sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cb3bc3c1182381b0fd98206f834ce9275878f4d3
orion/app/modules/catalog/definition.py
Samir Boulahtit cb3bc3c118
Some checks failed
CI / pytest (push) Failing after 45m29s
Details
CI / validate (push) Successful in 24s
Details
CI / dependency-scanning (push) Successful in 28s
Details
CI / docs (push) Has been skipped
Details
CI / deploy (push) Has been skipped
Details
CI / ruff (push) Successful in 9s
Details
feat: implement complete RBAC access control with tests 
Add 4-layer access control stack (subscription → module → menu → permissions):
- P1: Wire requires_permission into menu sidebar filtering
- P2: Expose window.USER_PERMISSIONS for Alpine.js client-side gating
- P3: Add page-level permission guards on store routes
- P4: Role CRUD API endpoints and role editor UI
- P5: Audit trail for all role/permission changes

Includes unit tests (menu permission filtering, role CRUD service) and
integration tests (role API endpoints). All 404 core+tenancy tests pass.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-26 18:26:59 +01:00

180 lines
5.9 KiB
Python
Raw Blame History

# app/modules/catalog/definition.py
"""Catalog module definition."""
from app.modules.base import (
MenuItemDefinition,
MenuSectionDefinition,
ModuleDefinition,
PermissionDefinition,
)
from app.modules.enums import FrontendType
# =============================================================================
# Router Lazy Imports
# =============================================================================
def _get_admin_router():
"""Lazy import of admin router to avoid circular imports."""
from app.modules.catalog.routes.api.admin import admin_router
return admin_router
def _get_store_router():
"""Lazy import of store router to avoid circular imports."""
from app.modules.catalog.routes.api.store import store_router
return store_router
def _get_metrics_provider():
"""Lazy import of metrics provider to avoid circular imports."""
from app.modules.catalog.services.catalog_metrics import catalog_metrics_provider
return catalog_metrics_provider
def _get_feature_provider():
"""Lazy import of feature provider to avoid circular imports."""
from app.modules.catalog.services.catalog_features import catalog_feature_provider
return catalog_feature_provider
def _get_media_usage_provider():
"""Lazy import of media usage provider to avoid circular imports."""
from app.modules.catalog.services.product_media_service import product_media_service
return product_media_service
# Catalog module definition
catalog_module = ModuleDefinition(
code="catalog",
name="Product Catalog",
description="Product catalog browsing and search for storefronts",
version="1.0.0",
is_self_contained=True,
requires=[], # inventory imports are for response enrichment only (inventory → catalog is the real dependency)
migrations_path="migrations",
features=[
"product_catalog", # Core product catalog functionality
"product_search", # Search and filtering
"product_variants", # Product variants management
"product_categories", # Category organization
"product_attributes", # Custom attributes
"product_import_export", # Bulk import/export
],
# Module-driven permissions
permissions=[
PermissionDefinition(
id="products.view",
label_key="catalog.permissions.products_view",
description_key="catalog.permissions.products_view_desc",
category="products",
),
PermissionDefinition(
id="products.create",
label_key="catalog.permissions.products_create",
description_key="catalog.permissions.products_create_desc",
category="products",
),
PermissionDefinition(
id="products.edit",
label_key="catalog.permissions.products_edit",
description_key="catalog.permissions.products_edit_desc",
category="products",
),
PermissionDefinition(
id="products.delete",
label_key="catalog.permissions.products_delete",
description_key="catalog.permissions.products_delete_desc",
category="products",
),
PermissionDefinition(
id="products.import",
label_key="catalog.permissions.products_import",
description_key="catalog.permissions.products_import_desc",
category="products",
),
PermissionDefinition(
id="products.export",
label_key="catalog.permissions.products_export",
description_key="catalog.permissions.products_export_desc",
category="products",
),
],
# Module-driven menu definitions
menus={
FrontendType.STORE: [
MenuSectionDefinition(
id="products",
label_key="catalog.menu.products_inventory",
icon="package",
order=10,
items=[
MenuItemDefinition(
id="products",
label_key="catalog.menu.all_products",
icon="shopping-bag",
route="/store/{store_code}/products",
order=10,
is_mandatory=True,
requires_permission="products.view",
),
],
),
],
FrontendType.STOREFRONT: [
MenuSectionDefinition(
id="nav",
label_key=None,
order=10,
items=[
MenuItemDefinition(
id="products",
label_key="storefront.nav.products",
icon="shopping-bag",
route="products",
order=10,
),
],
),
MenuSectionDefinition(
id="actions",
label_key=None,
order=10,
items=[
MenuItemDefinition(
id="search",
label_key="storefront.actions.search",
icon="search",
route="",
order=10,
),
],
),
],
},
# Metrics provider for dashboard statistics
metrics_provider=_get_metrics_provider,
feature_provider=_get_feature_provider,
media_usage_provider=_get_media_usage_provider,
)
def get_catalog_module_with_routers() -> ModuleDefinition:
"""
Get catalog module with routers attached.
This function attaches the routers lazily to avoid circular imports
during module initialization.
"""
catalog_module.admin_router = _get_admin_router()
catalog_module.store_router = _get_store_router()
return catalog_module
__all__ = ["catalog_module", "get_catalog_module_with_routers"]
Reference in New Issue View Git Blame Copy Permalink