quality_recticel/py_app/app/db_create_scripts/populate_permissions.py

#!/usr/bin/env python3

import mariadb
import os
import sys

# Add the app directory to the path so we can import our permissions module
sys.path.append(os.path.join(os.path.dirname(__file__), '..'))

from permissions import APP_PERMISSIONS, ROLE_HIERARCHY, ACTIONS, get_all_permissions, get_default_permissions_for_role

def get_external_db_connection():
    """Reads the external_server.conf file and returns a MariaDB database connection."""
    current_dir = os.path.dirname(os.path.abspath(__file__))
    instance_folder = os.path.join(current_dir, '../../instance')
    settings_file = os.path.join(instance_folder, 'external_server.conf')
    
    if not os.path.exists(settings_file):
        raise FileNotFoundError(f"The external_server.conf file is missing: {settings_file}")

    settings = {}
    with open(settings_file, 'r') as f:
        for line in f:
            line = line.strip()
            if line and '=' in line:
                key, value = line.split('=', 1)
                settings[key] = value

    return mariadb.connect(
        user=settings['username'],
        password=settings['password'],
        host=settings['server_domain'],
        port=int(settings['port']),
        database=settings['database_name']
    )

def main():
    try:
        print("=== Populating Permission System ===")
        conn = get_external_db_connection()
        cursor = conn.cursor()
        
        # 1. Populate all permissions
        print("\n1. Populating permissions...")
        permissions = get_all_permissions()
        
        for perm in permissions:
            try:
                cursor.execute('''
                    INSERT INTO permissions (permission_key, page, page_name, section, section_name, action, action_name)
                    VALUES (%s, %s, %s, %s, %s, %s, %s)
                    ON DUPLICATE KEY UPDATE
                    page_name = VALUES(page_name),
                    section_name = VALUES(section_name),
                    action_name = VALUES(action_name),
                    updated_at = CURRENT_TIMESTAMP
                ''', (
                    perm['key'],
                    perm['page'],
                    perm['page_name'],
                    perm['section'],
                    perm['section_name'],
                    perm['action'],
                    perm['action_name']
                ))
            except Exception as e:
                print(f"   ⚠ Error inserting permission {perm['key']}: {e}")
        
        conn.commit()
        print(f"   ✓ Populated {len(permissions)} permissions")
        
        # 2. Populate role hierarchy
        print("\n2. Populating role hierarchy...")
        for role_name, role_data in ROLE_HIERARCHY.items():
            try:
                cursor.execute('''
                    INSERT INTO role_hierarchy (role_name, display_name, description, level)
                    VALUES (%s, %s, %s, %s)
                    ON DUPLICATE KEY UPDATE
                    display_name = VALUES(display_name),
                    description = VALUES(description),
                    level = VALUES(level),
                    updated_at = CURRENT_TIMESTAMP
                ''', (
                    role_name,
                    role_data['name'],
                    role_data['description'],
                    role_data['level']
                ))
            except Exception as e:
                print(f"   ⚠ Error inserting role {role_name}: {e}")
        
        conn.commit()
        print(f"   ✓ Populated {len(ROLE_HIERARCHY)} roles")
        
        # 3. Set default permissions for each role
        print("\n3. Setting default role permissions...")
        for role_name in ROLE_HIERARCHY.keys():
            default_permissions = get_default_permissions_for_role(role_name)
            
            print(f"   Setting permissions for {role_name}: {len(default_permissions)} permissions")
            
            for permission_key in default_permissions:
                try:
                    cursor.execute('''
                        INSERT INTO role_permissions (role, permission_key, granted, granted_by)
                        VALUES (%s, %s, TRUE, 'system')
                        ON DUPLICATE KEY UPDATE
                        granted = TRUE,
                        updated_at = CURRENT_TIMESTAMP
                    ''', (role_name, permission_key))
                except Exception as e:
                    print(f"     ⚠ Error setting permission {permission_key} for {role_name}: {e}")
            
            conn.commit()
        
        # 4. Show summary
        print("\n4. Permission Summary:")
        cursor.execute('''
            SELECT r.role_name, r.display_name, COUNT(rp.permission_key) as permission_count
            FROM role_hierarchy r
            LEFT JOIN role_permissions rp ON r.role_name = rp.role AND rp.granted = TRUE
            GROUP BY r.role_name, r.display_name
            ORDER BY r.level DESC
        ''')
        
        results = cursor.fetchall()
        for role_name, display_name, count in results:
            print(f"   {display_name} ({role_name}): {count} permissions")
        
        conn.close()
        print("\n=== Permission System Initialization Complete ===")
        
    except Exception as e:
        print(f"❌ Error: {e}")
        import traceback
        traceback.print_exc()
        return 1
    
    return 0

if __name__ == "__main__":
    sys.exit(main())