updated roles ant permissions

py_app/app/db_create_scripts/populate_permissions.py

@@ -0,0 +1,143 @@
+#!/usr/bin/env python3
+
+import mariadb
+import os
+import sys
+
+# Add the app directory to the path so we can import our permissions module
+sys.path.append(os.path.join(os.path.dirname(__file__), '..'))
+
+from permissions import APP_PERMISSIONS, ROLE_HIERARCHY, ACTIONS, get_all_permissions, get_default_permissions_for_role
+
+def get_external_db_connection():
+    """Reads the external_server.conf file and returns a MariaDB database connection."""
+    current_dir = os.path.dirname(os.path.abspath(__file__))
+    instance_folder = os.path.join(current_dir, '../../instance')
+    settings_file = os.path.join(instance_folder, 'external_server.conf')
+    
+    if not os.path.exists(settings_file):
+        raise FileNotFoundError(f"The external_server.conf file is missing: {settings_file}")
+
+    settings = {}
+    with open(settings_file, 'r') as f:
+        for line in f:
+            line = line.strip()
+            if line and '=' in line:
+                key, value = line.split('=', 1)
+                settings[key] = value
+
+    return mariadb.connect(
+        user=settings['username'],
+        password=settings['password'],
+        host=settings['server_domain'],
+        port=int(settings['port']),
+        database=settings['database_name']
+    )
+
+def main():
+    try:
+        print("=== Populating Permission System ===")
+        conn = get_external_db_connection()
+        cursor = conn.cursor()
+        
+        # 1. Populate all permissions
+        print("\n1. Populating permissions...")
+        permissions = get_all_permissions()
+        
+        for perm in permissions:
+            try:
+                cursor.execute('''
+                    INSERT INTO permissions (permission_key, page, page_name, section, section_name, action, action_name)
+                    VALUES (%s, %s, %s, %s, %s, %s, %s)
+                    ON DUPLICATE KEY UPDATE
+                    page_name = VALUES(page_name),
+                    section_name = VALUES(section_name),
+                    action_name = VALUES(action_name),
+                    updated_at = CURRENT_TIMESTAMP
+                ''', (
+                    perm['key'],
+                    perm['page'],
+                    perm['page_name'],
+                    perm['section'],
+                    perm['section_name'],
+                    perm['action'],
+                    perm['action_name']
+                ))
+            except Exception as e:
+                print(f"   ⚠ Error inserting permission {perm['key']}: {e}")
+        
+        conn.commit()
+        print(f"   ✓ Populated {len(permissions)} permissions")
+        
+        # 2. Populate role hierarchy
+        print("\n2. Populating role hierarchy...")
+        for role_name, role_data in ROLE_HIERARCHY.items():
+            try:
+                cursor.execute('''
+                    INSERT INTO role_hierarchy (role_name, display_name, description, level)
+                    VALUES (%s, %s, %s, %s)
+                    ON DUPLICATE KEY UPDATE
+                    display_name = VALUES(display_name),
+                    description = VALUES(description),
+                    level = VALUES(level),
+                    updated_at = CURRENT_TIMESTAMP
+                ''', (
+                    role_name,
+                    role_data['name'],
+                    role_data['description'],
+                    role_data['level']
+                ))
+            except Exception as e:
+                print(f"   ⚠ Error inserting role {role_name}: {e}")
+        
+        conn.commit()
+        print(f"   ✓ Populated {len(ROLE_HIERARCHY)} roles")
+        
+        # 3. Set default permissions for each role
+        print("\n3. Setting default role permissions...")
+        for role_name in ROLE_HIERARCHY.keys():
+            default_permissions = get_default_permissions_for_role(role_name)
+            
+            print(f"   Setting permissions for {role_name}: {len(default_permissions)} permissions")
+            
+            for permission_key in default_permissions:
+                try:
+                    cursor.execute('''
+                        INSERT INTO role_permissions (role, permission_key, granted, granted_by)
+                        VALUES (%s, %s, TRUE, 'system')
+                        ON DUPLICATE KEY UPDATE
+                        granted = TRUE,
+                        updated_at = CURRENT_TIMESTAMP
+                    ''', (role_name, permission_key))
+                except Exception as e:
+                    print(f"     ⚠ Error setting permission {permission_key} for {role_name}: {e}")
+            
+            conn.commit()
+        
+        # 4. Show summary
+        print("\n4. Permission Summary:")
+        cursor.execute('''
+            SELECT r.role_name, r.display_name, COUNT(rp.permission_key) as permission_count
+            FROM role_hierarchy r
+            LEFT JOIN role_permissions rp ON r.role_name = rp.role AND rp.granted = TRUE
+            GROUP BY r.role_name, r.display_name
+            ORDER BY r.level DESC
+        ''')
+        
+        results = cursor.fetchall()
+        for role_name, display_name, count in results:
+            print(f"   {display_name} ({role_name}): {count} permissions")
+        
+        conn.close()
+        print("\n=== Permission System Initialization Complete ===")
+        
+    except Exception as e:
+        print(f"❌ Error: {e}")
+        import traceback
+        traceback.print_exc()
+        return 1
+    
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main())