Update for public https://habr.com/post/421887/

myapp/models/__init__.py

@@ -5,6 +5,7 @@ __author__ = 'RemiZOffAlex'
 __copyright__ = '(c) RemiZOffAlex'
 __license__ = 'MIT'
 __email__ = 'remizoffalex@mail.ru'
+__url__ = 'http://remizoffalex.ru'
 
 from sqlalchemy import create_engine
 from sqlalchemy.orm import scoped_session, sessionmaker
@@ -26,21 +27,6 @@ Base.query = db_session.query_property()
 # Пользователи
 from .users import User
 
-# IP
-from .ip import IP
-
-# ACL
-from .acl import (
-    ObjectPermission,
-    RolePermission,
-    RoleSetPermission,
-    UserPermission,
-    UserRole,
-    IPPermission
-)
-
 Base.metadata.create_all(engine)
 
-__all__ = [
-    'db_session'
-]
+__all__ = []

myapp/models/acl.py

@@ -1,180 +0,0 @@
-#!/usr/bin/env python3
-# -*- coding: UTF-8 -*-
-
-__author__ = 'RemiZOffAlex'
-__copyright__ = '(c) RemiZOffAlex'
-__license__ = 'MIT'
-__email__ = 'remizoffalex@mail.ru'
-__url__ = 'http://remizoffalex.ru'
-
-import datetime
-from sqlalchemy import (
-    Table,
-    Column,
-    Boolean,
-    Integer,
-    ForeignKey,
-    String,
-    DateTime,
-    Enum
-)
-from sqlalchemy.orm import relationship
-
-from . import Base
-
-
-class ObjectPermission(Base):
-    """
-    Объекты доступа: процедура и содержащий процедуру модуль
-    """
-    __tablename__ = "object_permission"
-
-    id = Column(Integer, primary_key=True)
-    funcname = Column(String)
-    modulename = Column(String)
-
-    # Связи
-    user_permissions = relationship(
-        "UserPermission",
-        primaryjoin="ObjectPermission.id==UserPermission.object_id"
-    )
-    ip_permissions = relationship(
-        "IPPermission",
-        primaryjoin="ObjectPermission.id==IPPermission.object_id"
-    )
-
-    def __init__(self, modulename, funcname):
-        self.funcname = funcname
-        self.modulename = modulename
-
-    def __repr__(self):
-        return "<ObjectPermission('%s': '%s')>" % (self.funcname,
-            self.modulename)
-
-
-class RolePermission(Base):
-    """Роли доступа"""
-    __tablename__ = "role_permission"
-
-    id = Column(Integer, primary_key=True)
-    name = Column(String)
-    description = Column(String, default='')
-
-    # Связи
-    set_objects = relationship(
-        "RoleSetPermission",
-        primaryjoin="RolePermission.id==RoleSetPermission.role_id"
-    )
-    users = relationship(
-        "UserRole",
-        primaryjoin="RolePermission.id==UserRole.role_id"
-    )
-
-    def __init__(self, name):
-        self.name = name
-
-
-class RoleSetPermission(Base):
-    """Набор прав доступа для роли"""
-    __tablename__ = "role_set_permission"
-
-    id = Column(Integer, primary_key=True)
-    role_id = Column(Integer, ForeignKey('role_permission.id'))
-    object_id = Column(Integer, ForeignKey('object_permission.id'))
-    permission = Column(Enum('allow', 'deny')) # Разрешение
-
-    # Связи
-    role = relationship(
-        "RolePermission",
-        primaryjoin="RoleSetPermission.role_id==RolePermission.id",
-        uselist=False
-    )
-    object_permission = relationship(
-        "ObjectPermission",
-        primaryjoin="RoleSetPermission.object_id==ObjectPermission.id",
-        uselist=False
-    )
-
-    def __init__(self, role_permission, object_permission, permission):
-        self.role_id = role_permission.id
-        self.object_id = object_permission.id
-        self.permission = permission
-
-
-class UserPermission(Base):
-    """Права доступа пользователя"""
-    __tablename__ = "user_permission"
-
-    id = Column(Integer, primary_key=True)
-    object_id = Column(Integer, ForeignKey('object_permission.id'))
-    user_id = Column(Integer, ForeignKey('user.id'))
-    permission = Column(Enum('allow', 'deny')) # Разрешение
-
-    # Связи
-    user = relationship(
-        "User",
-        primaryjoin="UserPermission.user_id==User.id",
-        uselist=False
-    )
-    object_permission = relationship(
-        "ObjectPermission",
-        primaryjoin="UserPermission.object_id==ObjectPermission.id",
-        uselist=False
-    )
-
-    def __init__(self, object_permission, user, permission):
-        assert type(object_permission).__name__=='ObjectPermission', app.logger.info('Не передан объект ObjectPermission')
-        assert type(user).__name__=='User', app.logger.info('Не передан объект User')
-        self.object_id = object_permission.id
-        self.user_id = user.id
-        self.permission = permission
-
-
-class UserRole(Base):
-    """Роль пользователя"""
-    __tablename__ = "user_role"
-
-    id = Column(Integer, primary_key=True)
-    role_id = Column(Integer, ForeignKey('role_permission.id'))
-    user_id = Column(Integer, ForeignKey('user.id'))
-
-    # Связи
-    user = relationship(
-        "User",
-        primaryjoin="UserRole.user_id==User.id",
-        uselist=False
-    )
-    role_permission = relationship(
-        "RolePermission",
-        primaryjoin="UserRole.role_id==RolePermission.id",
-        uselist=False
-    )
-
-    def __init__(self, role_permission, user):
-        assert type(role_permission).__name__=='RolePermission', app.logger.info('Не передан объект RolePermission')
-        assert type(user).__name__=='User', app.logger.info('Не передан объект User')
-        self.role_id = role_permission.id
-        self.user_id = user.id
-
-
-class IPPermission(Base):
-    """
-    Права доступа для IP
-    """
-    __tablename__ = "ip_permission"
-
-    id = Column(Integer, primary_key=True)
-    object_id = Column(Integer, ForeignKey('object_permission.id'))
-    ip_id = Column(Integer, ForeignKey('ip.id'))
-    permission = Column(Enum('allow', 'deny')) # Разрешение
-
-    # Связи
-    ip = relationship("IP", primaryjoin="IPPermission.ip_id==IP.id", uselist=False)
-    object_permission = relationship("ObjectPermission", primaryjoin="IPPermission.object_id==ObjectPermission.id", uselist=False)
-
-    def __init__(self, object_permission, ip, permission):
-        assert type(object_permission).__name__=='ObjectPermission', app.logger.info('Не передан объект ObjectPermission')
-        assert type(ip).__name__=='IP', app.logger.info('Не передан объект IP')
-        self.object_id = object_permission.id
-        self.ip_id = ip.id
-        self.permission = permission

