updated control access

old code/backup_db_scripts/create_permissions_tables.py

@@ -0,0 +1,141 @@
+#!/usr/bin/env python3
+
+import mariadb
+import os
+import sys
+
+def get_external_db_connection():
+    """Reads the external_server.conf file and returns a MariaDB database connection."""
+    # Get the instance folder path
+    current_dir = os.path.dirname(os.path.abspath(__file__))
+    instance_folder = os.path.join(current_dir, '../../instance')
+    settings_file = os.path.join(instance_folder, 'external_server.conf')
+    
+    if not os.path.exists(settings_file):
+        raise FileNotFoundError(f"The external_server.conf file is missing: {settings_file}")
+
+    # Read settings from the configuration file
+    settings = {}
+    with open(settings_file, 'r') as f:
+        for line in f:
+            line = line.strip()
+            if line and '=' in line:
+                key, value = line.split('=', 1)
+                settings[key] = value
+
+    return mariadb.connect(
+        user=settings['username'],
+        password=settings['password'],
+        host=settings['server_domain'],
+        port=int(settings['port']),
+        database=settings['database_name']
+    )
+
+def main():
+    try:
+        print("=== Creating Permission Management Tables ===")
+        conn = get_external_db_connection()
+        cursor = conn.cursor()
+        
+        # 1. Create permissions table
+        print("\n1. Creating permissions table...")
+        cursor.execute('''
+            CREATE TABLE IF NOT EXISTS permissions (
+                id INT AUTO_INCREMENT PRIMARY KEY,
+                permission_key VARCHAR(255) UNIQUE NOT NULL,
+                page VARCHAR(100) NOT NULL,
+                page_name VARCHAR(255) NOT NULL,
+                section VARCHAR(100) NOT NULL,
+                section_name VARCHAR(255) NOT NULL,
+                action VARCHAR(50) NOT NULL,
+                action_name VARCHAR(255) NOT NULL,
+                description TEXT,
+                created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+                updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
+            )
+        ''')
+        print("   ✓ Permissions table created/verified")
+        
+        # 2. Create role_permissions table
+        print("\n2. Creating role_permissions table...")
+        cursor.execute('''
+            CREATE TABLE IF NOT EXISTS role_permissions (
+                id INT AUTO_INCREMENT PRIMARY KEY,
+                role VARCHAR(50) NOT NULL,
+                permission_key VARCHAR(255) NOT NULL,
+                granted BOOLEAN DEFAULT TRUE,
+                granted_by VARCHAR(50),
+                granted_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+                updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+                UNIQUE KEY unique_role_permission (role, permission_key),
+                FOREIGN KEY (permission_key) REFERENCES permissions(permission_key) ON DELETE CASCADE
+            )
+        ''')
+        print("   ✓ Role permissions table created/verified")
+        
+        # 3. Create role_hierarchy table for role management
+        print("\n3. Creating role_hierarchy table...")
+        cursor.execute('''
+            CREATE TABLE IF NOT EXISTS role_hierarchy (
+                id INT AUTO_INCREMENT PRIMARY KEY,
+                role_name VARCHAR(50) UNIQUE NOT NULL,
+                display_name VARCHAR(255) NOT NULL,
+                description TEXT,
+                level INT DEFAULT 0,
+                is_active BOOLEAN DEFAULT TRUE,
+                created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+                updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
+            )
+        ''')
+        print("   ✓ Role hierarchy table created/verified")
+        
+        # 4. Create permission_audit_log table for tracking changes
+        print("\n4. Creating permission_audit_log table...")
+        cursor.execute('''
+            CREATE TABLE IF NOT EXISTS permission_audit_log (
+                id INT AUTO_INCREMENT PRIMARY KEY,
+                role VARCHAR(50) NOT NULL,
+                permission_key VARCHAR(255) NOT NULL,
+                action ENUM('granted', 'revoked') NOT NULL,
+                changed_by VARCHAR(50) NOT NULL,
+                changed_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+                reason TEXT,
+                ip_address VARCHAR(45)
+            )
+        ''')
+        print("   ✓ Permission audit log table created/verified")
+        
+        conn.commit()
+        
+        # 5. Check if we need to populate initial data
+        print("\n5. Checking for existing data...")
+        cursor.execute("SELECT COUNT(*) FROM permissions")
+        permission_count = cursor.fetchone()[0]
+        
+        if permission_count == 0:
+            print("   No permissions found - will need to populate with default data")
+            print("   Run 'populate_permissions.py' to initialize the permission system")
+        else:
+            print(f"   Found {permission_count} existing permissions")
+        
+        cursor.execute("SELECT COUNT(*) FROM role_hierarchy")
+        role_count = cursor.fetchone()[0]
+        
+        if role_count == 0:
+            print("   No roles found - will need to populate with default roles")
+        else:
+            print(f"   Found {role_count} existing roles")
+        
+        conn.close()
+        print("\n=== Permission Database Schema Created Successfully ===")
+        
+    except Exception as e:
+        print(f"❌ Error: {e}")
+        import traceback
+        traceback.print_exc()
+        return 1
+    
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main())