U t;h1@srddlmZmZddlmZddlmZmZmZm Z ddl m Z ddl m Z Gddde e ZGdd d eZd S) )DocumentPydanticObjectId)Field)OptionalListDictAny)datetime)Enumc@seZdZdZdZdZdZdS)RoleTypesystemZcustomZ departmentprojectN)__name__ __module__ __qualname__SYSTEMCUSTOMZ DEPARTMENTZPROJECTrrB/var/www/html/Mana-Pige/backend/account-service/app/models/role.pyr sr c@seZdZUeddddZeed<eed<dZeeed<e j Z e ed <d Z e ed <d Ze ed <d Ze ed<eedZeeed<dZeeed<eedZeeed<dZeeed<dZeeed<eejdZeed<eejdZeed<dZeeed<dZeeed<dZeed<ee dZ!e"ee#fed<GdddZ$GdddZ%e&d d!Z'eed"d#d$Z(ed%d&d'Z)ed%d(d)Z*ed"d*d+Z+e d"d,d-Z,ee d.d/d0Z-edd"d1d2Z.edd"d3d4Z/e&edd"d5d6Z0dS)7Role.2) min_length max_lengthname display_nameN description role_typeT is_activeF is_defaultis_system_role)default_factory permissions parent_role child_roles max_users expires_at created_at updated_at created_bycolorrprioritycustom_propertiesc@seZdZdZdS)z Role.ConfigTN)rrrarbitrary_types_allowedrrrrConfig.sr.c@s"eZdZdZdddddddgZd S) z Role.SettingsZrolesrrrrr r'r+N)rrrrindexesrrrrSettings1sr0csdddtjdddddd d d d d gddddtjdddddd d d gddddtjddddd gddddtjddddd d!gd" d#d$d%tjdd&d'gdg}|D]:}||j|d(kId)H}|s|f|}|Id)Hqd)S)*zCreate default system rolesZ super_adminzSuper Administratorz'Full system access with all permissionsTiz#FF0000z system.adminz user.adminzprofile.read.allzprofile.write.allzanalytics.readzsystem.settings.readzsystem.settings.write)rrrrr r+r*r"admin Administratorz(Administrative access to user managementiz#FFA500z user.readz user.writeZ moderatorZ Moderatorz&Content moderation and user managementi z#00FF00userz Regular Userz$Standard user with basic permissionsdz#0000FFzprofile.read.ownzprofile.write.own) rrrrr rr+r*r"ZguestZGuestzLimited access for guest usersrz#808080rN)r rfind_onersave)clsZ system_rolesZ role_dataexistingrolerrrcreate_system_roles=sJ zRole.create_system_roles)returncsLt|j}|jrDttj|jkIdH}|rD|IdH}||t|S)z9Get all permissions including inherited from parent rolesN) setr"r#rr5rget_all_permissionsupdatelist)selfZall_permissionsparentZparent_permissionsrrrr=s  zRole.get_all_permissions)permission_namecs2||jkr.|j|t|_|IdHdS)zAdd a permission to this roleN)r"appendr utcnowr(r6r@rBrrradd_permissions   zRole.add_permissioncs2||jkr.|j|t|_|IdHdS)z"Remove a permission from this roleN)r"remover rDr(r6rErrrremove_permissions   zRole.remove_permissioncs0ddlm}||j|jk|jdkIdHS)z"Get number of users with this roler)UserRoleTN)app.models.user_rolerIfind role_namerrcount)r@rIrrrget_user_counts   zRole.get_user_countcs"|js dS|IdH}||jkS)z+Check if role can be assigned to more usersTN)r%rN)r@Z current_countrrrcan_assign_to_userszRole.can_assign_to_user)rBr;cCs ||jkS)z'Check if role has a specific permission)r"rErrrhas_permissionszRole.has_permissioncs0|js gStdd|jiitjdkIdHS)zGet all child rolesrz$inTN)r$rrKrto_listr@rrrget_child_roless  zRole.get_child_rolescs"|js dSttj|jkIdHS)zGet parent role if existsN)r#rr5rrRrrrget_parent_roleszRole.get_parent_rolecs||jdk|jdkIdHS)z"Get the default role for new usersTN)r5rr)r7rrrget_default_roleszRole.get_default_role)1rrrrrstr__annotations__rrr rrrboolrr r?r"rr#r$r%intr&r rDr'r(r)rr*r+dictr,rrr.r0 classmethodr:r=rFrHrNrOrPrSrTrUrrrrr s@       R  rN)beanierrpydanticrtypingrrrrr enumr rVr rrrrrs