add-ideas/multi-seal-mail
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added backends, improved templating, rbac

Browse Source
This commit is contained in:
Albrecht Degering
2026-06-10 14:40:22 +02:00
parent d9ca48addc
commit ce43f2658f
28 changed files with 1183 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
server/app/db/bootstrap.py
View File

@@ -5,9 +5,10 @@ from dataclasses import dataclass
from sqlalchemy.orm import Session
from app.db.base import Base
from app.db.models import Role, Tenant, User
from app.db.models import Role, Tenant, User, UserRoleAssignment
from app.db.session import engine
from app.security.api_keys import CreatedApiKey, create_api_key
from app.security.passwords import hash_password
DEFAULT_SCOPES = [
"campaign:read",
@@ -62,6 +63,7 @@ def bootstrap_dev_data(
api_key_secret: str | None = None,
tenant_slug: str = "default",
user_email: str = "admin@example.local",
user_password: str = "dev-admin",
) -> BootstrapResult:
tenant = session.query(Tenant).filter(Tenant.slug == tenant_slug).one_or_none()
if tenant is None:
@@ -76,9 +78,23 @@ def bootstrap_dev_data(
user = session.query(User).filter(User.tenant_id == tenant.id, User.email == user_email).one_or_none()
if user is None:
user = User(tenant_id=tenant.id, email=user_email, display_name="Development Admin", is_tenant_admin=True)
user = User(tenant_id=tenant.id, email=user_email, display_name="Development Admin", is_tenant_admin=True, password_hash=hash_password(user_password))
session.add(user)
session.flush()
elif not user.password_hash:
user.password_hash = hash_password(user_password)
session.add(user)
# Development owner role assignment for RBAC/session login.
owner_role = session.query(Role).filter(Role.tenant_id == tenant.id, Role.slug == "owner").one_or_none()
if owner_role is not None:
existing_assignment = session.query(UserRoleAssignment).filter(
UserRoleAssignment.tenant_id == tenant.id,
UserRoleAssignment.user_id == user.id,
UserRoleAssignment.role_id == owner_role.id,
).one_or_none()
if existing_assignment is None:
session.add(UserRoleAssignment(tenant_id=tenant.id, user_id=user.id, role_id=owner_role.id))
created_api_key = None
if api_key_secret: