sr2/cloud-api
6
0
Fork 1
Code Issues 8 Pull requests 2 Projects Releases Packages Wiki Activity Actions

feat: iam rbac system

Browse source 
Endpoints and db architecture to support a role based IAM system.
This commit is contained in:
Chris Milne 2026-05-25 09:05:17 +01:00
parent 7b3ee9d5fa
commit 23f2ce98d7
31 changed files with 634 additions and 317 deletions
Download patch file Download diff file Expand all files Collapse all files

43
src/iam/models.py Normal file
View file

@ -0,0 +1,43 @@
"""
Database models for the IAM module
Models:
- List: Description
- Models: Description
"""
from sqlalchemy import Column, Integer, String, ForeignKey, UniqueConstraint
from src.database import Base
class Permission(Base):
__tablename__ = "permission"
id = Column(Integer, primary_key=True)
resource = Column(String, nullable=False)
action = Column(String, nullable=False)
service_id = Column(Integer, ForeignKey("service.id", ondelete="CASCADE"))
UniqueConstraint("service_id", "resource", "action", name="uniq_permission_resource_and_action")
class Group(Base):
__tablename__ = "group"
id = Column(Integer, primary_key=True)
name = Column(String, nullable=False, unique=True)
org_id = Column(Integer, ForeignKey("organisation.id", ondelete="CASCADE"))
class GroupPermissions(Base):
__tablename__ = "group_permissions"
group_id = Column(Integer, ForeignKey("group.id", ondelete="CASCADE"), primary_key=True)
permission_id = Column(Integer, ForeignKey("permission.id", ondelete="CASCADE"), primary_key=True)
class UserGroups(Base):
__tablename__ = "user_groups"
org_id = Column(Integer, ForeignKey("organisation.id", ondelete="CASCADE"), primary_key=True)
user_id = Column(Integer, ForeignKey("user.id", ondelete="CASCADE"), primary_key=True)
group_id = Column(Integer, ForeignKey("group.id", ondelete="CASCADE"), primary_key=True)