feat: iam rbac system

Endpoints and db architecture to support a role based IAM system.
2026-05-25 09:05:17 +01:00 · 2026-05-25 09:05:17 +01:00 · 23f2ce98d7
commit 23f2ce98d7
parent 7b3ee9d5fa
31 changed files with 634 additions and 317 deletions
--- a/src/service/config.py
+++ b/src/service/config.py
@ -0,0 +1,7 @@
+"""
+Configurations for <this module>
+
+Configurations:
+ - List: Description
+ - Configs: Description
+"""
--- a/src/service/constants.py
+++ b/src/service/constants.py
@ -0,0 +1,7 @@
+"""
+Constants and error codes for <this module>
+
+Constants:
+ - List: Description
+ - Consts: Description
+"""
--- a/src/service/dependencies.py
+++ b/src/service/dependencies.py
@ -0,0 +1,11 @@
+"""
+Router dependencies for <this module>
+
+Classes:
+ - List: Description
+ - Classes: Description
+
+Functions:
+ - List: Description
+ - Functions: Description
+"""
--- a/src/service/exceptions.py
+++ b/src/service/exceptions.py
@ -0,0 +1,7 @@
+"""
+Module specific exceptions for <this module>
+
+Exceptions:
+ - List: Description
+ - Exceptions: Description
+"""
--- a/src/service/models.py
+++ b/src/service/models.py
@ -0,0 +1,18 @@
+"""
+Database models for the services module
+
+Models:
+ - List: Description
+ - Models: Description
+"""
+from sqlalchemy import Column, Integer, String
+
+from src.database import Base
+
+
+class Service(Base):
+	__tablename__ = "service"
+
+	id = Column(Integer, primary_key=True)
+	name = Column(String, unique=True)
+	api_key = Column(String, unique=True)
--- a/src/service/router.py
+++ b/src/service/router.py
@ -0,0 +1,63 @@
+"""
+Router endpoints for <this module>
+
+Endpoints:
+ - List: Description
+ - Endpoints: Description
+"""
+from fastapi import APIRouter
+
+from src.database import db_dependency
+
+from src.service.models import Service
+from src.service.utils import generate_api_key
+
+
+router = APIRouter(
+	tags=["Service"],
+	prefix="/service",
+)
+
+@router.get("/")
+async def get_all_services(db: db_dependency):
+	# TODO: user_dependency
+	# TODO: request model
+	permission_models = db.query(Service).all()
+
+	# TODO: Response model
+	return permission_models
+
+@router.post("/")
+async def register_service(db: db_dependency, service_name: str):
+	# TODO: super_admin_dependency
+	# TODO: request model
+	key = generate_api_key()
+	service_model = Service(name=service_name, api_key=key)
+
+	db.add(service_model)
+	db.commit()
+	# TODO: response model
+
+@router.patch("/{service_id}/key")
+async def regenerate_api_key(db: db_dependency, service_id: int):
+	# TODO: super_admin_dependency
+	# TODO: request model
+	key = generate_api_key()
+	service_model = db.query(Service).filter(Service.id==service_id).first()
+	service_model.api_key = key
+
+	db.add(service_model)
+	db.commit()
+	# TODO: response model
+
+@router.delete("/{service_id}")
+async def remove_service(db: db_dependency, service_id: int):
+	# TODO: super_admin_dependency
+	# TODO: request model
+	service_model = db.query(Service).filter(Service.id==service_id).first()
+	if service_model is None:
+		return
+
+	db.delete(service_model)
+	db.commit()
+	# TODO: response model
--- a/src/service/schemas.py
+++ b/src/service/schemas.py
@ -0,0 +1,7 @@
+"""
+Pydantic models for <this module>
+
+Models:
+ - List: Description
+ - Models: Description
+"""
--- a/src/service/service.py
+++ b/src/service/service.py
@ -0,0 +1,11 @@
+"""
+Module specific business logic for <this module>
+
+Classes:
+ - List: Description
+ - Classes: Description
+
+Functions:
+ - List: Description
+ - Functions: Description
+"""
--- a/src/service/utils.py
+++ b/src/service/utils.py
@ -0,0 +1,16 @@
+"""
+Non-business logic reusable functions and classes for <this module>
+
+Classes:
+ - List: Description
+ - Classes: Description
+
+Functions:
+ - List: Description
+ - Functions: Description
+"""
+import uuid
+
+
+def generate_api_key() -> str:
+	return str(uuid.uuid4())