myapp/models/ip.py

@@ -1,30 +0,0 @@
-#!/usr/bin/env python3
-# -*- coding: UTF-8 -*-
-
-__author__ = 'RemiZOffAlex'
-__copyright__ = '(c) RemiZOffAlex'
-__license__ = 'MIT'
-__email__ = 'remizoffalex@mail.ru'
-__url__ = 'http://remizoffalex.ru'
-
-import datetime
-from sqlalchemy import Table, Column, Boolean, Integer, ForeignKey, String, DateTime
-from sqlalchemy.orm import relationship
-
-from . import Base
-
-class IP(Base):
-    __tablename__ = "ip"
-
-    id = Column(Integer, primary_key=True)
-    ip = Column(String, nullable=False, unique=True)
-    description = Column(String)
-
-    # Связи
-    # tagquestion = relationship("TagQuestion", primaryjoin="TagQuestion.tag_id==Tag.id")
-
-    def __init__(self, ip):
-        self.ip = ip
-
-    def __repr__(self):
-        return "<IP('%s')>" % (self.ip)

myapp/models/users.py

@@ -5,21 +5,37 @@ __author__ = 'RemiZOffAlex'
 __copyright__ = '(c) RemiZOffAlex'
 __license__ = 'MIT'
 __email__ = 'remizoffalex@mail.ru'
+__url__ = 'http://remizoffalex.ru'
 
 import datetime
-from sqlalchemy import Table, Column, Boolean, Integer, ForeignKey, String, DateTime
+from sqlalchemy import (
+    Table,
+    Column,
+    Boolean,
+    Integer,
+    ForeignKey,
+    String,
+    DateTime
+)
 from sqlalchemy.orm import relationship
 
 from . import Base
 
+
 class User(Base):
     __tablename__ = "user"
 
     id = Column(Integer, primary_key=True)
     name = Column(String, nullable=False, unique=True)
     password = Column(String, nullable=False)
+    disabled = Column(Boolean, default=True)
     created = Column(DateTime)
 
     def __init__(self, name):
         self.name = name
         self.created = datetime.datetime.utcnow()
+
+    def as_dict(self):
+        return {c.name: getattr(self, c.name)
+            for c in self.__table__.columns
+            if c.name!='password'}