member/member-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove duplicate internal permissions snapshot API

Browse Source
This commit is contained in:
Chris
2026-04-03 02:46:55 +08:00
parent 955019e8d7
commit daa21e81a9
3 changed files with 3 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
backend/README.md
View File

@@ -57,5 +57,4 @@ psql "$DATABASE_URL" -f scripts/init_schema.sql
- `GET /internal/members`
- `POST /internal/users/upsert-by-sub`
- `GET /internal/users/{user_sub}/roles`
- `GET /internal/permissions/{user_sub}/snapshot`
- `POST /internal/idp/users/ensure`

18
backend/app/api/internal.py
View File

@@ -7,11 +7,9 @@ from app.repositories.users_repo import UsersRepository
from app.repositories.user_sites_repo import UserSitesRepository
from app.schemas.idp_admin import ProviderEnsureUserRequest, ProviderEnsureUserResponse
from app.schemas.internal import InternalUpsertUserBySubResponse, InternalUserRoleItem, InternalUserRoleResponse
from app.schemas.permissions import RoleSnapshotResponse
from app.schemas.users import UserUpsertBySubRequest
from app.security.api_client_auth import require_api_client
from app.services.idp_admin_service import ProviderAdminService
from app.services.permission_service import PermissionService
from app.services.runtime_cache import runtime_cache
router = APIRouter(prefix="/internal", tags=["internal"], dependencies=[Depends(require_api_client)])
@@ -104,22 +102,6 @@ def get_user_roles(user_sub: str, db: Session = Depends(get_db)) -> InternalUser
return result
@router.get("/permissions/{user_sub}/snapshot", response_model=RoleSnapshotResponse)
def get_permission_snapshot(
user_sub: str,
db: Session = Depends(get_db),
) -> RoleSnapshotResponse:
cache_key = f"internal:permissions_snapshot:{user_sub}"
cached = runtime_cache.get(cache_key)
if isinstance(cached, RoleSnapshotResponse):
return cached
rows = _build_user_role_rows(db, user_sub)
result = PermissionService.build_role_snapshot(user_sub=user_sub, rows=rows)
runtime_cache.set(cache_key, result, ttl_seconds=30)
return result
@router.post("/provider/users/ensure", response_model=ProviderEnsureUserResponse)
@router.post("/idp/users/ensure", response_model=ProviderEnsureUserResponse, include_in_schema=False)
@router.post("/keycloak/users/ensure", response_model=ProviderEnsureUserResponse, include_in_schema=False)

7
docs/INTERNAL_API_HANDOFF.md
View File

@@ -21,10 +21,9 @@
5. `GET /internal/members`
6. `POST /internal/users/upsert-by-sub`
7. `GET /internal/users/{user_sub}/roles`
8. `GET /internal/permissions/{user_sub}/snapshot`(相容路徑,回 role 聚合資料)
9. `POST /internal/provider/users/ensure`
10. `POST /internal/idp/users/ensure`(舊路徑相容,不建議新串接使用)
11. `POST /internal/keycloak/users/ensure`(舊路徑相容,不建議新串接使用)
8. `POST /internal/provider/users/ensure`
9. `POST /internal/idp/users/ensure`(舊路徑相容,不建議新串接使用)
10. `POST /internal/keycloak/users/ensure`(舊路徑相容,不建議新串接使用)
## 角色聚合回應(`GET /internal/users/{user_sub}/roles`
```json