: str | None = Column(String, nullable=True)
|
||||
description: str | None = Column(String, nullable=True)
|
||||
title: str = Column(String, nullable=False)
|
||||
subtitle: str | None = Column(String, nullable=True)
|
||||
layout: str = Column(String, nullable=False, default="article")
|
||||
body: str = Column(String, nullable=False, comment="Body")
|
||||
media: dict | None = Column(JSON, nullable=True)
|
||||
|
||||
cover: str | None = Column(String, nullable=True, comment="Cover image url")
|
||||
cover_caption: str | None = Column(String, nullable=True, comment="Cover image alt caption")
|
||||
lang: str = Column(String, nullable=False, default="ru", comment="Language")
|
||||
oid: str | None = Column(String, nullable=True)
|
||||
seo: str | None = Column(String, nullable=True) # JSON
|
||||
|
||||
created_by: int = Column(ForeignKey("author.id"), nullable=False)
|
||||
# auto
|
||||
updated_at: int | None = Column(Integer, nullable=True, index=True)
|
||||
deleted_at: int | None = Column(Integer, nullable=True, index=True)
|
||||
updated_by: int | None = Column(ForeignKey("author.id"), nullable=True)
|
||||
deleted_by: int | None = Column(ForeignKey("author.id"), nullable=True)
|
||||
authors = relationship(Author, secondary="draft_author")
|
||||
|
||||
176
orm/rbac.py
176
orm/rbac.py
@@ -1,176 +0,0 @@
|
||||
from services.db import REGISTRY, Base, local_session
|
||||
from utils.logger import root_logger as logger
|
||||
|
||||
from sqlalchemy.types import TypeDecorator
|
||||
from sqlalchemy.types import String
|
||||
from sqlalchemy import Column, ForeignKey, String, UniqueConstraint
|
||||
from sqlalchemy.orm import relationship
|
||||
|
||||
class ClassType(TypeDecorator):
|
||||
impl = String
|
||||
|
||||
@property
|
||||
def python_type(self):
|
||||
return NotImplemented
|
||||
|
||||
def process_literal_param(self, value, dialect):
|
||||
return NotImplemented
|
||||
|
||||
def process_bind_param(self, value, dialect):
|
||||
return value.__name__ if isinstance(value, type) else str(value)
|
||||
|
||||
def process_result_value(self, value, dialect):
|
||||
class_ = REGISTRY.get(value)
|
||||
if class_ is None:
|
||||
logger.warn(f"Can't find class <{value}>,find it yourself!", stacklevel=2)
|
||||
return class_
|
||||
|
||||
|
||||
class Role(Base):
|
||||
__tablename__ = "role"
|
||||
|
||||
name = Column(String, nullable=False, comment="Role Name")
|
||||
desc = Column(String, nullable=True, comment="Role Description")
|
||||
community = Column(
|
||||
ForeignKey("community.id", ondelete="CASCADE"),
|
||||
nullable=False,
|
||||
comment="Community",
|
||||
)
|
||||
permissions = relationship(lambda: Permission)
|
||||
|
||||
@staticmethod
|
||||
def init_table():
|
||||
with local_session() as session:
|
||||
r = session.query(Role).filter(Role.name == "author").first()
|
||||
if r:
|
||||
Role.default_role = r
|
||||
return
|
||||
|
||||
r1 = Role.create(
|
||||
name="author",
|
||||
desc="Role for an author",
|
||||
community=1,
|
||||
)
|
||||
|
||||
session.add(r1)
|
||||
|
||||
Role.default_role = r1
|
||||
|
||||
r2 = Role.create(
|
||||
name="reader",
|
||||
desc="Role for a reader",
|
||||
community=1,
|
||||
)
|
||||
|
||||
session.add(r2)
|
||||
|
||||
r3 = Role.create(
|
||||
name="expert",
|
||||
desc="Role for an expert",
|
||||
community=1,
|
||||
)
|
||||
|
||||
session.add(r3)
|
||||
|
||||
r4 = Role.create(
|
||||
name="editor",
|
||||
desc="Role for an editor",
|
||||
community=1,
|
||||
)
|
||||
|
||||
