refactor: rebuild backend around role-site authorization model

app/schemas/permissions.py

@@ -1,60 +1,18 @@
-from datetime import datetime
-from typing import Literal
-
 from pydantic import BaseModel
 
-ActionType = Literal["view", "edit"]
-ScopeType = Literal["site"]
+
+class RoleSnapshotItem(BaseModel):
+    site_key: str
+    site_display_name: str
+    company_key: str
+    company_display_name: str
+    system_key: str
+    system_name: str
+    role_key: str
+    role_name: str
+    idp_role_name: str
 
 
-class PermissionGrantRequest(BaseModel):
+class RoleSnapshotResponse(BaseModel):
     user_sub: str
-    email: str | None = None
-    display_name: str | None = None
-    scope_type: ScopeType
-    scope_id: str
-    system: str
-    module: str | None = None
-    action: ActionType
-
-
-class PermissionRevokeRequest(BaseModel):
-    user_sub: str
-    scope_type: ScopeType
-    scope_id: str
-    system: str
-    module: str | None = None
-    action: ActionType
-
-
-class PermissionItem(BaseModel):
-    scope_type: ScopeType
-    scope_id: str
-    system: str | None = None
-    module: str
-    action: ActionType
-
-
-class PermissionSnapshotResponse(BaseModel):
-    user_sub: str
-    permissions: list[PermissionItem]
-
-
-class DirectPermissionRow(BaseModel):
-    permission_id: str
-    user_sub: str
-    email: str | None = None
-    display_name: str | None = None
-    scope_type: ScopeType
-    scope_id: str
-    system: str | None = None
-    module: str | None = None
-    action: ActionType
-    created_at: datetime
-
-
-class DirectPermissionListResponse(BaseModel):
-    items: list[DirectPermissionRow]
-    total: int
-    limit: int
-    offset: int
+    roles: list[RoleSnapshotItem]