sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: RBAC Phase 1 — consolidate user roles into 4-value enum
Some checks failed
CI / ruff (push) Successful in 11s
Details
CI / validate (push) Has been cancelled
Details
CI / dependency-scanning (push) Has been cancelled
Details
CI / docs (push) Has been cancelled
Details
CI / deploy (push) Has been cancelled
Details
CI / pytest (push) Has been cancelled
Details

Browse Source 
Consolidate User.role (2-value: admin/store) + User.is_super_admin (boolean)
into a single 4-value UserRole enum: super_admin, platform_admin,
merchant_owner, store_member. Drop stale StoreUser.user_type column.
Fix role="user" bug in merchant creation.

Key changes:
- Expand UserRole enum from 2 to 4 values with computed properties
  (is_admin, is_super_admin, is_platform_admin, is_merchant_owner, is_store_user)
- Add Alembic migration (tenancy_003) for data migration + column drops
- Remove is_super_admin from JWT token payload
- Update all auth dependencies, services, routes, templates, JS, and tests
- Update all RBAC documentation

66 files changed, 1219 unit tests passing.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Samir Boulahtit
2026-02-19 22:44:29 +01:00
parent ef21d47533
commit 1dcb0e6c33
67 changed files with 874 additions and 616 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
app/api/deps.py
View File

@@ -200,7 +200,7 @@ def get_current_admin_from_cookie_or_header(
user = _validate_user_token(token, db)
# Verify user is admin
if user.role != "admin":
if not user.is_admin:
logger.warning(
f"Non-admin user {user.username} attempted admin route: {request.url.path}"
)
@@ -235,7 +235,7 @@ def get_current_admin_api(
user = _validate_user_token(credentials.credentials, db)
if user.role != "admin":
if not user.is_admin:
logger.warning(f"Non-admin user {user.username} attempted admin API")
raise AdminRequiredException("Admin privileges required")
@@ -399,7 +399,7 @@ def get_admin_with_platform_context(
user = _validate_user_token(token, db)
if user.role != "admin":
if not user.is_admin:
raise AdminRequiredException("Admin privileges required")
# Super admins bypass platform context
@@ -702,7 +702,7 @@ def get_current_store_from_cookie_or_header(
user = _validate_user_token(token, db)
# CRITICAL: Block admins from store routes
if user.role == "admin":
if user.is_admin:
logger.warning(
f"Admin user {user.username} attempted store route: {request.url.path}"
)
@@ -710,8 +710,8 @@ def get_current_store_from_cookie_or_header(
"Store access only - admins cannot use store portal"
)
# Verify user is store
if user.role != "store":
# Verify user is store user (merchant_owner or store_member)
if not user.is_store_user:
logger.warning(
f"Non-store user {user.username} attempted store route: {request.url.path}"
)
@@ -749,11 +749,11 @@ def get_current_store_api(
user = _validate_user_token(credentials.credentials, db)
# Block admins from store API
if user.role == "admin":
if user.is_admin:
logger.warning(f"Admin user {user.username} attempted store API")
raise InsufficientPermissionsException("Store access only")
if user.role != "store":
if not user.is_store_user:
logger.warning(f"Non-store user {user.username} attempted store API")
raise InsufficientPermissionsException("Store privileges required")
@@ -1570,7 +1570,7 @@ def get_current_admin_optional(
user = _validate_user_token(token, db)
# Verify user is admin
if user.role == "admin":
if user.is_admin:
return UserContext.from_user(user, include_store_context=False)
except Exception:
# Invalid token or other error
@@ -1616,8 +1616,8 @@ def get_current_store_optional(
# Validate token and get user
user = _validate_user_token(token, db)
# Verify user is store
if user.role == "store":
# Verify user is a store user
if user.is_store_user:
return UserContext.from_user(user)
except Exception:
# Invalid token or other error