fix(module-key): make module keys standalone MD format with system_key relation

app/repositories/modules_repo.py

@@ -18,8 +18,8 @@ class ModulesRepository:
         stmt = stmt.order_by(Module.created_at.desc()).limit(limit).offset(offset)
         return list(self.db.scalars(stmt).all()), int(self.db.scalar(count_stmt) or 0)
 
-    def create(self, module_key: str, name: str, status: str = "active") -> Module:
-        item = Module(module_key=module_key, name=name, status=status)
+    def create(self, module_key: str, system_key: str, name: str, status: str = "active") -> Module:
+        item = Module(module_key=module_key, system_key=system_key, name=name, status=status)
         self.db.add(item)
         self.db.commit()
         self.db.refresh(item)

app/repositories/permission_groups_repo.py

@@ -1,7 +1,5 @@
 from __future__ import annotations
 
-from collections import defaultdict
-
 from sqlalchemy import delete, func, select
 from sqlalchemy.orm import Session
 
@@ -142,17 +140,16 @@ class PermissionGroupsRepository:
         normalized_actions = [a for a in list(dict.fromkeys(actions)) if a in {"view", "edit"}]
         normalized_member_subs = list(dict.fromkeys([s for s in member_subs if s]))
 
-        modules_by_system: dict[str, list[str]] = defaultdict(list)
-        for full_module_key in list(dict.fromkeys([m for m in module_keys if m])):
-            if "." not in full_module_key:
-                continue
-            system_key, module_name = full_module_key.split(".", 1)
-            if module_name == "__system__":
-                continue
-            modules_by_system[system_key].append(module_name)
-
         normalized_systems = set([s for s in system_keys if s])
-        normalized_systems.update(modules_by_system.keys())
+        module_pairs = []
+        for pair in module_keys:
+            if "|" not in pair:
+                continue
+            system_key, module_key = pair.split("|", 1)
+            if not system_key or not module_key:
+                continue
+            module_pairs.append((system_key, module_key))
+            normalized_systems.add(system_key)
 
         self.db.execute(delete(PermissionGroupPermission).where(PermissionGroupPermission.group_id == group_id))
         self.db.execute(delete(PermissionGroupMember).where(PermissionGroupMember.group_id == group_id))
@@ -163,7 +160,7 @@ class PermissionGroupsRepository:
         for site_key in normalized_sites:
             for action in normalized_actions:
                 for system_key in sorted(normalized_systems):
-                    module_names = modules_by_system.get(system_key) or ["__system__"]
+                    module_names = [m for s, m in module_pairs if s == system_key] or ["__system__"]
                     for module_name in module_names:
                         self.db.add(
                             PermissionGroupPermission(
@@ -185,7 +182,7 @@ class PermissionGroupsRepository:
         actions = sorted({p.action for p in permissions if p.action in {"view", "edit"}})
         module_keys = sorted(
             {
-                p.module if "." in p.module else f"{p.system}.{p.module}"
+                f"{p.system}|{p.module}"
                 for p in permissions
                 if p.module and p.module != "__system__"
             }

app/repositories/permissions_repo.py

@@ -21,6 +21,7 @@ class PermissionsRepository:
                 UserScopePermission.scope_type,
                 Company.company_key,
                 Site.site_key,
+                Module.system_key,
                 Module.module_key,
                 UserScopePermission.action,
             )
@@ -55,13 +56,10 @@ class PermissionsRepository:
             if source == "group":
                 _, scope_type, scope_id, system_key, module_key, action = row
                 if module_key == "__system__":
-                    module_key = f"{system_key}.__system__"
-                elif module_key and "." not in module_key:
-                    module_key = f"{system_key}.{module_key}"
+                    module_key = f"__system__{system_key}"
             else:
-                _, scope_type, company_key, site_key, module_key, action = row
+                _, scope_type, company_key, site_key, system_key, module_key, action = row
                 scope_id = company_key if scope_type == "company" else site_key
-                system_key = module_key.split(".", 1)[0] if isinstance(module_key, str) and "." in module_key else None
             key = (scope_type, scope_id or "", system_key, module_key, action)
             if key in dedup:
                 continue
@@ -146,6 +144,7 @@ class PermissionsRepository:
                 UserScopePermission.scope_type,
                 Company.company_key,
                 Site.site_key,
+                Module.system_key,
                 Module.module_key,
                 UserScopePermission.action,
                 UserScopePermission.created_at,
@@ -200,14 +199,14 @@ class PermissionsRepository:
                 row_scope_type,
                 company_key,
                 site_key,
+                system_key,
                 module_key,
                 action,
                 created_at,
             ) = row
             scope_id = company_key if row_scope_type == "company" else site_key
-            system_key = module_key.split(".", 1)[0] if isinstance(module_key, str) and "." in module_key else None
-            module_name = module_key.split(".", 1)[1] if isinstance(module_key, str) and "." in module_key else module_key
-            if module_name == "__system__":
+            module_name = module_key
+            if isinstance(module_name, str) and module_name.startswith("__system__"):
                 module_name = None
             items.append(
                 {