flask_more_smorest.perms.models.abstract_role

Abstract role and domain models for Flask-More-Smorest.

Provides abstract bases for Domain and UserRole models for multi-domain role-based access control.

Classes

AbstractDomain(**kwargs)

Abstract Domain model for multi-domain support.

AbstractUserRole([domain_id, role])

Abstract UserRole model with domain scoping for multi-domain applications.
class flask_more_smorest.perms.models.abstract_role.AbstractDomain(**kwargs)[source]

Abstract Domain model for multi-domain support.

This is an abstract base class - it does NOT create a database table. Subclasses must define concrete fields and table configuration.

Domains represent distinct contexts within an application (e.g., organizations, tenants, or projects) where roles can be scoped.

Subclassing example:

from flask_more_smorest.perms import AbstractDomain

class CustomDomain(AbstractDomain):
    __tablename__ = "domain"

    name: Mapped[str] = mapped_column(db.String(255), nullable=False)
    display_name: Mapped[str] = mapped_column(db.String(255), nullable=False)
    active: Mapped[bool] = mapped_column(db.Boolean, default=True, nullable=False)

    # Optional: custom fields
    organization_id: Mapped[str] = mapped_column(db.String(50))
    settings: Mapped[dict] = mapped_column(db.JSON, default={})
name: Mapped[str] = <sqlalchemy.orm.properties.MappedColumn object>
display_name: Mapped[str] = <sqlalchemy.orm.properties.MappedColumn object>
active: Mapped[bool] = <sqlalchemy.orm.properties.MappedColumn object>
class flask_more_smorest.perms.models.abstract_role.AbstractUserRole(domain_id=None, role=None, **kwargs)[source]

Abstract UserRole model with domain scoping for multi-domain applications.

This is an abstract base class - it does NOT create a database table. Subclasses must define concrete fields and table configuration.

Supports custom role enums by accepting any string/enum value:

from enum import Enum

class CustomRole(str, Enum):
    SUPERADMIN = "SUPERADMIN"
    ADMIN = "ADMIN"
    MANAGER = "MANAGER"
    USER = "USER"

class CustomUserRole(AbstractUserRole):
    __tablename__ = "user_role"

    user_id: Mapped[uuid.UUID] = mapped_column(
        sa.Uuid(as_uuid=True),
        db.ForeignKey("user.id"),
        nullable=False
    )
    domain_id: Mapped[uuid.UUID | None] = mapped_column(
        sa.Uuid(as_uuid=True),
        db.ForeignKey("domain.id"),
        nullable=True,
        default=None,
    )
    _role: Mapped[str] = mapped_column("role", sa.String(50), nullable=False)

# Create roles with custom enum values
role = CustomUserRole(user=user, role=CustomRole.MANAGER)
user_id: Mapped[uuid.UUID] = <sqlalchemy.orm.properties.MappedColumn object>
domain_id: Mapped[uuid.UUID | None] = <sqlalchemy.orm.properties.MappedColumn object>
user = <_RelationshipDeclared at 0x7a2d8811a210; no key>
domain = <_RelationshipDeclared at 0x7a2d881187d0; no key>
property role: str

Get role as string value.

Returns:

Role name as string

__init__(domain_id=None, role=None, **kwargs)[source]

Initialize role with domain and role handling.

Parameters:

  • domain_id (UUID | str | None) – Domain UUID, None for all domains, or ‘*’ string (converted to None)

  • role (str | Enum | None) – Role value (enum or string)

  • **kwargs (object) – Additional field values