session.add(r4)
|
||||
|
||||
|
||||
class Operation(Base):
|
||||
__tablename__ = "operation"
|
||||
name = Column(String, nullable=False, unique=True, comment="Operation Name")
|
||||
|
||||
@staticmethod
|
||||
def init_table():
|
||||
with local_session() as session:
|
||||
for name in ["create", "update", "delete", "load"]:
|
||||
"""
|
||||
* everyone can:
|
||||
- load shouts
|
||||
- load topics
|
||||
- load reactions
|
||||
- create an account to become a READER
|
||||
* readers can:
|
||||
- update and delete their account
|
||||
- load chats
|
||||
- load messages
|
||||
- create reaction of some shout's author allowed kinds
|
||||
- create shout to become an AUTHOR
|
||||
* authors can:
|
||||
- update and delete their shout
|
||||
- invite other authors to edit shout and chat
|
||||
- manage allowed reactions for their shout
|
||||
* pros can:
|
||||
- create/update/delete their community
|
||||
- create/update/delete topics for their community
|
||||
|
||||
"""
|
||||
op = session.query(Operation).filter(Operation.name == name).first()
|
||||
if not op:
|
||||
op = Operation.create(name=name)
|
||||
session.add(op)
|
||||
session.commit()
|
||||
|
||||
|
||||
class Resource(Base):
|
||||
__tablename__ = "resource"
|
||||
resourceClass = Column(String, nullable=False, unique=True, comment="Resource class")
|
||||
name = Column(String, nullable=False, unique=True, comment="Resource name")
|
||||
# TODO: community = Column(ForeignKey())
|
||||
|
||||
@staticmethod
|
||||
def init_table():
|
||||
with local_session() as session:
|
||||
for res in [
|
||||
"shout",
|
||||
"topic",
|
||||
"reaction",
|
||||
"chat",
|
||||
"message",
|
||||
"invite",
|
||||
"community",
|
||||
"user",
|
||||
]:
|
||||
r = session.query(Resource).filter(Resource.name == res).first()
|
||||
if not r:
|
||||
r = Resource.create(name=res, resourceClass=res)
|
||||
session.add(r)
|
||||
session.commit()
|
||||
|
||||
|
||||
class Permission(Base):
|
||||
__tablename__ = "permission"
|
||||
__table_args__ = (
|
||||
UniqueConstraint("role", "operation", "resource"),
|
||||
{"extend_existing": True},
|
||||
)
|
||||
|
||||
role: Column = Column(ForeignKey("role.id", ondelete="CASCADE"), nullable=False, comment="Role")
|
||||
operation: Column = Column(
|
||||
ForeignKey("operation.id", ondelete="CASCADE"),
|
||||
nullable=False,
|
||||
comment="Operation",
|
||||
)
|
||||
resource: Column = Column(
|
||||
ForeignKey("resource.id", ondelete="CASCADE"),
|
||||
nullable=False,
|
||||
comment="Resource",
|
||||
)
|
||||
|
||||
|
||||
# if __name__ == "__main__":
|
||||
# Base.metadata.create_all(engine)
|
||||
# ops = [
|
||||
# Permission(role=1, operation=1, resource=1),
|
||||
# Permission(role=1, operation=2, resource=1),
|
||||
# Permission(role=1, operation=3, resource=1),
|
||||
# Permission(role=1, operation=4, resource=1),
|
||||
# Permission(role=2, operation=4, resource=1),
|
||||
# ]
|
||||
# global_session.add_all(ops)
|
||||
# global_session.commit()
|
||||
105
orm/user.py
105
orm/user.py
@@ -1,105 +0,0 @@
|
||||
from sqlalchemy import JSON as JSONType
|
||||
from sqlalchemy import Boolean, Column, DateTime, ForeignKey, Integer, String, func
|
||||
from sqlalchemy.orm import relationship
|
||||
|
||||
from services.db import Base, local_session
|
||||
from orm.rbac import Role
|
||||
|
||||
|
||||
class UserRating(Base):
|
||||
__tablename__ = "user_rating"
|
||||
|
||||
id = None
|
||||
rater: Column = Column(ForeignKey("user.id"), primary_key=True, index=True)
