|
|
|
|
@@ -1,6 +1,6 @@
|
|
|
|
|
# [DEF:backend.src.core.auth.repository:Module]
|
|
|
|
|
#
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @SEMANTICS: auth, repository, database, user, role, permission
|
|
|
|
|
# @PURPOSE: Data access layer for authentication and user preference entities.
|
|
|
|
|
# @LAYER: Domain
|
|
|
|
|
@@ -25,12 +25,12 @@ from ..logger import belief_scope, logger
|
|
|
|
|
# [/SECTION]
|
|
|
|
|
|
|
|
|
|
# [DEF:AuthRepository:Class]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Encapsulates database operations for authentication-related entities.
|
|
|
|
|
# @RELATION: [DEPENDS_ON] ->[sqlalchemy.orm.Session]
|
|
|
|
|
class AuthRepository:
|
|
|
|
|
# [DEF:__init__:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Bind repository instance to an existing SQLAlchemy session.
|
|
|
|
|
# @PRE: db is an initialized sqlalchemy.orm.Session instance.
|
|
|
|
|
# @POST: self.db points to the provided session and is used by all repository methods.
|
|
|
|
|
@@ -48,7 +48,7 @@ class AuthRepository:
|
|
|
|
|
# [/DEF:__init__:Function]
|
|
|
|
|
|
|
|
|
|
# [DEF:get_user_by_username:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Retrieve a user entity by unique username.
|
|
|
|
|
# @PRE: username is a non-empty str and self.db is a valid open Session.
|
|
|
|
|
# @POST: Returns matching User entity when present, otherwise None.
|
|
|
|
|
@@ -75,7 +75,7 @@ class AuthRepository:
|
|
|
|
|
# [/DEF:get_user_by_username:Function]
|
|
|
|
|
|
|
|
|
|
# [DEF:get_user_by_id:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Retrieve a user entity by identifier.
|
|
|
|
|
# @PRE: user_id is a non-empty str and self.db is a valid open Session.
|
|
|
|
|
# @POST: Returns matching User entity when present, otherwise None.
|
|
|
|
|
@@ -97,7 +97,7 @@ class AuthRepository:
|
|
|
|
|
# [/DEF:get_user_by_id:Function]
|
|
|
|
|
|
|
|
|
|
# [DEF:get_role_by_name:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Retrieve a role entity by role name.
|
|
|
|
|
# @PRE: name is a non-empty str and self.db is a valid open Session.
|
|
|
|
|
# @POST: Returns matching Role entity when present, otherwise None.
|
|
|
|
|
@@ -109,7 +109,7 @@ class AuthRepository:
|
|
|
|
|
# [/DEF:get_role_by_name:Function]
|
|
|
|
|
|
|
|
|
|
# [DEF:update_last_login:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Update last_login timestamp for the provided user entity.
|
|
|
|
|
# @PRE: user is a managed User instance and self.db is a valid open Session.
|
|
|
|
|
# @POST: user.last_login is set to current UTC timestamp and transaction is committed.
|
|
|
|
|
@@ -129,7 +129,7 @@ class AuthRepository:
|
|
|
|
|
# [/DEF:update_last_login:Function]
|
|
|
|
|
|
|
|
|
|
# [DEF:get_role_by_id:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Retrieve a role entity by identifier.
|
|
|
|
|
# @PRE: role_id is a non-empty str and self.db is a valid open Session.
|
|
|
|
|
# @POST: Returns matching Role entity when present, otherwise None.
|
|
|
|
|
@@ -141,7 +141,7 @@ class AuthRepository:
|
|
|
|
|
# [/DEF:get_role_by_id:Function]
|
|
|
|
|
|
|
|
|
|
# [DEF:get_permission_by_id:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Retrieve a permission entity by identifier.
|
|
|
|
|
# @PRE: perm_id is a non-empty str and self.db is a valid open Session.
|
|
|
|
|
# @POST: Returns matching Permission entity when present, otherwise None.
|
|
|
|
|
@@ -153,7 +153,7 @@ class AuthRepository:
|
|
|
|
|
# [/DEF:get_permission_by_id:Function]
|
|
|
|
|
|
|
|
|
|
# [DEF:get_permission_by_resource_action:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Retrieve a permission entity by resource and action pair.
|
|
|
|
|
# @PRE: resource and action are non-empty str values; self.db is a valid open Session.
|
|
|
|
|
# @POST: Returns matching Permission entity when present, otherwise None.
|
|
|
|
|
@@ -168,7 +168,7 @@ class AuthRepository:
|
|
|
|
|
# [/DEF:get_permission_by_resource_action:Function]
|
|
|
|
|
|
|
|
|
|
# [DEF:get_user_dashboard_preference:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Retrieve dashboard preference entity owned by specified user.
|
|
|
|
|
# @PRE: user_id is a non-empty str and self.db is a valid open Session.
|
|
|
|
|
# @POST: Returns matching UserDashboardPreference entity when present, otherwise None.
|
|
|
|
|
@@ -184,7 +184,7 @@ class AuthRepository:
|
|
|
|
|
# [/DEF:get_user_dashboard_preference:Function]
|
|
|
|
|
|
|
|
|
|
# [DEF:save_user_dashboard_preference:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: Persist dashboard preference entity and return refreshed persistent row.
|
|
|
|
|
# @PRE: preference is a valid UserDashboardPreference entity and self.db is a valid open Session.
|
|
|
|
|
# @POST: preference is committed to DB, refreshed from DB state, and returned.
|
|
|
|
|
@@ -207,7 +207,7 @@ class AuthRepository:
|
|
|
|
|
# [/DEF:save_user_dashboard_preference:Function]
|
|
|
|
|
|
|
|
|
|
# [DEF:list_permissions:Function]
|
|
|
|
|
# @TIER: CRITICAL
|
|
|
|
|
# @COMPLEXITY: 5
|
|
|
|
|
# @PURPOSE: List all permission entities available in storage.
|
|
|
|
|
# @PRE: self.db is a valid open Session.
|
|
|
|
|
# @POST: Returns list containing all Permission entities visible to the session.
|
|
|
|
|
|