Vorkout/connect
4
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: delete ps node #20

Open
ivan.dev wants to merge 6 commits from VORKOUT-29 into master
pull from: VORKOUT-29
merge into: Vorkout:master
Conversation 5 Commits 6 Files Changed 14 +619 -121
14 changed files with 619 additions and 121 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit efabd27a8a - Show all commits

17
api/api/endpoints/account.py
View File

@@ -17,7 +17,7 @@ from api.schemas.account.account import User
from api.schemas.base import bearer_schema
from api.schemas.endpoints.account import AllUserResponse, UserCreate, UserFilterDTO, UserUpdate
from api.services.auth import get_current_user
from api.services.user_role_validation import db_user_role_validation
from api.services.user_role_validation import UserRoleValidator
api_router = APIRouter(
prefix="/account",
@@ -38,7 +38,8 @@ async def get_all_account_endpoint(
connection: AsyncConnection = Depends(get_connection_dep),
current_user=Depends(get_current_user),
):
authorize_user = await db_user_role_validation(connection, current_user)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_admin(current_user)
filters = {
**({"status": status_filter} if status_filter else {}),
@@ -67,7 +68,8 @@ async def get_account_endpoint(
connection: AsyncConnection = Depends(get_connection_dep),
current_user=Depends(get_current_user),
):
authorize_user = await db_user_role_validation(connection, current_user)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_admin(current_user)
user = await get_user_by_id(connection, user_id)
@@ -83,7 +85,8 @@ async def create_account_endpoint(
connection: AsyncConnection = Depends(get_connection_dep),
current_user=Depends(get_current_user),
):
authorize_user = await db_user_role_validation(connection, current_user)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_admin(current_user)
user_validation = await get_user_by_login(connection, user.login)
@@ -104,7 +107,8 @@ async def update_account_endpoint(
connection: AsyncConnection = Depends(get_connection_dep),
current_user=Depends(get_current_user),
):
authorize_user = await db_user_role_validation(connection, current_user)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_admin(current_user)
user = await get_user_by_id(connection, user_id)
if user is None:
@@ -131,7 +135,8 @@ async def delete_account_endpoint(
connection: AsyncConnection = Depends(get_connection_dep),
current_user=Depends(get_current_user),
):
authorize_user = await db_user_role_validation(connection, current_user)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_admin(current_user)
user = await get_user_by_id(connection, user_id)
if user is None:

14
api/api/endpoints/keyring.py
View File

@@ -13,7 +13,7 @@ from api.schemas.account.account_keyring import AccountKeyring
from api.schemas.base import bearer_schema
from api.schemas.endpoints.account_keyring import AccountKeyringUpdate
from api.services.auth import get_current_user
from api.services.user_role_validation import db_user_role_validation
from api.services.user_role_validation import UserRoleValidator
api_router = APIRouter(
prefix="/keyring",
@@ -25,7 +25,8 @@ api_router = APIRouter(
async def get_keyring_endpoint(
key_id: str, connection: AsyncConnection = Depends(get_connection_dep), current_user=Depends(get_current_user)
):
authorize_user = await db_user_role_validation(connection, current_user)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_admin(current_user)
keyring = await get_key_by_id(connection, key_id)
@@ -43,7 +44,8 @@ async def create_keyring_endpoint(
connection: AsyncConnection = Depends(get_connection_dep),
current_user=Depends(get_current_user),
):
authorize_user = await db_user_role_validation(connection, current_user)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_admin(current_user)
keyring = await get_key_by_id(connection, key_id)
@@ -69,7 +71,8 @@ async def update_keyring_endpoint(
connection: AsyncConnection = Depends(get_connection_dep),
current_user=Depends(get_current_user),
):
authorize_user = await db_user_role_validation(connection, current_user)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_admin(current_user)
keyring = await get_key_by_id(connection, key_id)
if keyring is None:
@@ -94,7 +97,8 @@ async def delete_keyring_endpoint(
connection: AsyncConnection = Depends(get_connection_dep),
current_user=Depends(get_current_user),
):
authorize_user = await db_user_role_validation(connection, current_user)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_admin(current_user)
keyring = await get_key_by_id(connection, key_id)
if keyring is None:

