""" User and Role models for local user management Note: This is separate from Keycloak users - used for tracking and audit """ from sqlalchemy import Column, Integer, String, Boolean, DateTime, Table, ForeignKey from sqlalchemy.orm import relationship from sqlalchemy.sql import func from app.db.base import Base # Association table for many-to-many relationship user_roles = Table( 'user_roles', Base.metadata, Column('user_id', Integer, ForeignKey('fastapi.users.id'), primary_key=True), Column('role_id', Integer, ForeignKey('fastapi.roles.id'), primary_key=True), schema='fastapi' ) class User(Base): """ Local user record (synced from Keycloak) Used for tracking, audit, and local permissions """ __tablename__ = "users" __table_args__ = {'schema': 'fastapi'} id = Column(Integer, primary_key=True, index=True) keycloak_id = Column(String, unique=True, index=True, nullable=False) # Keycloak sub username = Column(String, unique=True, index=True, nullable=False) email = Column(String, unique=True, index=True) full_name = Column(String) is_active = Column(Boolean, default=True) created_at = Column(DateTime(timezone=True), server_default=func.now()) updated_at = Column(DateTime(timezone=True), onupdate=func.now()) last_login = Column(DateTime(timezone=True)) # Relationships roles = relationship("Role", secondary=user_roles, back_populates="users") class Role(Base): """ Roles (synced from Keycloak) """ __tablename__ = "roles" __table_args__ = {'schema': 'fastapi'} id = Column(Integer, primary_key=True, index=True) name = Column(String, unique=True, nullable=False, index=True) # admin, operation description = Column(String) created_at = Column(DateTime(timezone=True), server_default=func.now()) # Relationships users = relationship("User", secondary=user_roles, back_populates="roles")