ie dZddlmZmZmZmZddlmZddlm Z ddl m Z ddl m Z ddlmZmZmZmZmZddlmZd eezd efd ZeZej5d e dee ee fdedzdede d efdZej=d eej>ee ee fdedede d efdZ ej5de ee ee fdedede d efdZ!ejEde ee ee fdededede d ef dZ#ejIdejJee ee fdedede d dfdZ&ej5de ee ee fdedede d efdZ'ejQde ee ee fdededede d ef dZ)y)uGRoles router — endpoints for role management and permission matrices.) APIRouterDepends HTTPExceptionstatus) AsyncSession)get_db)get_current_user)User)PermissionsUpdate RoleCreateRolePermissionResponse RoleResponse RoleUpdate) role_serviceereturnct|tr$ttjt |Sttj t |S)uEConvert service-layer ValueError → 404 and PermissionError → 403. status_codedetail) isinstancePermissionErrorrrHTTP_403_FORBIDDENstrHTTP_404_NOT_FOUND)rs 3/var/www/html/spbu.com/backend/app/routers/roles.py_service_errorr s:!_%)B)B3q6RR V%>%>s1v NN)response_modelNspbu_iddb current_usercKtj||d{}d|Dcgc]}tj|c}iS7)cc}ww)zOReturn all roles, optionally scoped to a specific SPBU (includes global roles).Ndata)r list_rolesrmodel_validate)r!r"r#rolesrs rr&r&sJ))"g6 6E UCU\003UC DD 7Cs A A A AA A )r rr%cK tj|||d{}tj|ddS7#t$r)}ttj t |d}~wwxYww)z[Create a new role. Super Admin can create global roles; SPBU Admin only for their own SPBU.NrzRole berhasil dibuatr%message) r create_rolerrrrrrr')r%r"r#rolers rr-r-"sjR!--b$ EE!//5BX YYF R(A(A#a&QQRs1A2=;=A2= A/$A**A//A2z /{role_id}role_idcK tj||d{}dtj|iS7#t$r)}ttj t |d}~wwxYww)z;Return details for a single role including its permissions.Nrr%) rget_role ValueErrorrrrrrr')r/r"r#r.rs rr1r10sfR!**2w77 L//5 668 R(A(A#a&QQRs1A0;9;A0; A-$A((A--A0cK tj||||d{}t j |ddS7#ttf$r}t |d}~wwxYww)zUpdate scalar fields on a role.NzRole berhasil diupdater+)r update_roler2rrrr')r/r%r"r#r.rs rr4r4>sb !--b'4NN!//5BZ [[O  ( Q s1A ><>A >A AAA )rcK tj|||d{y7#ttf$r}t |d}~wwxYww)zPermanently delete a role.N)r delete_roler2rr)r/r"r#rs rr6r6MsB &&r7LAAA  ( Q s0A&$&A&A AAAz/{role_id}/permissionsc K tj||d{}d|Dcgc]}tj|c}iS7)#t$r)}ttj t |d}~wwxYwcc}ww)z/Return all permission entries for a given role.Nrr%) rget_permissionsr2rrrrr r')r/r"r# permissionsrps rr8r8ZszR(88WEE  {S{!+::1={S TTF R(A(A#a&QQRSsBBA AA BA>BA A;$A66A;;BcK tj|||j|d{}|Dcgc]}t j|c}ddS7*#ttf$r}t |d}~wwxYwcc}ww)z9Replace the full permission matrix for a role atomically.NzPermissions berhasil disimpanr+)rset_permissionsr9r2rrr r')r/r%r"r#r9rr:s rr<r<hs (88WdFVFVXdee DOO;a'66q9;O2 f  ( Q PsBA=%AAAA=A8A=AA5% A00A55A=)*__doc__fastapirrrrsqlalchemy.ext.asynciorapp.core.databaserapp.dependenciesr app.models.userr app.schemas.roler r r rr app.servicesrr2rrroutergetdictintr&postHTTP_201_CREATEDr-r1patchr4deleteHTTP_204_NO_CONTENTr6r8putr<rrrPsM==/$- ll%Oj?2O}O Bt$v !12E 4ZEEE E%ER&2I2IJv !12 Z  Z Z Z ZK ZL.v !12 7  7 7 7 7/ 7l40v !12 \  \  \  \ \  \1 \|)C)CDv !12          E   $T:v !12 U  U U U U; U $T:v !12       ;r