makefile 1.1 and permissions 1.0

server/database/db.py

@@ -3,9 +3,9 @@ import asyncio
 from datetime import datetime,timezone
 
 #from sqlalchemy import create_engine #Не async
-from sqlalchemy.orm import DeclarativeBase, sessionmaker
+from sqlalchemy.orm import DeclarativeBase, sessionmaker, relationship,selectinload
 from sqlalchemy.ext.asyncio import AsyncSession, create_async_engine
-from sqlalchemy import Column, Integer, String, Boolean, select,func, DateTime
+from sqlalchemy import Column, Integer, String, Boolean, select,func, DateTime, ForeignKey, event
 
 from pathlib import Path
 db_folder = Path(__file__).parent / "DB"
@@ -39,6 +39,20 @@ class User(Base):
     created_at = Column(DateTime(timezone=True), server_default=func.now())
     updated_at = Column(DateTime(timezone=True), onupdate=func.now())
     last_login = Column(DateTime(timezone=True))
+        # связь с Permission
+    permissions = relationship(
+        "Permission", back_populates="user", cascade="all, delete-orphan" #back populates = backref, только пишется в обоих классах с которыми связь 
+    )#cascade - если ты удаляешь юзера, SQLAlchemy автоматом удалит все его пермишены.Если ты отцепил пермишен от юзера — он считается “сиротой” и тоже удаляется.
+
+class Permission(Base):
+    __tablename__ = "permissions"
+
+    id = Column(Integer, primary_key=True)
+    user_id = Column(Integer, ForeignKey("users.id"), nullable=False)
+    can_edit = Column(Boolean, default=False)
+    can_delete = Column(Boolean, default=False)
+        # обратная связь к User
+    user = relationship("User", back_populates="permissions")
 
 async def create_user(user_info):
     async with AsyncSessionLocal() as session:
@@ -48,7 +62,7 @@ async def create_user(user_info):
         await session.refresh(new_user)
 async def get_user_by_email(email):
     async with AsyncSessionLocal() as session:
-        result = await session.execute(select(User).where(User.email==email))
+        result = await session.execute(select(User).options(selectinload(User.permissions)).where(User.email==email))
         user = result.scalar_one_or_none()
         return user
 async def get_all_rows():
@@ -56,16 +70,21 @@ async def get_all_rows():
         result = await session.execute(select(User))
         users = result.scalars().all()
         return users
-async def update_user(user_info):
+async def update_user(user_info, perm_info):
     async with AsyncSessionLocal() as session:
-        result = await session.execute(select(User).where(User.id==user_info.id))
+        result = await session.execute(select(User).options(selectinload(User.permissions)).where(User.email==user_info.email))
         user = result.scalar_one_or_none()
         if user:
             user.email = user_info.email
             user.description = user_info.description
             user.activated = user_info.activated
             user.password = hash_password(user_info.password)
+            
+            perm = user.permissions[0]   # если у юзера одна запись - Это связь один-ко-многим: у одного User может быть список из нескольких Permission.
+            perm.can_edit = perm_info.can_edit
+            perm.can_delete = perm_info.can_delete
             await session.commit()
+        return user
 async def delete_user(email):
     async with AsyncSessionLocal() as session:
         result = await session.execute(select(User).where(User.email==email))
@@ -90,4 +109,9 @@ async def reset_user(user_info):
             user.password = hash_password(user_info.new_password)
             await session.commit()
             return user
-        return None
+        return None
+@event.listens_for(User, "after_insert") #listener не работает в async
+def create_permission(mapper, connection, target): 
+    connection.execute(
+        Permission.__table__.insert().values(user_id=target.id)
+    )