flip_api.db.models.user_models
==============================

.. py:module:: flip_api.db.models.user_models


Classes
-------

.. autoapisummary::

   flip_api.db.models.user_models.Permission
   flip_api.db.models.user_models.PermissionRef
   flip_api.db.models.user_models.RoleRef
   flip_api.db.models.user_models.UserRole
   flip_api.db.models.user_models.Role
   flip_api.db.models.user_models.RolePermission
   flip_api.db.models.user_models.UsersAudit


Module Contents
---------------

.. py:class:: Permission

   Bases: :py:obj:`sqlmodel.SQLModel`


   Permission table.


   .. py:attribute:: __tablename__
      :value: 'permission'



   .. py:attribute:: id
      :type:  uuid.UUID


   .. py:attribute:: permission_name
      :type:  str


   .. py:attribute:: permission_description
      :type:  str


   .. py:method:: __repr__()


.. py:class:: PermissionRef(*args, **kwds)

   Bases: :py:obj:`enum.Enum`


   Enum for predefined permissions.

   Values are real :class:`UUID` objects, not strings. Consumers should
   pass ``.value`` directly to SQLModel UUID columns or compare against
   UUIDs fetched from the DB — no ``UUID(...)`` wrapping needed.


   .. py:attribute:: CAN_ACCESS_ADMIN_PANEL


   .. py:attribute:: CAN_APPROVE_PROJECTS


   .. py:attribute:: CAN_CREATE_PROJECTS


   .. py:attribute:: CAN_DELETE_ANY_PROJECT


   .. py:attribute:: CAN_MANAGE_DEPLOYMENTS


   .. py:attribute:: CAN_MANAGE_PROJECTS


   .. py:attribute:: CAN_MANAGE_SITE_BANNER


   .. py:attribute:: CAN_MANAGE_USERS


   .. py:attribute:: CAN_UNSTAGE_PROJECTS


.. py:class:: RoleRef(*args, **kwds)

   Bases: :py:obj:`enum.Enum`


   Enum for predefined roles.

   Values are real :class:`UUID` objects, not strings. See
   :class:`PermissionRef` for the same contract.


   .. py:attribute:: ADMIN


   .. py:attribute:: RESEARCHER


   .. py:attribute:: OBSERVER


.. py:class:: UserRole

   Bases: :py:obj:`sqlmodel.SQLModel`


   User role mapping table.

   ``user_id`` holds a Cognito ``sub`` UUID. There is intentionally no FK to
   a local users table — Cognito is the source of truth for user identity.


   .. py:attribute:: __tablename__
      :value: 'user_role'



   .. py:attribute:: user_id
      :type:  uuid.UUID


   .. py:attribute:: role_id
      :type:  uuid.UUID


.. py:class:: Role

   Bases: :py:obj:`sqlmodel.SQLModel`


   Role table.


   .. py:attribute:: __tablename__
      :value: 'roles'



   .. py:attribute:: id
      :type:  uuid.UUID


   .. py:attribute:: name
      :type:  str


   .. py:attribute:: description
      :type:  str


   .. py:attribute:: created_at
      :type:  datetime.datetime


   .. py:attribute:: updated_at
      :type:  datetime.datetime


.. py:class:: RolePermission

   Bases: :py:obj:`sqlmodel.SQLModel`


   Role permission mapping table.


   .. py:attribute:: __tablename__
      :value: 'role_permission'



   .. py:attribute:: id
      :type:  uuid.UUID


   .. py:attribute:: role_id
      :type:  uuid.UUID


   .. py:attribute:: permission_id
      :type:  uuid.UUID


.. py:class:: UsersAudit

   Bases: :py:obj:`sqlmodel.SQLModel`


   Audit table for user changes.


   .. py:attribute:: __tablename__
      :value: 'users_audit'



   .. py:attribute:: id
      :type:  uuid.UUID


   .. py:attribute:: action
      :type:  str


   .. py:attribute:: user_id
      :type:  uuid.UUID


   .. py:attribute:: modified_by_user_id
      :type:  uuid.UUID


   .. py:attribute:: timestamp
      :type:  datetime.datetime