Decouple scopes from tenancy schema
Some checks failed
Dependency Audit / dependency-audit (push) Has been cancelled
Module Matrix / module-matrix (push) Has been cancelled

This commit is contained in:
2026-07-10 17:33:43 +02:00
parent 635d25c74c
commit 79af252e88
27 changed files with 529 additions and 75 deletions

View File

@@ -36,7 +36,6 @@ PREFIXES = {
}
FEATURE_OWNERS = ("files", "mail", "campaign")
PLATFORM_OWNERS = ("admin", "tenancy", "organizations", "identity", "policy", "audit", "dashboard")
PUBLIC_ACCESS_IMPORTS = ("govoplan_access.auth",)
@dataclass(frozen=True)
@@ -89,10 +88,6 @@ def _allowed(owner: str, path: Path, imported_owner: str) -> bool:
return (owner, _relative(owner, path), imported_owner) in ALLOWLIST_KEYS
def _is_public_access_import(imported: str) -> bool:
return any(imported == item or imported.startswith(f"{item}.") for item in PUBLIC_ACCESS_IMPORTS)
def _violations() -> list[Violation]:
violations: list[Violation] = []
for owner, root in REPOS.items():
@@ -105,8 +100,6 @@ def _violations() -> list[Violation]:
imported_owner = _import_owner(imported)
if imported_owner is None or imported_owner == owner:
continue
if imported_owner == "access" and _is_public_access_import(imported):
continue
if owner == "core" and imported_owner in FEATURE_OWNERS:
if not _allowed(owner, path, imported_owner):
violations.append(Violation(owner, path, lineno, imported, imported_owner))