25
api/api/endpoints/list_events.py
View File

@@ -17,10 +17,7 @@ from api.schemas.base import bearer_schema
from api.schemas.endpoints.list_events import AllListEventResponse, ListEventFilterDTO, ListEventUpdate
from api.schemas.events.list_events import ListEvent
from api.services.auth import get_current_user
from api.services.user_role_validation import (
db_user_role_validation_for_list_events_and_process_schema,
db_user_role_validation_for_list_events_and_process_schema_by_list_event_id,
)
from api.services.user_role_validation import UserRoleValidator
api_router = APIRouter(
prefix="/list_events",
@@ -54,9 +51,8 @@ async def get_all_list_events_endpoint(
filters=filters if filters else None,
)
authorize_user, page_flag = await db_user_role_validation_for_list_events_and_process_schema(
connection, current_user
)
validator = UserRoleValidator(connection)
authorize_user, page_flag = await validator.get_user(current_user)
if not page_flag:
if filter_dto.filters is None:
@@ -82,9 +78,8 @@ async def get_list_events_endpoint(
if list_events_validation is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="List events not found")
authorize_user = await db_user_role_validation_for_list_events_and_process_schema_by_list_event_id(
connection, current_user, list_events_validation.creator_id
)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_ownership(current_user, list_events_validation.creator_id)
if list_events_id is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="List events not found")
@@ -124,9 +119,8 @@ async def update_list_events(
if list_events_validation is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="List events not found")
authorize_user = await db_user_role_validation_for_list_events_and_process_schema_by_list_event_id(
connection, current_user, list_events_validation.creator_id
)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_ownership(current_user, list_events_validation.creator_id)
updated_values = list_events_update.model_dump(by_alias=True, exclude_none=True)
@@ -151,9 +145,8 @@ async def delete_list_events_endpoint(
if list_events_validation is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="List events not found")
authorize_user = await db_user_role_validation_for_list_events_and_process_schema_by_list_event_id(
connection, current_user, list_events_validation.creator_id
)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_ownership(current_user, list_events_validation.creator_id)
list_events_update = ListEventUpdate(status=EventStatus.DELETED.value)

25
api/api/endpoints/process_schema.py
View File

@@ -18,10 +18,7 @@ from api.schemas.process.process_schema import ProcessSchema, ProcessSchemaSetti
from api.schemas.process.ps_node import Ps_NodeFrontResponseNode
from api.schemas.process.ps_node import Ps_NodeFrontResponse
from api.services.auth import get_current_user
from api.services.user_role_validation import (
db_user_role_validation_for_list_events_and_process_schema,
db_user_role_validation_for_list_events_and_process_schema_by_list_event_id,
)
from api.services.user_role_validation import UserRoleValidator
from api.db.logic.ps_node import create_ps_node_schema
@@ -78,9 +75,8 @@ async def get_all_process_schema_endpoint(
filters=filters if filters else None,
)
authorize_user, page_flag = await db_user_role_validation_for_list_events_and_process_schema(
connection, current_user
)
validator = UserRoleValidator(connection)
authorize_user, page_flag = await validator.get_user(current_user)
if not page_flag:
if filter_dto.filters is None:
@@ -106,9 +102,8 @@ async def get_process_schema_endpoint(
if process_schema_validation is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Process schema not found")
authorize_user = await db_user_role_validation_for_list_events_and_process_schema_by_list_event_id(
connection, current_user, process_schema_validation.creator_id
)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_ownership(current_user, process_schema_validation.creator_id)
if process_schema_id is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Process schema not found")
@@ -190,9 +185,8 @@ async def update_process_schema_endpoint(
if process_schema_validation is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Process schema not found")
authorize_user = await db_user_role_validation_for_list_events_and_process_schema_by_list_event_id(
connection, current_user, process_schema_validation.creator_id
)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_ownership(current_user, process_schema_validation.creator_id)
updated_values = process_schema_update.model_dump(by_alias=True, exclude_none=True)
@@ -217,9 +211,8 @@ async def delete_process_schema_endpoint(
if process_schema_validation is None:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Process schema not found")
authorize_user = await db_user_role_validation_for_list_events_and_process_schema_by_list_event_id(
connection, current_user, process_schema_validation.creator_id
)
validator = UserRoleValidator(connection)
authorize_user = await validator.validate_ownership(current_user, process_schema_validation.creator_id)
process_schema_update = ProcessSchemaUpdate(status=ProcessStatus.DELETED.value)

