sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1965e22fafcb9cee615dddc71a6385eeb7624d02
orion/app/modules/tenancy/definition.py
Samir Boulahtit 03395a9dfa refactor: implement module-driven permissions and relocate business logic 
File Relocations:
- Delete app/config/ folder (empty after menu_registry removal)
- Move feature_gate.py → app/modules/billing/dependencies/
- Move theme_presets.py → app/modules/cms/services/

Module-Driven Permissions System:
- Add PermissionDefinition dataclass to app/modules/base.py
- Create PermissionDiscoveryService in tenancy module
- Update module definitions to declare their own permissions:
  - core: dashboard.view, settings.*
  - catalog: products.*
  - orders: orders.*
  - inventory: stock.*
  - customers: customers.*
  - tenancy: team.*
- Update app/core/permissions.py to use discovery service
- Role presets (owner, manager, staff, etc.) now use module permissions

This follows the same pattern as module-driven menus:
- Each module defines its permissions in definition.py
- PermissionDiscoveryService aggregates all permissions at runtime
- Tenancy module handles role-to-permission assignment

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-01 21:42:13 +01:00

157 lines
4.9 KiB
Python
Raw Blame History

# app/modules/tenancy/definition.py
"""
Tenancy Management module definition.
Platform, company, vendor, and admin user management.
Required for multi-tenant operation - cannot be disabled.
"""
from app.modules.base import (
MenuItemDefinition,
MenuSectionDefinition,
ModuleDefinition,
PermissionDefinition,
)
from app.modules.enums import FrontendType
tenancy_module = ModuleDefinition(
code="tenancy",
name="Tenancy Management",
description="Platform, company, vendor, and admin user management. Required for multi-tenant operation.",
version="1.0.0",
is_core=True,
is_self_contained=True,
# Module-driven permissions
permissions=[
PermissionDefinition(
id="team.view",
label_key="tenancy.permissions.team_view",
description_key="tenancy.permissions.team_view_desc",
category="team",
),
PermissionDefinition(
id="team.invite",
label_key="tenancy.permissions.team_invite",
description_key="tenancy.permissions.team_invite_desc",
category="team",
is_owner_only=True,
),
PermissionDefinition(
id="team.edit",
label_key="tenancy.permissions.team_edit",
description_key="tenancy.permissions.team_edit_desc",
category="team",
is_owner_only=True,
),
PermissionDefinition(
id="team.remove",
label_key="tenancy.permissions.team_remove",
description_key="tenancy.permissions.team_remove_desc",
category="team",
is_owner_only=True,
),
],
features=[
"platform_management",
"company_management",
"vendor_management",
"admin_user_management",
],
# Legacy menu_items
menu_items={
FrontendType.ADMIN: [
"platforms",
"companies",
"vendors",
"admin-users",
],
FrontendType.VENDOR: [
"team",
],
},
# New module-driven menu definitions
menus={
FrontendType.ADMIN: [
MenuSectionDefinition(
id="superAdmin",
label_key="tenancy.menu.super_admin",
icon="shield",
order=10,
is_super_admin_only=True,
items=[
MenuItemDefinition(
id="admin-users",
label_key="tenancy.menu.admin_users",
icon="shield",
route="/admin/admin-users",
order=10,
is_mandatory=True,
),
],
),
MenuSectionDefinition(
id="platformAdmin",
label_key="tenancy.menu.platform_admin",
icon="office-building",
order=20,
items=[
MenuItemDefinition(
id="companies",
label_key="tenancy.menu.companies",
icon="office-building",
route="/admin/companies",
order=10,
is_mandatory=True,
),
MenuItemDefinition(
id="vendors",
label_key="tenancy.menu.vendors",
icon="shopping-bag",
route="/admin/vendors",
order=20,
is_mandatory=True,
),
],
),
MenuSectionDefinition(
id="contentMgmt",
label_key="tenancy.menu.content_management",
icon="globe-alt",
order=70,
items=[
MenuItemDefinition(
id="platforms",
label_key="tenancy.menu.platforms",
icon="globe-alt",
route="/admin/platforms",
order=10,
),
],
),
],
FrontendType.VENDOR: [
MenuSectionDefinition(
id="account",
label_key="tenancy.menu.account_settings",
icon="user-group",
order=900,
items=[
MenuItemDefinition(
id="team",
label_key="tenancy.menu.team",
icon="user-group",
route="/vendor/{vendor_code}/team",
order=5,
),
],
),
],
},
services_path="app.modules.tenancy.services",
models_path="app.modules.tenancy.models",
schemas_path="app.modules.tenancy.schemas",
exceptions_path="app.modules.tenancy.exceptions",
)
__all__ = ["tenancy_module"]
Reference in New Issue View Git Blame Copy Permalink