refactor: rebuild backend around role-site authorization model

2026-04-02 23:58:13 +08:00
parent e2dd3ce106
commit 1e1d913103
46 changed files with 1645 additions and 2289 deletions
--- a/backend/app/models/site.py
+++ b/backend/app/models/site.py
@@ -14,7 +14,9 @@ class Site(Base):
    id: Mapped[str] = mapped_column(UUID(as_uuid=False), primary_key=True, default=lambda: str(uuid4()))
    site_key: Mapped[str] = mapped_column(String(128), unique=True, nullable=False, index=True)
    company_id: Mapped[str] = mapped_column(UUID(as_uuid=False), ForeignKey("companies.id", ondelete="CASCADE"), nullable=False)
-    name: Mapped[str] = mapped_column(String(255), nullable=False)
+    display_name: Mapped[str] = mapped_column(String(255), nullable=False)
+    domain: Mapped[str | None] = mapped_column(String(255))
+    idp_group_id: Mapped[str | None] = mapped_column(String(128))
    status: Mapped[str] = mapped_column(String(16), nullable=False, default="active")
    created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), server_default=func.now(), nullable=False)
    updated_at: Mapped[datetime] = mapped_column(