logos-co
/
open-law
mirror of https://github.com/logos-co/open-law.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

permissions models

This commit is contained in:
SvyatoslavArtymovych 2023-05-24 14:48:47 +03:00
parent a867a08815
commit 0cf87d7304
8 changed files with 129 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/models/__init__.py
View File

@ -13,3 +13,9 @@ from .interpretation_vote import InterpretationVote
from .tag import Tag
from .interpretation_tag import InterpretationTag
from .comment_tag import CommentTags
from .permission import (
Permission,
AccessGroup,
UserAccessGroups,
PermissionAccessGroups,
)

79
app/models/permission.py
View File

@ -1,79 +0,0 @@
from enum import IntEnum
from app import db
from app.models.utils import BaseModel
# access groups
# moderators(by default empty) -> root collection -> CRUD Interpretation, Comment
# editors(by default empty) -> root collection -> CRUD Collection, Section
#
# on create collection/section -> inherit parent's access groups
#
# add to collection, sections, ...
# - access_groups -> access group table
# access group:
# - name
# - users many-to-many = []
# - permissions many-to-many = []
# permission:
# - access [Enum(CRUD)]
# - entity [Enum(collection, sections, ...)]
# - access_group -> access group table
C = 1
R = 2
U = 4
D = 8
class _Permission(BaseModel):
__tablename__ = "permissions"
# PAY ATTENTION ON SUB COLLECTIONS
class Access(IntEnum):
UNKNOWN = 0
C = 1
R = 2
CR = 3
U = 4
CU = 5
RU = 6
CRU = 7
D = 8
access_to_entity = db.Column(db.Enum(AccessTo), default=AccessTo.UNKNOWN)
access_to_id = db.Column(db.Integer, nullable=False)
user_id = db.Column(db.Integer, db.ForeignKey("users.id"))
# Relationships
user = db.relationship("User", viewonly=True)
def __repr__(self):
return f"<{self.id}: u:{self.user_id} b:{self.book_id}>"
class Permission(BaseModel):
__tablename__ = "permissions"
# PAY ATTENTION ON SUB COLLECTIONS
class AccessTo(IntEnum):
UNKNOWN = 0
BOOK = 1
COLLECTION = 2
SUB_COLLECTION = 3
SECTION = 4
access_to_entity = db.Column(db.Enum(AccessTo), default=AccessTo.UNKNOWN)
access_to_id = db.Column(db.Integer, nullable=False)
user_id = db.Column(db.Integer, db.ForeignKey("users.id"))
# Relationships
user = db.relationship("User", viewonly=True)
def __repr__(self):
return f"<{self.id}: u:{self.user_id} b:{self.book_id}>"

42
app/models/permission/__init__.py Normal file
View File

@ -0,0 +1,42 @@
# flake8: noqa F401
from .access_group import AccessGroup
from .permission import Permission
from .user_access_groups import UserAccessGroups
from .permission_access_groups import PermissionAccessGroups
# access groups
# moderators(by default empty) -> root collection -> CRUD Interpretation, Comment
# editors(by default empty) -> root collection -> CRUD Collection, Section
#
# on create collection/section -> inherit parent's access groups
#
# add to collection, sections, ...
# - access_groups -> access group table
# access group:
# - name
# - users many-to-many = []
# - permissions many-to-many = []
# permission:
# - access [Enum(CRUD)]
# - entity [Enum(collection, sections, ...)]
# - access_group -> access group table
# Book
# Root Collection
# Collection A
# Section
# Section
# Collection B
# SubCollection B.1
# Section
# Section
# SubCollection B.2
# Section
# Section
# If the user has CRUD access to Collection B it means that
# it has access to all nested entities(SubCollection B.1/B.2, Sections)

18
app/models/permission/access_group.py Normal file
View File

@ -0,0 +1,18 @@
from app import db
from app.models.utils import BaseModel
class AccessGroup(BaseModel):
__tablename__ = "access_groups"
name = db.Column(db.String(32), unique=True, nullable=False)
# Relationships
permissions = db.relationship(
"Permission",
secondary="permissions_access_groups",
back_populates="access_groups",
)
users = db.relationship(
"User", secondary="users_access_groups", back_populates="permissions"
)

33
app/models/permission/permission.py Normal file
View File

@ -0,0 +1,33 @@
from enum import IntEnum
from app import db
from app.models.utils import BaseModel
class Permission(BaseModel):
__tablename__ = "permissions"
class Access(IntEnum):
C = 1 # 0b0001
R = 2 # 0b0010
U = 4 # 0b0100
D = 8 # 0b1000
# sum = 0b1111
class Entity(IntEnum):
UNKNOWN = 0
BOOK = 1
COLLECTION = 2
SECTION = 3
INTERPRETATION = 4
COMMENT = 5
access = db.Column(db.Integer(), default=Access.C | Access.R | Access.U | Access.D)
entity = db.Column(db.Enum(Entity), default=Entity.UNKNOWN)
# Relationships
access_groups = db.relationship(
"AccessGroup",
secondary="permissions_access_groups",
back_populates="permissions",
)

13
app/models/permission/permission_access_groups.py Normal file
View File

@ -0,0 +1,13 @@
from app import db
from app.models.utils import BaseModel
class PermissionAccessGroups(BaseModel):
__tablename__ = "permissions_access_groups"
# Foreign keys
permission_id = db.Column(db.Integer, db.ForeignKey("permissions.id"))
access_group_id = db.Column(db.Integer, db.ForeignKey("access_groups.id"))
def __repr__(self):
return f"<p:{self.permission_id} to a_g:{self.access_group_id}"

13
app/models/permission/user_access_groups.py Normal file
View File

@ -0,0 +1,13 @@
from app import db
from app.models.utils import BaseModel
class UserAccessGroups(BaseModel):
__tablename__ = "users_access_groups"
# Foreign keys
user_id = db.Column(db.Integer, db.ForeignKey("users.id"))
access_group_id = db.Column(db.Integer, db.ForeignKey("access_groups.id"))
def __repr__(self):
return f"<u:{self.user_id} to a_g:{self.access_group_id}"

4
app/models/user.py
View File

@ -23,7 +23,11 @@ class User(BaseModel, UserMixin):
is_activated = db.Column(db.Boolean, default=False)
wallet_id = db.Column(db.String(64), nullable=True)
avatar_img = db.Column(db.Text, nullable=True)
# Relationships
permissions = db.relationship(
"AccessGroup", secondary="users_access_groups", back_populates="users"
)
stars = db.relationship("Book", secondary="books_stars", back_populates="stars")
books = db.relationship("Book")