flip_api.db.models.user_models
Classes
Permission table. |
|
Enum for predefined permissions. |
|
Enum for predefined roles. |
|
User role mapping table. |
|
Role table. |
|
Role permission mapping table. |
|
Audit table for user changes. |
Module Contents
- class flip_api.db.models.user_models.Permission
Bases:
sqlmodel.SQLModelPermission table.
- __tablename__ = 'permission'
- id: uuid.UUID
- permission_name: str
- permission_description: str
- __repr__()
- class flip_api.db.models.user_models.PermissionRef(*args, **kwds)
Bases:
enum.EnumEnum for predefined permissions.
Values are real
UUIDobjects, not strings. Consumers should pass.valuedirectly to SQLModel UUID columns or compare against UUIDs fetched from the DB — noUUID(...)wrapping needed.- CAN_ACCESS_ADMIN_PANEL
- CAN_APPROVE_PROJECTS
- CAN_CREATE_PROJECTS
- CAN_DELETE_ANY_PROJECT
- CAN_MANAGE_DEPLOYMENTS
- CAN_MANAGE_PROJECTS
- CAN_MANAGE_SITE_BANNER
- CAN_MANAGE_USERS
- CAN_UNSTAGE_PROJECTS
- class flip_api.db.models.user_models.RoleRef(*args, **kwds)
Bases:
enum.EnumEnum for predefined roles.
Values are real
UUIDobjects, not strings. SeePermissionReffor the same contract.- ADMIN
- RESEARCHER
- OBSERVER
- class flip_api.db.models.user_models.UserRole
Bases:
sqlmodel.SQLModelUser role mapping table.
user_idholds a CognitosubUUID. There is intentionally no FK to a local users table — Cognito is the source of truth for user identity.- __tablename__ = 'user_role'
- user_id: uuid.UUID
- role_id: uuid.UUID
- class flip_api.db.models.user_models.Role
Bases:
sqlmodel.SQLModelRole table.
- __tablename__ = 'roles'
- id: uuid.UUID
- name: str
- description: str
- created_at: datetime.datetime
- updated_at: datetime.datetime