Add permissions to orgs and roles (in DB-agnostic API).

2025-08-12 13:21:37 -06:00
parent 6d9f2a967e
commit d2a6bfd2a5
1 changed files with 11 additions and 8 deletions
--- a/passkey/db/init.py
+++ b/passkey/db/init.py
@@ -12,8 +12,8 @@ from uuid import UUID


@dataclass
-class Org:
-    uuid: UUID
+class Permission:
+    id: str  # String primary key (max 128 chars)
    display_name: str


@@ -22,6 +22,15 @@ class Role:
    uuid: UUID
    org_uuid: UUID
    display_name: str
+    permissions: list[Permission]
+
+
+@dataclass
+class Org:
+    uuid: UUID
+    display_name: str
+    permissions: list[Permission]  # All that the Org can grant
+    roles: list[Role]


@dataclass
@@ -56,12 +65,6 @@ class Session:
    credential_uuid: UUID | None = None


-@dataclass
-class Permission:
-    id: str  # String primary key (max 128 chars)
-    display_name: str
-
-
@dataclass
 class SessionContext:
    session: Session