feat(admin): implement group-centric relations and system/module/company linkage views

2026-03-30 19:38:49 +08:00
parent 35ffff1d19
commit 61cab48fca
5 changed files with 378 additions and 16 deletions
--- a/app/schemas/catalog.py
+++ b/app/schemas/catalog.py
@@ -1,4 +1,5 @@
 from pydantic import BaseModel
+from typing import Literal


 class SystemCreateRequest(BaseModel):
@@ -134,11 +135,41 @@ class PermissionGroupPermissionItem(BaseModel):
    id: str
    system: str
    module: str
-    action: str
-    scope_type: str
+    action: Literal["view", "edit"]
+    scope_type: Literal["site"]
    scope_id: str


 class MemberPermissionGroupsResponse(BaseModel):
    authentik_sub: str
    group_keys: list[str]
+
+
+class GroupBindingUpdateRequest(BaseModel):
+    site_keys: list[str]
+    system_keys: list[str]
+    module_keys: list[str]
+    member_subs: list[str]
+    actions: list[Literal["view", "edit"]]
+
+
+class GroupBindingSnapshot(BaseModel):
+    group_key: str
+    site_keys: list[str]
+    system_keys: list[str]
+    module_keys: list[str]
+    member_subs: list[str]
+    actions: list[Literal["view", "edit"]]
+
+
+class GroupRelationItem(BaseModel):
+    group_key: str
+    group_name: str
+    status: str
+
+
+class MemberRelationItem(BaseModel):
+    authentik_sub: str
+    email: str | None = None
+    display_name: str | None = None
+    is_active: bool
--- a/app/schemas/permissions.py
+++ b/app/schemas/permissions.py
@@ -1,34 +1,38 @@
 from datetime import datetime
+from typing import Literal

 from pydantic import BaseModel

+ActionType = Literal["view", "edit"]
+ScopeType = Literal["site"]
+

 class PermissionGrantRequest(BaseModel):
    authentik_sub: str
    email: str | None = None
    display_name: str | None = None
-    scope_type: str
+    scope_type: ScopeType
    scope_id: str
    system: str
    module: str | None = None
-    action: str
+    action: ActionType


 class PermissionRevokeRequest(BaseModel):
    authentik_sub: str
-    scope_type: str
+    scope_type: ScopeType
    scope_id: str
    system: str
    module: str | None = None
-    action: str
+    action: ActionType


 class PermissionItem(BaseModel):
-    scope_type: str
+    scope_type: ScopeType
    scope_id: str
    system: str | None = None
    module: str
-    action: str
+    action: ActionType


 class PermissionSnapshotResponse(BaseModel):
@@ -41,11 +45,11 @@ class DirectPermissionRow(BaseModel):
    authentik_sub: str
    email: str | None = None
    display_name: str | None = None
-    scope_type: str
+    scope_type: ScopeType
    scope_id: str
    system: str | None = None
    module: str | None = None
-    action: str
+    action: ActionType
    created_at: datetime