16
api/api/endpoints/ps_node.py
View File

@@ -1,4 +1,4 @@
from fastapi import APIRouter, Depends, HTTPException, status
from fastapi import APIRouter, Depends, status
from sqlalchemy.ext.asyncio import AsyncConnection
@@ -22,9 +22,7 @@ from api.db.logic.ps_node import (
from api.db.logic.node_link import get_last_link_name_by_node_id, create_node_link_schema
from api.db.logic.process_schema import update_process_schema_settings_by_id, get_process_schema_by_id
from api.services.user_role_validation import (
db_user_role_validation_for_list_events_and_process_schema_by_list_event_id,
)
from api.services.user_role_validation import UserRoleValidator
from core import VorkNodeRegistry, VorkNodeLink
@@ -53,10 +51,9 @@ async def delete_ps_node_endpoint(
details={"schema_id": ps_node_delete_data.schema_id},
)
validator = UserRoleValidator(connection)
try:
await db_user_role_validation_for_list_events_and_process_schema_by_list_event_id(
connection, current_user, process_schema.creator_id
)
await validator.validate_ownership(current_user, process_schema.creator_id)
except Exception as e:
ivan.dev marked this conversation as resolved
mikhail.dev commented 2025-10-23 12:09:22 +05:00
Review
Copy Link

Что за любовь к длиннейшим названиям?)

Что за любовь к длиннейшим названиям?)
cyrussmeat commented 2025-10-23 16:11:50 +05:00
Review
Copy Link

Это LLM, мне кажется )

Это LLM, мне кажется )
👀 1
ivan.dev commented 2025-10-28 14:37:42 +05:00
Review
Copy Link

В каком то из прошлых ПРов раз было замечание о неинформативности названий функций, мне переименовать?

В каком то из прошлых ПРов раз было замечание о неинформативности названий функций, мне переименовать?
cyrussmeat commented 2025-10-28 16:31:01 +05:00
Review
Copy Link

Это предмет крупного рефакторинга. В основном наблюдение говорит об избыточности семантики в названиях функций, т.к. при корректном подходе к проектированию (инкапсюляция) нет необходимости повторять в методе контекстную часть как минимум (т.е. если метод сидит в классе ps_node, то повторять это в названии скорее тавтология).

Парадигма ООП и частично ФП за сохранение читаемости в условиях умолчаний.

В большинстве случаев для соблюдения уникальности семантики названия метода и переменной должно хватать схемы Императив + Объект (save_file), Предикат + Императив (can_edit, is_valid()), в исключительных случаях (если это общая библиотека функций и ресурсов) можно использовать Функция/Объект верхнего уровня + Императив + Целевой Объект.

Всё - три слова и контекст должны составлять уникальную семантику. Если не получается - значит есть проблемы в композиции и стоит сначала решить их.

Это предмет крупного рефакторинга. В основном наблюдение говорит об избыточности семантики в названиях функций, т.к. при корректном подходе к проектированию (инкапсюляция) нет необходимости повторять в методе контекстную часть как минимум (т.е. если метод сидит в классе ps_node, то повторять это в названии скорее тавтология). Парадигма ООП и частично ФП за сохранение читаемости в условиях умолчаний. В большинстве случаев для соблюдения уникальности семантики названия метода и переменной должно хватать схемы Императив + Объект (save_file), Предикат + Императив (can_edit, is_valid()), в исключительных случаях (если это общая библиотека функций и ресурсов) можно использовать Функция/Объект верхнего уровня + Императив + Целевой Объект. Всё - три слова и контекст должны составлять уникальную семантику. Если не получается - значит есть проблемы в композиции и стоит сначала решить их.
👍 1
ivan.dev commented 2025-10-28 16:38:42 +05:00
Review
Copy Link

Понял

Понял
mikhail.dev commented 2025-10-28 22:10:54 +05:00
Review
Copy Link

Согласен. Семантика в названиях должна быть отображена, но это не значит, что для её выражения требуется по 10 слов, лишь главная суть для текущего контекста.

