[Debt] Define shared platform API schema primitives across access, admin, policy, and tenancy #250

Closed
opened 2026-07-13 17:21:08 +02:00 by zemion · 1 comment
Owner

Created from add-ideas/govoplan#3 after triaging /mnt/DATA/git/govoplan/audit-reports/govoplan-full-20260711-1857/jscpd/jscpd-report.json.

Evidence

jscpd reports cross-module Python schema duplication, including:

  • govoplan_access/backend/api/v1/admin_schemas.py lines 702-746 and govoplan_policy/backend/api/v1/schemas.py lines 47-91
  • govoplan_access/backend/api/v1/admin_schemas.py lines 1-43 and govoplan_admin/backend/api/v1/schemas.py lines 1-45
  • govoplan_access/backend/api/v1/admin_schemas.py lines 91-128 and govoplan_tenancy/backend/api/v1/schemas.py lines 40-77

This crosses ownership boundaries and can make platform-level API shape changes inconsistent.

Desired Shape

Decide which DTO primitives are stable platform contracts and should live in core, and which remain module-local because their semantics differ. Avoid dumping every schema into core; move only shared concepts with stable meaning.

Acceptance Criteria

  • Inventory the duplicated schema classes and classify each as shared platform primitive or module-specific.
  • Shared primitives have one owning module/package and clear import direction.
  • Module-local schemas keep local ownership when semantics differ, with a short note explaining why duplication is acceptable.
  • Existing API compatibility is preserved or the migration is explicitly versioned.
Created from add-ideas/govoplan#3 after triaging `/mnt/DATA/git/govoplan/audit-reports/govoplan-full-20260711-1857/jscpd/jscpd-report.json`. ## Evidence jscpd reports cross-module Python schema duplication, including: - `govoplan_access/backend/api/v1/admin_schemas.py` lines 702-746 and `govoplan_policy/backend/api/v1/schemas.py` lines 47-91 - `govoplan_access/backend/api/v1/admin_schemas.py` lines 1-43 and `govoplan_admin/backend/api/v1/schemas.py` lines 1-45 - `govoplan_access/backend/api/v1/admin_schemas.py` lines 91-128 and `govoplan_tenancy/backend/api/v1/schemas.py` lines 40-77 This crosses ownership boundaries and can make platform-level API shape changes inconsistent. ## Desired Shape Decide which DTO primitives are stable platform contracts and should live in core, and which remain module-local because their semantics differ. Avoid dumping every schema into core; move only shared concepts with stable meaning. ## Acceptance Criteria - Inventory the duplicated schema classes and classify each as shared platform primitive or module-specific. - Shared primitives have one owning module/package and clear import direction. - Module-local schemas keep local ownership when semantics differ, with a short note explaining why duplication is acceptable. - Existing API compatibility is preserved or the migration is explicitly versioned.
Author
Owner

Codex State: done

Summary

  • Added govoplan_core.privacy.schemas as the shared owner for retention API DTOs, retention field keys, lower-level-limit defaults, and normalization.
  • Rewired admin, access compatibility, and policy API schemas to import the shared retention DTOs instead of duplicating pydantic classes.
  • Kept policy engine models local but changed them to subclass the shared DTOs so implementation-only blank-string validators remain policy-owned without copying the schema fields.
  • Documented the schema ownership classification in POLICY_CONTRACTS: retention DTOs are shared, tenant DTOs remain tenancy-owned, and admin overview remains module-local for now.

Changed Files

  • src/govoplan_core/privacy/schemas.py
  • src/govoplan_core/privacy/retention.py
  • tests/test_privacy_schema_contracts.py
  • docs/POLICY_CONTRACTS.md
  • ../govoplan-admin/src/govoplan_admin/backend/api/v1/schemas.py
  • ../govoplan-access/src/govoplan_access/backend/api/v1/admin_schemas.py
  • ../govoplan-policy/src/govoplan_policy/backend/api/v1/schemas.py
  • ../govoplan-policy/src/govoplan_policy/backend/api/v1/routes.py
  • ../govoplan-policy/src/govoplan_policy/backend/retention.py
  • ../govoplan-policy/tests/test_policy_hierarchy.py

Verification

  • python -m ruff check touched privacy/admin/access/policy files: passed
  • python -m py_compile touched privacy/admin/access/policy files: passed
  • python -m unittest tests.test_privacy_schema_contracts: 4 passed
  • python -m unittest tests.test_policy_hierarchy tests.test_policy_module_contract (govoplan-policy): 9 passed
  • shared privacy schema import compatibility smoke: passed
  • jscpd focused schema scan: cross-module schema clones removed; remaining clone is item-vs-patch similarity inside the new core contract
  • git diff --check in core/admin/access/policy: passed
## Codex State: done ### Summary - Added govoplan_core.privacy.schemas as the shared owner for retention API DTOs, retention field keys, lower-level-limit defaults, and normalization. - Rewired admin, access compatibility, and policy API schemas to import the shared retention DTOs instead of duplicating pydantic classes. - Kept policy engine models local but changed them to subclass the shared DTOs so implementation-only blank-string validators remain policy-owned without copying the schema fields. - Documented the schema ownership classification in POLICY_CONTRACTS: retention DTOs are shared, tenant DTOs remain tenancy-owned, and admin overview remains module-local for now. ### Changed Files - `src/govoplan_core/privacy/schemas.py` - `src/govoplan_core/privacy/retention.py` - `tests/test_privacy_schema_contracts.py` - `docs/POLICY_CONTRACTS.md` - `../govoplan-admin/src/govoplan_admin/backend/api/v1/schemas.py` - `../govoplan-access/src/govoplan_access/backend/api/v1/admin_schemas.py` - `../govoplan-policy/src/govoplan_policy/backend/api/v1/schemas.py` - `../govoplan-policy/src/govoplan_policy/backend/api/v1/routes.py` - `../govoplan-policy/src/govoplan_policy/backend/retention.py` - `../govoplan-policy/tests/test_policy_hierarchy.py` ### Verification - `python -m ruff check touched privacy/admin/access/policy files: passed` - `python -m py_compile touched privacy/admin/access/policy files: passed` - `python -m unittest tests.test_privacy_schema_contracts: 4 passed` - `python -m unittest tests.test_policy_hierarchy tests.test_policy_module_contract (govoplan-policy): 9 passed` - `shared privacy schema import compatibility smoke: passed` - `jscpd focused schema scan: cross-module schema clones removed; remaining clone is item-vs-patch similarity inside the new core contract` - `git diff --check in core/admin/access/policy: passed`
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: add-ideas/govoplan-core#250
No description provided.