feat: add set_role_perm.py wrapper for RBAC registration

2026-06-11 22:06:12 +08:00 · 2026-06-11 22:06:12 +08:00 · 6e351005fa
commit 6e351005fa
parent 707b491345
1 changed files with 52 additions and 0 deletions
--- a/set_role_perm.py
+++ b/set_role_perm.py
@ -0,0 +1,52 @@
+#!/usr/bin/env python3
+"""Wrapper script for RBAC permission registration.
+Called by modules' load_path.py scripts.
+Usage: py3/bin/python set_role_perm.py <role> <path>
+"""
+import sys
+import os
+import asyncio
+
+# Add current directory to path
+sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
+
+from rbac.set_role_perms import set_role_perm as _set_role_perm
+from appPublic.jsonConfig import getConfig
+from sqlor.dbpools import DBPools
+
+
+async def main(role, path):
+    """Register a single permission path for a role."""
+    # Determine module name from path
+    # e.g., /pipeline_core/index.ui -> pipeline_core
+    parts = path.strip('/').split('/')
+    module = parts[0] if parts else 'app'
+    
+    # Get database name from config
+    config = getConfig('.', {'workdir': '.'})
+    db = DBPools(config.databases)
+    
+    # Call the actual permission setter
+    await _set_role_perm('pipeline', module, '*', role, path)
+
+
+def run(coro):
+    """Run async function in event loop."""
+    loop = asyncio.new_event_loop()
+    asyncio.set_event_loop(loop)
+    try:
+        loop.run_until_complete(coro)
+    finally:
+        loop.close()
+
+
+if __name__ == '__main__':
+    if len(sys.argv) != 3:
+        print(f"Usage: {sys.argv[0]} <role> <path>")
+        print(f"Example: {sys.argv[0]} logined /pipeline_core/index.ui")
+        sys.exit(1)
+    
+    role = sys.argv[1]
+    path = sys.argv[2]
+    
+    run(main(role, path))