parent
0c1c9f62ee
commit
0e169af456
9 changed files with 36 additions and 40 deletions
|
|
@ -1,7 +1,3 @@
|
||||||
"""
|
"""
|
||||||
Configurations for <this module>
|
Configurations for the IAM module
|
||||||
|
|
||||||
Configurations:
|
|
||||||
- List: Description
|
|
||||||
- Configs: Description
|
|
||||||
"""
|
"""
|
||||||
|
|
@ -1,7 +1,3 @@
|
||||||
"""
|
"""
|
||||||
Constants and error codes for <this module>
|
Constants for the IAM module
|
||||||
|
|
||||||
Constants:
|
|
||||||
- List: Description
|
|
||||||
- Consts: Description
|
|
||||||
"""
|
"""
|
||||||
|
|
@ -1,13 +1,10 @@
|
||||||
"""
|
"""
|
||||||
Router dependencies for the IAM module
|
Dependencies for the IAM module
|
||||||
|
|
||||||
Classes:
|
Exports:
|
||||||
- List: Description
|
- group_model_query_dependency: group_model: Gets group model from db, if it exists. Uses group_id from query param.
|
||||||
- Classes: Description
|
- group_model_body_dependency: group_model: Gets group model from db, if it exists. Uses group_id from request body.
|
||||||
|
- perm_model_body_dependency: perm_model: Gets perm model from db, if it exists. Uses perm_id from request body.
|
||||||
Functions:
|
|
||||||
- List: Description
|
|
||||||
- Functions: Description
|
|
||||||
"""
|
"""
|
||||||
from typing import Annotated, Optional
|
from typing import Annotated, Optional
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
"""
|
"""
|
||||||
Module specific exceptions for the IAM module
|
Exceptions related to the IAM module
|
||||||
|
|
||||||
Exceptions:
|
Exceptions:
|
||||||
- List: Description
|
- GroupNotFoundException: Takes an optional group_id int
|
||||||
- Exceptions: Description
|
- PermNotFoundException: Takes an optional perm_id int
|
||||||
"""
|
"""
|
||||||
from typing import Optional
|
from typing import Optional
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2,8 +2,11 @@
|
||||||
Database models for the IAM module
|
Database models for the IAM module
|
||||||
|
|
||||||
Models:
|
Models:
|
||||||
- List: Description
|
- Permission:
|
||||||
- Models: Description
|
- id[PK], resource[U1], action[U1], service_id[FK][U1]
|
||||||
|
- service_rel: ORM relationship over service_id FK
|
||||||
|
- group_rel: ORM relationship backpops to Group.permission_rel
|
||||||
|
- service_name: Calc property service_rel.name
|
||||||
"""
|
"""
|
||||||
from sqlalchemy import Column, Integer, String, ForeignKey, UniqueConstraint
|
from sqlalchemy import Column, Integer, String, ForeignKey, UniqueConstraint
|
||||||
from sqlalchemy.orm import relationship
|
from sqlalchemy.orm import relationship
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,19 @@
|
||||||
"""
|
"""
|
||||||
Router endpoints for <this module>
|
Router endpoints for IAM
|
||||||
|
|
||||||
Endpoints:
|
Endpoints:
|
||||||
- List: Description
|
- [POST](/iam/can_act_on_resource): [API key & user claim]: Service access point to verify user permissions
|
||||||
- Endpoints: Description
|
- [GET](/iam/group/permissions): [root user]: Gets list of perms(service, resource, action) the given group(id) has
|
||||||
|
- [DELETE](/iam/group/permissions): [root user]: Removes a given perm(id) from the given group(id)
|
||||||
|
- [GET](/iam/group/users): [root user]: Gets a list of users(id, name, email) that are assigned to the given group(id)
|
||||||
|
- [POST](/iam/group): [root user]: Creates a new group for the given org(id)
|
||||||
|
- [PUT](/iam/group/permission): [root user]: Assigns a perm(id) to the given group(id)
|
||||||
|
- [PUT](/iam/group/user): [root user]: Assigns a user(id) to a group(id)
|
||||||
|
- [DELETE](/iam/group/user): [root user]: Removes a user(id) from the given group(id)
|
||||||
|
- [GET](/iam/permissions): [root user]: Gets a list of all permissions
|
||||||
|
- [POST](/iam/permission): [super admin]: Creates a new permission
|
||||||
|
- [DELETE](/iam/permission): [super admin]: Removes a permission
|
||||||
|
- [GET](/iam/permissions/search): [root user]: Returns a list of permissions matching a filter(service|resource|action)
|
||||||
"""
|
"""
|
||||||
from fastapi import APIRouter, status
|
from fastapi import APIRouter, status
|
||||||
from sqlalchemy.exc import IntegrityError
|
from sqlalchemy.exc import IntegrityError
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,10 @@
|
||||||
"""
|
"""
|
||||||
Pydantic models for the IAM module
|
Pydantic models for the IAM module
|
||||||
|
|
||||||
Models:
|
Models follow the nomenclature of:
|
||||||
- List: Description
|
- Sub-models: "<Resource>Response"
|
||||||
- Models: Description
|
- Mixins: "<Attribute>Mixin"
|
||||||
|
- Models: "<Module><Method><Resource><Opt:Resource><Direction>" ie "IAMGetGroupPermissionsResponse"
|
||||||
"""
|
"""
|
||||||
from typing import Optional
|
from typing import Optional
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,8 @@
|
||||||
"""
|
"""
|
||||||
Module specific business logic for <this module>
|
Business logic reusable functions related to IAM
|
||||||
|
|
||||||
Exports service_key_dependency
|
Exports:
|
||||||
|
- service_key_dependency: bool: verifies request headers contain the correct api key for the service
|
||||||
"""
|
"""
|
||||||
from typing import Annotated
|
from typing import Annotated
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,3 @@
|
||||||
"""
|
"""
|
||||||
Non-business logic reusable functions and classes for <this module>
|
Non-business logic reusable functions and classes for the IAM module
|
||||||
|
|
||||||
Classes:
|
|
||||||
- List: Description
|
|
||||||
- Classes: Description
|
|
||||||
|
|
||||||
Functions:
|
|
||||||
- List: Description
|
|
||||||
- Functions: Description
|
|
||||||
"""
|
"""
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue