sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: remove backward compatibility layer for permissions

Browse Source 
- Delete app/core/permissions.py (VendorPermissions enum, PermissionGroups)
- Update all code to use permission_discovery_service directly:
  - app/api/deps.py: get_user_permissions() uses discovery service
  - app/modules/tenancy/models/vendor.py: get_all_permissions() uses discovery
  - app/modules/tenancy/routes/api/vendor_team.py: use string literals
  - app/modules/tenancy/services/vendor_team_service.py: use discovery service
  - scripts/init_production.py: use discovery service for presets

Permissions are now fully module-driven:
- Each module defines permissions in definition.py
- PermissionDiscoveryService aggregates all permissions
- Role presets reference permission IDs directly

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Samir Boulahtit
2026-02-01 21:49:11 +01:00
parent 03395a9dfa
commit 30a5c75e74
6 changed files with 36 additions and 193 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
app/modules/tenancy/routes/api/vendor_team.py
View File

@@ -22,7 +22,8 @@ from app.api.deps import (
require_vendor_permission,
)
from app.core.database import get_db
from app.core.permissions import VendorPermissions
# Permission IDs are now defined in module definition.py files
# and discovered by PermissionDiscoveryService
from app.modules.tenancy.services.vendor_team_service import vendor_team_service
from models.schema.auth import UserContext
from app.modules.tenancy.schemas.team import (
@@ -55,7 +56,7 @@ def list_team_members(
include_inactive: bool = False,
db: Session = Depends(get_db),
current_user: UserContext = Depends(
require_vendor_permission(VendorPermissions.TEAM_VIEW.value)
require_vendor_permission("team.view")
),
):
"""
@@ -221,7 +222,7 @@ def get_team_member(
request: Request,
db: Session = Depends(get_db),
current_user: UserContext = Depends(
require_vendor_permission(VendorPermissions.TEAM_VIEW.value)
require_vendor_permission("team.view")
),
):
"""
@@ -370,7 +371,7 @@ def list_roles(
request: Request,
db: Session = Depends(get_db),
current_user: UserContext = Depends(
require_vendor_permission(VendorPermissions.TEAM_VIEW.value)
require_vendor_permission("team.view")
),
):
"""
@@ -439,7 +440,7 @@ def get_team_statistics(
request: Request,
db: Session = Depends(get_db),
current_user: UserContext = Depends(
require_vendor_permission(VendorPermissions.TEAM_VIEW.value)
require_vendor_permission("team.view")
),
):
"""