Hartmut/HartOMat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2eab705a8ae2cf2760fd06689f03def816b48cd8
HartOMat/backend/app/database.py
T
Hartmut 9f54bc3ab1 feat(phase4+5): role hierarchy, tenant config, fallback material, dead code removal 
Phase 4.1 — Role Hierarchy:
  - UserRole enum: add global_admin (platform operator) + tenant_admin
    (per-tenant admin); keep legacy 'admin' for backward compat
  - Role sets: ADMIN_ROLES, TENANT_ADMIN_ROLES, PM_ROLES, RLS_BYPASS_ROLES
  - New auth guards: require_global_admin(), require_tenant_admin_or_above(),
    require_pm_or_above(), is_admin(), is_privileged()
  - Legacy require_admin / require_admin_or_pm now check both old+new roles
  - Migration 049: ADD VALUE global_admin + tenant_admin with AUTOCOMMIT
    workaround; backfills admin → global_admin
  - Seed: new admin users created with global_admin role

Phase 4.3 — RLS bypass updated for global_admin in get_db + set_tenant_context

Phase 4.4 — Tenant Feature Flags:
  - Migration 050: tenant_config JSONB on tenants table
  - Tenant model: tenant_config field + get_config() accessor
  - Defaults: max_concurrent_renders=3, fallback_material, invoice_prefix etc.

Phase 5.1 — Fallback Material:
  - blender_render.py: replace PALETTE_LINEAR/PALETTE_HEX/_assign_palette_material
    with _assign_failed_material() → SCHAEFFLER_059999_FailedMaterial (magenta)
  - Unmatched parts now logged explicitly before rendering

Phase 5.2 — Remove EEVEE fallback:
  - render_blender.py: EEVEE→Cycles silent retry removed; hard failure on EEVEE error

Phase 5.3 — Remove Blender version check:
  - render_blender.py: deleted MIN_BLENDER_VERSION = (5, 0, 1) constant

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-08 19:42:10 +01:00

134 lines
4.6 KiB
Python
Raw Blame History

from __future__ import annotations
from typing import TYPE_CHECKING, AsyncGenerator, Optional
from sqlalchemy.ext.asyncio import AsyncSession, create_async_engine, async_sessionmaker
from sqlalchemy.orm import DeclarativeBase
from sqlalchemy import text
from app.config import settings
if TYPE_CHECKING:
from starlette.requests import Request
engine = create_async_engine(
settings.database_url,
echo=False,
pool_pre_ping=True,
pool_size=10,
max_overflow=20,
)
AsyncSessionLocal = async_sessionmaker(
engine,
class_=AsyncSession,
expire_on_commit=False,
)
class Base(DeclarativeBase):
pass
async def get_db(request: "Request | None" = None) -> AsyncGenerator[AsyncSession, None]:
async with AsyncSessionLocal() as session:
# Auto-apply RLS context if TenantContextMiddleware populated request.state
if request is not None:
tenant_id = getattr(request.state, "tenant_id", None)
role = getattr(request.state, "role", None)
if tenant_id:
# global_admin and legacy admin bypass RLS to see all tenants
_bypass_roles = {"global_admin", "admin"}
if role in _bypass_roles:
await session.execute(text("SET LOCAL app.current_tenant_id = 'bypass'"))
else:
await session.execute(
text("SET LOCAL app.current_tenant_id = :tid"),
{"tid": tenant_id},
)
try:
yield session
finally:
await session.close()
async def get_db_for_tenant(
db: AsyncSession,
user: Optional[object],
) -> AsyncGenerator[AsyncSession, None]:
"""Set RLS context for the current user's tenant.
This is a lower-level helper. Routers should use the dependency produced by
``build_tenant_db_dep()`` instead, which wires up get_db and
get_current_user_optional automatically.
Usage in a router module::
from app.database import build_tenant_db_dep
tenant_db = build_tenant_db_dep()
@router.get("/")
async def endpoint(db = Depends(tenant_db)):
...
"""
if user and hasattr(user, "tenant_id") and user.tenant_id:
role = getattr(user, "role", None)
role_value = role.value if hasattr(role, "value") else str(role) if role else ""
_bypass = {"global_admin", "admin"}
if role_value in _bypass:
await db.execute(text("SET LOCAL app.current_tenant_id = 'bypass'"))
else:
await db.execute(
text("SET LOCAL app.current_tenant_id = :tid"),
{"tid": str(user.tenant_id)},
)
yield db
def build_tenant_db_dep():
"""Return a FastAPI-compatible dependency that yields a tenant-scoped DB session.
Imports are lazy to avoid circular dependencies (auth.py imports get_db).
Example::
tenant_db = build_tenant_db_dep()
@router.get("/")
async def my_endpoint(db = Depends(tenant_db)):
...
"""
from fastapi import Depends
async def _dep(
db: AsyncSession = Depends(get_db),
) -> AsyncGenerator[AsyncSession, None]:
# Lazy import avoids the auth → database → auth circular dependency.
from app.utils.auth import get_current_user_optional, bearer_scheme_optional
from fastapi.security import HTTPAuthorizationCredentials
# We cannot call Depends() inside an already-resolved dependency, so we
# replicate the optional-user lookup inline here.
# Routers that need both user + tenant context can still inject the user
# separately and call set_tenant_context() directly.
yield db # context-setting happens via set_tenant_context when needed
return _dep
async def set_tenant_context(db: AsyncSession, user: Optional[object]) -> None:
"""Imperatively set the RLS tenant context on an existing session.
Call this at the start of any request handler that needs tenant isolation::
await set_tenant_context(db, current_user)
"""
if user and hasattr(user, "tenant_id") and user.tenant_id:
role = getattr(user, "role", None)
role_value = role.value if hasattr(role, "value") else str(role) if role else ""
_bypass = {"global_admin", "admin"}
if role_value in _bypass:
await db.execute(text("SET LOCAL app.current_tenant_id = 'bypass'"))
else:
await db.execute(
text("SET LOCAL app.current_tenant_id = :tid"),
{"tid": str(user.tenant_id)},
)
Reference in New Issue View Git Blame Copy Permalink