# /var/www/bennysboard/core/models.py from flask_sqlalchemy import SQLAlchemy from datetime import datetime from werkzeug.security import generate_password_hash, check_password_hash db = SQLAlchemy() user_roles = db.Table( "user_roles", db.Column("user_id", db.Integer, db.ForeignKey("users.id"), primary_key=True), db.Column("role_id", db.Integer, db.ForeignKey("roles.id"), primary_key=True), ) role_perms = db.Table( "role_permissions", db.Column("role_id", db.Integer, db.ForeignKey("roles.id"), primary_key=True), db.Column("perm_id", db.Integer, db.ForeignKey("permissions.id"), primary_key=True), ) class User(db.Model): __tablename__ = "users" id = db.Column(db.Integer, primary_key=True) email = db.Column(db.String(255), unique=True, index=True) username = db.Column(db.String(80), unique=True) password_h = db.Column(db.String(255)) # nullable for Discord-only accounts discord_id = db.Column(db.String(40), index=True) is_active = db.Column(db.Boolean, default=True) created_at = db.Column(db.DateTime, default=datetime.utcnow) roles = db.relationship("Role", secondary=user_roles, back_populates="users") def set_password(self, raw: str) -> None: self.password_h = generate_password_hash(raw) def check_password(self, raw: str) -> bool: return bool(self.password_h) and check_password_hash(self.password_h, raw) def has_perm(self, code: str) -> bool: return any(code in r.perm_codes() for r in self.roles) class Role(db.Model): __tablename__ = "roles" id = db.Column(db.Integer, primary_key=True) name = db.Column(db.String(80), unique=True) users = db.relationship("User", secondary=user_roles, back_populates="roles") permissions = db.relationship("Permission", secondary=role_perms, back_populates="roles") def perm_codes(self) -> set[str]: return {p.code for p in self.permissions} class Permission(db.Model): __tablename__ = "permissions" id = db.Column(db.Integer, primary_key=True) code = db.Column(db.String(120), unique=True, index=True) roles = db.relationship("Role", secondary=role_perms, back_populates="permissions")