feat(role_management): add delete permission api

2025-07-21 10:33:15 +08:00 · 2025-07-21 10:33:15 +08:00 · 4f39f888c4
commit 4f39f888c4
parent ca0bfb155f
4 changed files with 45 additions and 3 deletions
--- a/apps/authentication/backend/infra/permission/permission_handler.py
+++ b/apps/authentication/backend/infra/permission/permission_handler.py
@ -2,7 +2,7 @@ from typing import Optional, List, Tuple
 from fastapi.exceptions import RequestValidationError
-from backend.models.permission.models import PermissionDoc
+from backend.models.permission.models import PermissionDoc, RoleDoc
 from beanie import PydanticObjectId
 from datetime import datetime
@ -74,3 +74,16 @@ class PermissionHandler:
        total = await cursor.count()
        docs = await cursor.skip(skip).limit(limit).to_list()
        return docs, total
    async def delete_permission(self, permission_id: PydanticObjectId) -> None:
        """Delete a permission document after checking if it is referenced by any role"""
        if not permission_id:
            raise RequestValidationError("permission_id is required.")
        # Check if any role references this permission
        role = await RoleDoc.find_one({"permission_ids": str(permission_id)})
        if role:
            raise RequestValidationError("Permission is referenced by a role and cannot be deleted.")
        doc = await PermissionDoc.get(permission_id)
        if not doc:
            raise RequestValidationError("Permission not found.")
        await doc.delete()
--- a/apps/authentication/backend/services/permission/permission_service.py
+++ b/apps/authentication/backend/services/permission/permission_service.py
@ -30,3 +30,7 @@ class PermissionService:
            "page": page,
            "page_size": page_size
        }
    async def delete_permission(self, permission_id: str) -> None:
        """Delete a permission document after checking if it is referenced by any role"""
        return await self.permission_handler.delete_permission(PydanticObjectId(permission_id))
--- a/apps/authentication/webapi/routes/permission/init.py
+++ b/apps/authentication/webapi/routes/permission/init.py
@ -2,6 +2,7 @@ from fastapi import APIRouter
 from .create_permission import router as cp_router
 from .query_permission import router as qp_router
 from .update_permission import router as up_router
 from .delete_permission import router as delp_router
 router = APIRouter()
@ -9,3 +10,4 @@ router = APIRouter()
 router.include_router(cp_router, prefix="/permission", tags=["permission"])
 router.include_router(qp_router, prefix="/permission", tags=["permission"])
 router.include_router(up_router, prefix="/permission", tags=["permission"])
 router.include_router(delp_router, prefix="/permission", tags=["permission"])
--- a/apps/authentication/webapi/routes/permission/delete_permission.py
+++ b/apps/authentication/webapi/routes/permission/delete_permission.py
@ -0,0 +1,23 @@
 from fastapi import APIRouter
 from pydantic import BaseModel
 from backend.services.permission.permission_service import PermissionService
 router = APIRouter()
 permission_service = PermissionService()
 class DeletePermissionRequest(BaseModel):
    permission_id: str
 class DeletePermissionResponse(BaseModel):
    success: bool
@router.post(
    "/delete",
    response_model=DeletePermissionResponse,
    operation_id="delete-permission",
    summary="Delete Permission",
    description="Delete a permission after checking if it is referenced by any role."
 )
 async def delete_permission(req: DeletePermissionRequest) -> DeletePermissionResponse:
    await permission_service.delete_permission(req.permission_id)
    return DeletePermissionResponse(success=True)