56 lines
1.9 KiB
Python
56 lines
1.9 KiB
Python
"""
|
|
User and Role models for local user management
|
|
Note: This is separate from Keycloak users - used for tracking and audit
|
|
"""
|
|
from sqlalchemy import Column, Integer, String, Boolean, DateTime, Table, ForeignKey
|
|
from sqlalchemy.orm import relationship
|
|
from sqlalchemy.sql import func
|
|
from app.db.base import Base
|
|
|
|
# Association table for many-to-many relationship
|
|
user_roles = Table(
|
|
'user_roles',
|
|
Base.metadata,
|
|
Column('user_id', Integer, ForeignKey('fastapi.users.id'), primary_key=True),
|
|
Column('role_id', Integer, ForeignKey('fastapi.roles.id'), primary_key=True),
|
|
schema='fastapi'
|
|
)
|
|
|
|
|
|
class User(Base):
|
|
"""
|
|
Local user record (synced from Keycloak)
|
|
Used for tracking, audit, and local permissions
|
|
"""
|
|
__tablename__ = "users"
|
|
__table_args__ = {'schema': 'fastapi'}
|
|
|
|
id = Column(Integer, primary_key=True, index=True)
|
|
keycloak_id = Column(String, unique=True, index=True, nullable=False) # Keycloak sub
|
|
username = Column(String, unique=True, index=True, nullable=False)
|
|
email = Column(String, unique=True, index=True)
|
|
full_name = Column(String)
|
|
is_active = Column(Boolean, default=True)
|
|
created_at = Column(DateTime(timezone=True), server_default=func.now())
|
|
updated_at = Column(DateTime(timezone=True), onupdate=func.now())
|
|
last_login = Column(DateTime(timezone=True))
|
|
|
|
# Relationships
|
|
roles = relationship("Role", secondary=user_roles, back_populates="users")
|
|
|
|
|
|
class Role(Base):
|
|
"""
|
|
Roles (synced from Keycloak)
|
|
"""
|
|
__tablename__ = "roles"
|
|
__table_args__ = {'schema': 'fastapi'}
|
|
|
|
id = Column(Integer, primary_key=True, index=True)
|
|
name = Column(String, unique=True, nullable=False, index=True) # admin, operation
|
|
description = Column(String)
|
|
created_at = Column(DateTime(timezone=True), server_default=func.now())
|
|
|
|
# Relationships
|
|
users = relationship("User", secondary=user_roles, back_populates="roles")
|