|
||||
user: Column = Column(ForeignKey("user.id"), primary_key=True, index=True)
|
||||
value: Column = Column(Integer)
|
||||
|
||||
@staticmethod
|
||||
def init_table():
|
||||
pass
|
||||
|
||||
|
||||
class UserRole(Base):
|
||||
__tablename__ = "user_role"
|
||||
|
||||
id = None
|
||||
user = Column(ForeignKey("user.id"), primary_key=True, index=True)
|
||||
role = Column(ForeignKey("role.id"), primary_key=True, index=True)
|
||||
|
||||
|
||||
class AuthorFollower(Base):
|
||||
__tablename__ = "author_follower"
|
||||
|
||||
id = None
|
||||
follower: Column = Column(ForeignKey("user.id"), primary_key=True, index=True)
|
||||
author: Column = Column(ForeignKey("user.id"), primary_key=True, index=True)
|
||||
createdAt = Column(
|
||||
DateTime(timezone=True), nullable=False, server_default=func.now(), comment="Created at"
|
||||
)
|
||||
auto = Column(Boolean, nullable=False, default=False)
|
||||
|
||||
|
||||
class User(Base):
|
||||
__tablename__ = "user"
|
||||
default_user = None
|
||||
|
||||
email = Column(String, unique=True, nullable=False, comment="Email")
|
||||
username = Column(String, nullable=False, comment="Login")
|
||||
password = Column(String, nullable=True, comment="Password")
|
||||
bio = Column(String, nullable=True, comment="Bio") # status description
|
||||
about = Column(String, nullable=True, comment="About") # long and formatted
|
||||
userpic = Column(String, nullable=True, comment="Userpic")
|
||||
name = Column(String, nullable=True, comment="Display name")
|
||||
slug = Column(String, unique=True, comment="User's slug")
|
||||
muted = Column(Boolean, default=False)
|
||||
emailConfirmed = Column(Boolean, default=False)
|
||||
createdAt = Column(
|
||||
DateTime(timezone=True), nullable=False, server_default=func.now(), comment="Created at"
|
||||
)
|
||||
lastSeen = Column(
|
||||
DateTime(timezone=True), nullable=False, server_default=func.now(), comment="Was online at"
|
||||
)
|
||||
deletedAt = Column(DateTime(timezone=True), nullable=True, comment="Deleted at")
|
||||
links = Column(JSONType, nullable=True, comment="Links")
|
||||
oauth = Column(String, nullable=True)
|
||||
ratings = relationship(UserRating, foreign_keys=UserRating.user)
|
||||
roles = relationship(lambda: Role, secondary=UserRole.__tablename__)
|
||||
oid = Column(String, nullable=True)
|
||||
|
||||
@staticmethod
|
||||
def init_table():
|
||||
with local_session() as session:
|
||||
default = session.query(User).filter(User.slug == "anonymous").first()
|
||||
if not default:
|
||||
default_dict = {
|
||||
"email": "noreply@discours.io",
|
||||
"username": "noreply@discours.io",
|
||||
"name": "Аноним",
|
||||
"slug": "anonymous",
|
||||
}
|
||||
default = User.create(**default_dict)
|
||||
session.add(default)
|
||||
discours_dict = {
|
||||
"email": "welcome@discours.io",
|
||||
"username": "welcome@discours.io",
|
||||
"name": "Дискурс",
|
||||
"slug": "discours",
|
||||
}
|
||||
discours = User.create(**discours_dict)
|
||||
session.add(discours)
|
||||
session.commit()
|
||||
User.default_user = default
|
||||
|
||||
def get_permission(self):
|
||||
scope = {}
|
||||
for role in self.roles:
|
||||
for p in role.permissions:
|
||||
if p.resource not in scope:
|
||||
scope[p.resource] = set()
|
||||
scope[p.resource].add(p.operation)
|
||||
print(scope)
|
||||
return scope
|
||||
|
||||
|
||||
# if __name__ == "__main__":
|
||||
# print(User.get_permission(user_id=1))
|
||||
Reference in New Issue
Block a user