reallife_asset/scripts/load_path.py

#!/usr/bin/env python3
"""RBAC permission registration for reallife_asset module."""
import os, sys, subprocess

# Find Sage root
home = os.path.expanduser("~")
sage_root = ""
for candidate in [
    os.path.join(home, "repos/sage"),
    os.path.join(home, "sage"),
]:
    if os.path.isdir(os.path.join(candidate, "wwwroot")):
        sage_root = candidate
        break

if not sage_root:
    print("ERROR: Cannot find Sage root")
    sys.exit(1)

python = os.path.join(sage_root, "py3/bin/python")
set_perm = os.path.join(sage_root, "set_role_perm.py")

# Permission definitions
paths_any = []  # No login required
paths_logined = [
    "/reallife_asset",
    "/reallife_asset/index.ui",
    "/reallife_asset/group_manage.ui",
    "/reallife_asset/asset_manage.ui",
    "/reallife_asset/create_validate.ui",
    "/reallife_asset/upload_asset.ui",
    "/reallife_asset/sync_groups.ui",
    "/reallife_asset/rl_asset_group_list",
    "/reallife_asset/rl_asset_group_list/index.ui",
    "/reallife_asset/rl_asset_list",
    "/reallife_asset/rl_asset_list/index.ui",
    "/reallife_asset/api/rl_asset_group_create.dspy",
    "/reallife_asset/api/rl_asset_group_update.dspy",
    "/reallife_asset/api/rl_asset_group_delete.dspy",
    "/reallife_asset/api/rl_asset_create.dspy",
    "/reallife_asset/api/rl_asset_update.dspy",
    "/reallife_asset/api/rl_asset_delete.dspy",
    "/reallife_asset/api/sync_asset_status.dspy",
    "/reallife_asset/api/check_validate.dspy",
    "/reallife_asset/api/sync_from_vendor.dspy",
    "/reallife_asset/api/sync_assets.dspy",
    "/reallife_asset/api/get_rl_asset_group_list.dspy",
    "/reallife_asset/api/get_rl_asset_list.dspy",
    # Downapp user APIs
    "/reallife_asset/api/rl_apply.dspy",
    "/reallife_asset/api/rl_verify.dspy",
    "/reallife_asset/api/rl_upload.dspy",
    "/reallife_asset/api/rl_status.dspy",
    # Ops management CRUD
    "/reallife_asset/api/rl_app_user_create.dspy",
    "/reallife_asset/api/rl_app_user_update.dspy",
    "/reallife_asset/api/rl_app_user_delete.dspy",
    "/reallife_asset/rl_app_user_list",
    "/reallife_asset/rl_app_user_list/index.ui",
]

def run_set_perm(role, path):
    cmd = [python, set_perm, role, path]
    print(f"  {role:12s} {path}")
    subprocess.run(cmd, cwd=sage_root)

print("Registering RBAC permissions for reallife_asset...")
for p in paths_any:
    run_set_perm("any", p)
for p in paths_logined:
    run_set_perm("logined", p)

print("Done.")