clean commit

backend/app/models/user.py

@@ -0,0 +1,158 @@
+"""
+User model
+"""
+from datetime import datetime
+from typing import Optional, List
+from enum import Enum
+from sqlalchemy import Column, Integer, String, DateTime, Boolean, Text, JSON
+from sqlalchemy.orm import relationship
+from app.db.database import Base
+
+
+class UserRole(str, Enum):
+    """User role enumeration"""
+    USER = "user"
+    ADMIN = "admin"
+    SUPER_ADMIN = "super_admin"
+
+
+class User(Base):
+    """User model for authentication and user management"""
+    
+    __tablename__ = "users"
+    
+    id = Column(Integer, primary_key=True, index=True)
+    email = Column(String, unique=True, index=True, nullable=False)
+    username = Column(String, unique=True, index=True, nullable=False)
+    hashed_password = Column(String, nullable=False)
+    full_name = Column(String, nullable=True)
+    
+    # User status and permissions
+    is_active = Column(Boolean, default=True)
+    is_superuser = Column(Boolean, default=False)
+    is_verified = Column(Boolean, default=False)
+    
+    # Role-based access control
+    role = Column(String, default=UserRole.USER.value)  # user, admin, super_admin
+    permissions = Column(JSON, default=dict)  # Custom permissions
+    
+    # Profile information
+    avatar_url = Column(String, nullable=True)
+    bio = Column(Text, nullable=True)
+    company = Column(String, nullable=True)
+    website = Column(String, nullable=True)
+    
+    # Timestamps
+    created_at = Column(DateTime, default=datetime.utcnow)
+    updated_at = Column(DateTime, default=datetime.utcnow, onupdate=datetime.utcnow)
+    last_login = Column(DateTime, nullable=True)
+    
+    # Settings
+    preferences = Column(JSON, default=dict)
+    notification_settings = Column(JSON, default=dict)
+    
+    # Relationships
+    api_keys = relationship("APIKey", back_populates="user", cascade="all, delete-orphan")
+    usage_tracking = relationship("UsageTracking", back_populates="user", cascade="all, delete-orphan")
+    budgets = relationship("Budget", back_populates="user", cascade="all, delete-orphan")
+    audit_logs = relationship("AuditLog", back_populates="user", cascade="all, delete-orphan")
+    
+    def __repr__(self):
+        return f"<User(id={self.id}, email='{self.email}', username='{self.username}')>"
+    
+    def to_dict(self):
+        """Convert user to dictionary for API responses"""
+        return {
+            "id": self.id,
+            "email": self.email,
+            "username": self.username,
+            "full_name": self.full_name,
+            "is_active": self.is_active,
+            "is_superuser": self.is_superuser,
+            "is_verified": self.is_verified,
+            "role": self.role,
+            "permissions": self.permissions,
+            "avatar_url": self.avatar_url,
+            "bio": self.bio,
+            "company": self.company,
+            "website": self.website,
+            "created_at": self.created_at.isoformat() if self.created_at else None,
+            "updated_at": self.updated_at.isoformat() if self.updated_at else None,
+            "last_login": self.last_login.isoformat() if self.last_login else None,
+            "preferences": self.preferences,
+            "notification_settings": self.notification_settings
+        }
+    
+    def has_permission(self, permission: str) -> bool:
+        """Check if user has a specific permission"""
+        if self.is_superuser:
+            return True
+        
+        # Check role-based permissions
+        role_permissions = {
+            "user": ["read_own", "create_own", "update_own"],
+            "admin": ["read_all", "create_all", "update_all", "delete_own"],
+            "super_admin": ["read_all", "create_all", "update_all", "delete_all", "manage_users", "manage_modules"]
+        }
+        
+        if self.role in role_permissions and permission in role_permissions[self.role]:
+            return True
+        
+        # Check custom permissions
+        return permission in self.permissions
+    
+    def can_access_module(self, module_name: str) -> bool:
+        """Check if user can access a specific module"""
+        if self.is_superuser:
+            return True
+        
+        # Check module-specific permissions
+        module_permissions = self.permissions.get("modules", {})
+        return module_permissions.get(module_name, False)
+    
+    def update_last_login(self):
+        """Update the last login timestamp"""
+        self.last_login = datetime.utcnow()
+    
+    def update_preferences(self, preferences: dict):
+        """Update user preferences"""
+        if self.preferences is None:
+            self.preferences = {}
+        self.preferences.update(preferences)
+    
+    def update_notification_settings(self, settings: dict):
+        """Update notification settings"""
+        if self.notification_settings is None:
+            self.notification_settings = {}
+        self.notification_settings.update(settings)
+    
+    @classmethod
+    def create_default_admin(cls, email: str, username: str, password_hash: str) -> "User":
+        """Create a default admin user"""
+        return cls(
+            email=email,
+            username=username,
+            hashed_password=password_hash,
+            full_name="System Administrator",
+            is_active=True,
+            is_superuser=True,
+            is_verified=True,
+            role="super_admin",
+            permissions={
+                "modules": {
+                    "cache": True,
+                    "analytics": True,
+                    "rag": True
+                }
+            },
+            preferences={
+                "theme": "dark",
+                "language": "en",
+                "timezone": "UTC"
+            },
+            notification_settings={
+                "email_notifications": True,
+                "security_alerts": True,
+                "system_updates": True
+            }
+        )