Add layered service/API for tenancy and people with the privacy seam
Wires the data model through repository -> service -> API/v1. The privacy engine (app/services/privacy.py) is the single enforcement point: every read resolves visibility there (tree role, tree visibility, per-person override; living-person redaction is a marked Phase 2 TODO). All writes record an attributable AuditEntry.
Endpoints: POST /users (open dev bootstrap until auth), GET /users/me, POST/GET /trees, GET /trees/{id}, and POST/GET /trees/{id}/persons. Authn is a temporary X-User-Id header shim; authz is membership-based (owner/editor/viewer). Domain errors map to 401/403/404/409. Verified on the deploy target: private tree -> 403 for non-members, missing actor -> 401, audit log populated.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Justin Paul <justin@jpaul.me>
This commit is contained in:
+23
-4
@@ -1,14 +1,31 @@
|
||||
"""FastAPI application entrypoint.
|
||||
|
||||
Thin by design: wire settings and routers, expose the OpenAPI contract. All
|
||||
domain logic lives in the service layer (added with the data model). The
|
||||
versioned API will mount under ``/api/v1``; health probes stay at the root.
|
||||
Thin by design: wire settings, routers, and error handling, and expose the
|
||||
OpenAPI contract. All domain logic lives in the service layer; the privacy
|
||||
engine is the single enforcement point for reads.
|
||||
"""
|
||||
|
||||
from fastapi import FastAPI
|
||||
from fastapi import FastAPI, Request
|
||||
from fastapi.responses import JSONResponse
|
||||
|
||||
from app.api.health import router as health_router
|
||||
from app.api.v1 import api_router
|
||||
from app.core.config import get_settings
|
||||
from app.services.exceptions import Conflict, Forbidden, NotFound
|
||||
|
||||
|
||||
def _register_error_handlers(app: FastAPI) -> None:
|
||||
@app.exception_handler(NotFound)
|
||||
async def _not_found(request: Request, exc: NotFound) -> JSONResponse:
|
||||
return JSONResponse(status_code=404, content={"detail": str(exc) or "not found"})
|
||||
|
||||
@app.exception_handler(Forbidden)
|
||||
async def _forbidden(request: Request, exc: Forbidden) -> JSONResponse:
|
||||
return JSONResponse(status_code=403, content={"detail": str(exc) or "forbidden"})
|
||||
|
||||
@app.exception_handler(Conflict)
|
||||
async def _conflict(request: Request, exc: Conflict) -> JSONResponse:
|
||||
return JSONResponse(status_code=409, content={"detail": str(exc) or "conflict"})
|
||||
|
||||
|
||||
def create_app() -> FastAPI:
|
||||
@@ -19,6 +36,8 @@ def create_app() -> FastAPI:
|
||||
description="Provenance API — family and land provenance.",
|
||||
)
|
||||
app.include_router(health_router)
|
||||
app.include_router(api_router)
|
||||
_register_error_handlers(app)
|
||||
return app
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user