import logging from backend.models.permission import PermissionDoc, RoleDoc from backend.models.permission.constants import DefaultPermissionEnum, DefaultRoleEnum def register(app): # Configure logging for pymongo logging.getLogger("init_admin_permission").setLevel(logging.INFO) # Suppress DEBUG logs @app.on_event("startup") async def init_admin_permission(): # Initialize all permissions if not exist permission_id_map = {} for default_permission in DefaultPermissionEnum: if not await PermissionDoc.find_one( {str(PermissionDoc.permission_key): default_permission.value.permission_key}): doc = await PermissionDoc( permission_key=default_permission.value.permission_key, permission_name=default_permission.value.permission_name, description=default_permission.value.permission_description, is_default=True, ).insert() permission_id_map[default_permission.value.permission_key] = str(doc.id) else: # Get existing permission ID existing_doc = await PermissionDoc.find_one( {str(PermissionDoc.permission_key): default_permission.value.permission_key}) permission_id_map[default_permission.value.permission_key] = str(existing_doc.id) logging.info(f"default permissions initialized {list(permission_id_map.keys())}") # Define role permission mappings based on the provided data role_permission_mappings = { DefaultRoleEnum.ADMIN: [ DefaultPermissionEnum.PUBLISH_ALPHA, DefaultPermissionEnum.PUBLISH_PRODUCTION, DefaultPermissionEnum.INVITE_COLLABORATOR, DefaultPermissionEnum.EDIT_PRODUCT, DefaultPermissionEnum.ACCESS_GIT_REPOSITORIES, DefaultPermissionEnum.ACCESS_ISSUE_MANAGEMENT, DefaultPermissionEnum.OPEN_BUGS, DefaultPermissionEnum.QA_FAILED_PASSED, DefaultPermissionEnum.QA_TEST_REPORTS ], DefaultRoleEnum.OPERATOR: [ DefaultPermissionEnum.PUBLISH_ALPHA, DefaultPermissionEnum.PUBLISH_PRODUCTION, DefaultPermissionEnum.EDIT_PRODUCT, DefaultPermissionEnum.ACCESS_GIT_REPOSITORIES, DefaultPermissionEnum.ACCESS_ISSUE_MANAGEMENT, DefaultPermissionEnum.OPEN_BUGS, DefaultPermissionEnum.QA_FAILED_PASSED, DefaultPermissionEnum.QA_TEST_REPORTS, ], DefaultRoleEnum.DEVELOPER: [ DefaultPermissionEnum.ACCESS_GIT_REPOSITORIES, DefaultPermissionEnum.ACCESS_ISSUE_MANAGEMENT, DefaultPermissionEnum.PUBLISH_ALPHA, ], DefaultRoleEnum.QA: [ DefaultPermissionEnum.OPEN_BUGS, DefaultPermissionEnum.QA_FAILED_PASSED, DefaultPermissionEnum.QA_TEST_REPORTS, ], } # Initialize roles if not exist default_role_ids = [] for default_role in DefaultRoleEnum: if not await RoleDoc.find_one({str(RoleDoc.role_key): default_role.value.role_key}): # Get permission IDs for this role role_permission_ids = [] if default_role in role_permission_mappings: for permission in role_permission_mappings[default_role]: if permission.value.permission_key in permission_id_map: role_permission_ids.append(permission_id_map[permission.value.permission_key]) doc = await RoleDoc( role_key=default_role.value.role_key, role_name=default_role.value.role_name, role_description=default_role.value.role_description, permission_ids=role_permission_ids, role_level=default_role.value.role_level, is_default=True, ).insert() default_role_ids.append(str(doc.id)) logging.info(f"default roles initialized {default_role_ids}")