sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cb3bc3c1182381b0fd98206f834ce9275878f4d3
orion/app/modules/messaging/definition.py
Samir Boulahtit cb3bc3c118
Some checks failed
CI / pytest (push) Failing after 45m29s
Details
CI / validate (push) Successful in 24s
Details
CI / dependency-scanning (push) Successful in 28s
Details
CI / docs (push) Has been skipped
Details
CI / deploy (push) Has been skipped
Details
CI / ruff (push) Successful in 9s
Details
feat: implement complete RBAC access control with tests 
Add 4-layer access control stack (subscription → module → menu → permissions):
- P1: Wire requires_permission into menu sidebar filtering
- P2: Expose window.USER_PERMISSIONS for Alpine.js client-side gating
- P3: Add page-level permission guards on store routes
- P4: Role CRUD API endpoints and role editor UI
- P5: Audit trail for all role/permission changes

Includes unit tests (menu permission filtering, role CRUD service) and
integration tests (role API endpoints). All 404 core+tenancy tests pass.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-26 18:26:59 +01:00

224 lines
7.7 KiB
Python
Raw Blame History

# app/modules/messaging/definition.py
"""
Messaging module definition.
Defines the messaging module including its features, menu items,
route configurations, and self-contained module settings.
"""
from app.modules.base import (
MenuItemDefinition,
MenuSectionDefinition,
ModuleDefinition,
PermissionDefinition,
)
from app.modules.enums import FrontendType
def _get_admin_router():
"""Lazy import of admin router to avoid circular imports."""
from app.modules.messaging.routes.admin import admin_router
return admin_router
def _get_store_router():
"""Lazy import of store router to avoid circular imports."""
from app.modules.messaging.routes.store import store_router
return store_router
def _get_feature_provider():
"""Lazy import of feature provider to avoid circular imports."""
from app.modules.messaging.services.messaging_features import (
messaging_feature_provider,
)
return messaging_feature_provider
# Messaging module definition
messaging_module = ModuleDefinition(
code="messaging",
name="Messaging & Notifications",
description=(
"Core email and notification system for user registration, password resets, "
"team invitations, and system notifications. Required for basic platform operations."
),
version="1.0.0",
features=[
"customer_messaging", # Customer communication
"internal_messages", # Internal team messages
"notification_center", # Notification management
"message_attachments", # File attachments
"admin_notifications", # System admin notifications
],
# Module-driven permissions
permissions=[
PermissionDefinition(
id="messaging.view_messages",
label_key="messaging.permissions.view_messages",
description_key="messaging.permissions.view_messages_desc",
category="messaging",
),
PermissionDefinition(
id="messaging.send_messages",
label_key="messaging.permissions.send_messages",
description_key="messaging.permissions.send_messages_desc",
category="messaging",
),
PermissionDefinition(
id="messaging.manage_templates",
label_key="messaging.permissions.manage_templates",
description_key="messaging.permissions.manage_templates_desc",
category="messaging",
),
],
menu_items={
FrontendType.ADMIN: [
"messages", # Admin messages
"notifications", # Admin notifications
],
FrontendType.STORE: [
"messages", # Store messages
"notifications", # Store notifications
],
},
# New module-driven menu definitions
menus={
FrontendType.ADMIN: [
MenuSectionDefinition(
id="platformAdmin",
label_key="messaging.menu.platform_admin",
icon="chat-bubble-left-right",
order=20,
items=[
MenuItemDefinition(
id="messages",
label_key="messaging.menu.messages",
icon="chat-bubble-left-right",
route="/admin/messages",
order=30,
),
],
),
MenuSectionDefinition(
id="monitoring",
label_key="messaging.menu.platform_monitoring",
icon="bell",
order=80,
items=[
MenuItemDefinition(
id="notifications",
label_key="messaging.menu.notifications",
icon="bell",
route="/admin/notifications",
order=40,
),
],
),
MenuSectionDefinition(
id="settings",
label_key="messaging.menu.platform_settings",
icon="mail",
order=900,
items=[
MenuItemDefinition(
id="email-templates",
label_key="messaging.menu.email_templates",
icon="mail",
route="/admin/email-templates",
order=20,
),
],
),
],
FrontendType.STORE: [
MenuSectionDefinition(
id="customers",
label_key="messaging.menu.customers",
icon="chat-bubble-left-right",
order=30,
items=[
MenuItemDefinition(
id="messages",
label_key="messaging.menu.messages",
icon="chat-bubble-left-right",
route="/store/{store_code}/messages",
order=20,
requires_permission="messaging.view_messages",
),
MenuItemDefinition(
id="notifications",
label_key="messaging.menu.notifications",
icon="bell",
route="/store/{store_code}/notifications",
order=30,
requires_permission="messaging.view_messages",
),
],
),
MenuSectionDefinition(
id="account",
label_key="messaging.menu.account_settings",
icon="mail",
order=900,
items=[
MenuItemDefinition(
id="email-templates",
label_key="messaging.menu.email_templates",
icon="mail",
route="/store/{store_code}/email-templates",
order=40,
requires_permission="messaging.manage_templates",
),
],
),
],
FrontendType.STOREFRONT: [
MenuSectionDefinition(
id="account",
label_key=None,
order=10,
items=[
MenuItemDefinition(
id="messages",
label_key="storefront.account.messages",
icon="chat-bubble-left-right",
route="account/messages",
order=50,
),
],
),
],
},
is_core=True, # Core module - email/notifications required for registration, password reset, etc.
# =========================================================================
# Self-Contained Module Configuration
# =========================================================================
is_self_contained=True,
services_path="app.modules.messaging.services",
models_path="app.modules.messaging.models",
schemas_path="app.modules.messaging.schemas",
exceptions_path="app.modules.messaging.exceptions",
migrations_path="migrations",
# Feature provider for feature flags
feature_provider=_get_feature_provider,
)
def get_messaging_module_with_routers() -> ModuleDefinition:
"""
Get messaging module with routers attached.
This function attaches the routers lazily to avoid circular imports
during module initialization.
"""
messaging_module.admin_router = _get_admin_router()
messaging_module.store_router = _get_store_router()
return messaging_module
__all__ = ["messaging_module", "get_messaging_module_with_routers"]
Reference in New Issue View Git Blame Copy Permalink