Согласен. Семантика в названиях должна быть отображена, но это не значит, что для её выражения требуется по 10 слов, лишь главная суть для текущего контекста.
raise create_access_error(
message="Access denied",
@@ -127,10 +124,9 @@ async def create_ps_node_endpoint(
details={"schema_id": ps_node.data["ps_id"]},
)
validator = UserRoleValidator(connection)
try:
await db_user_role_validation_for_list_events_and_process_schema_by_list_event_id(
connection, current_user, process_schema.creator_id
)
await validator.validate_ownership(current_user, process_schema.creator_id)
except Exception as e:
raise create_access_error(
message="Access denied",

91
api/api/services/user_role_validation.py
View File

@@ -1,32 +1,75 @@
from fastapi import (
HTTPException,
status,
)
from fastapi import status
from orm.tables.account import AccountRole
from api.db.logic.account import get_user_by_login
from api.error import create_operation_error, create_access_error
async def db_user_role_validation(connection, current_user):
authorize_user = await get_user_by_login(connection, current_user)
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="You do not have enough permissions")
return authorize_user
class UserRoleValidator:
"""Валидатор ролей пользователей"""
def __init__(self, connection):
self.connection = connection
async def db_user_role_validation_for_list_events_and_process_schema_by_list_event_id(
connection, current_user, current_listevents_creator_id
):
authorize_user = await get_user_by_login(connection, current_user)
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
if authorize_user.id != current_listevents_creator_id:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="You do not have enough permissions")
return authorize_user
async def validate_admin(self, current_user: int):
"""Проверяет права администратора или владельца"""
try:
authorize_user = await get_user_by_login(self.connection, current_user)
except Exception as e:
raise create_operation_error(
message="User not found",
status_code=status.HTTP_404_NOT_FOUND,
details={"user_id": current_user, "error": str(e)},
)
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
raise create_access_error(
message="Insufficient permissions",
status_code=status.HTTP_403_FORBIDDEN,
details={
"user_id": current_user,
"user_role": authorize_user.role.value,
"required_roles": [AccountRole.OWNER.value, AccountRole.ADMIN.value],
},
)
async def db_user_role_validation_for_list_events_and_process_schema(connection, current_user):
authorize_user = await get_user_by_login(connection, current_user)
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
return authorize_user, False
else:
return authorize_user, True
return authorize_user
async def validate_ownership(self, current_user: int, resource_owner_id: int):
"""Проверяет владение ресурсом или права администратора"""
try:
authorize_user = await get_user_by_login(self.connection, current_user)
except Exception as e:
raise create_operation_error(
message="User not found",
status_code=status.HTTP_404_NOT_FOUND,
details={"user_id": current_user, "error": str(e)},
)
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
if authorize_user.id != resource_owner_id:
raise create_access_error(
message="Access denied",
status_code=status.HTTP_403_FORBIDDEN,
details={
"user_id": current_user,
"resource_owner_id": resource_owner_id,
"user_role": authorize_user.role.value,
"reason": "User is not the owner and does not have admin privileges",
},
)
return authorize_user
async def get_user(self, current_user: int):
"""Получает пользователя с админ-статусом"""
try:
authorize_user = await get_user_by_login(self.connection, current_user)
except Exception as e:
raise create_operation_error(
message="User not found",
status_code=status.HTTP_404_NOT_FOUND,
details={"user_id": current_user, "error": str(e)},
)
is_admin = authorize_user.role in {AccountRole.OWNER, AccountRole.ADMIN}
return authorize_user, is_admin