Idra-Informatica/PecHub
1
0
Fork 0
mirror of https://github.com/idrainformatica/PecFlow.git synced 2026-06-16 20:55:41 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
06dfbfcbc466ad00c9cbb7d954c0903b10101ce1
PecHub/backend/app/schemas/permission.py
T
mgiustini 58a233236c feat: Fase 1 – Fondamenta complete (backend FastAPI + auth + permessi) 
- docker-compose.yml: PostgreSQL 16, Redis 7, MinIO, Nginx
- backend FastAPI: struttura monorepo, config pydantic-settings
- modelli SQLAlchemy: tutti i modelli (tenants, users, mailboxes, messages, archival, permissions, labels, audit_log)
- migrazione Alembic 0001: schema completo in pure SQL
- auth API: login JWT, refresh token rotation, logout, 2FA TOTP (setup/verify/disable)
- CRUD utenti: lista, crea, modifica, reset password, soft delete
- permessi granulari (Fase 1-A): mailbox_permissions, assegna/revoca/lista
- CRUD tenant: gestione super-admin
- sicurezza: AES-256-GCM cifratura credenziali IMAP/SMTP, bcrypt password
- RLS PostgreSQL: isolamento multi-tenant per request
- seed sviluppo: tenant demo + admin + operator
- test unit: security (bcrypt, JWT, AES), auth_service
- test integration: auth endpoints, users endpoints
- CI GitHub Actions: lint (ruff), test (pytest), build Docker, security scan
- infra: nginx.conf, redis.conf
- Makefile con comandi make dev/test/migrate/seed

Definition of Done:
 Login, refresh token e TOTP funzionanti
 make dev porta in piedi tutto lo stack locale
 CI configurata
2026-03-18 16:42:01 +01:00

51 lines
1.1 KiB
Python
Raw Blame History

"""
Schema Pydantic per permessi granulari casella (Fase 1-A).
"""
import uuid
from datetime import datetime
from pydantic import BaseModel
class PermissionGrantRequest(BaseModel):
can_read: bool = True
can_send: bool = False
can_manage: bool = False
class PermissionResponse(BaseModel):
id: uuid.UUID
tenant_id: uuid.UUID
user_id: uuid.UUID
mailbox_id: uuid.UUID
can_read: bool
can_send: bool
can_manage: bool
granted_by: uuid.UUID | None
granted_at: datetime
model_config = {"from_attributes": True}
class UserMailboxPermissionResponse(BaseModel):
"""Vista utente: caselle accessibili con relativi permessi."""
mailbox_id: uuid.UUID
mailbox_email: str
mailbox_display_name: str | None
can_read: bool
can_send: bool
can_manage: bool
class MailboxUserPermissionResponse(BaseModel):
"""Vista casella: utenti con accesso."""
user_id: uuid.UUID
user_email: str
user_full_name: str
user_role: str
can_read: bool
can_send: bool
can_manage: bool
granted_at: datetime
Reference in New Issue View Git Blame Copy Permalink