Compare commits
79 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 3810b65de0 | |||
| 9820a77d25 | |||
| 3ff03b037b | |||
| 84a743f5b9 | |||
| e6dfe39e84 | |||
| 4a3fe983fa | |||
| 251652a935 | |||
| dc1b6aac01 | |||
| f93327f5d3 | |||
| c86771034c | |||
| b51b65de80 | |||
| 93c22b4bcf | |||
| 7255920135 | |||
| 62513ee22e | |||
| ac0b9818dd | |||
| 182a5dab16 | |||
| 77b78410ff | |||
| fe1e0171ff | |||
| 9dbdae975a | |||
| c5a2a7f0d4 | |||
| 8c36785197 | |||
| fae1162ff8 | |||
| 1025f86657 | |||
| a53858f920 | |||
| 941f9827c1 | |||
| 6ec852a23a | |||
| 7405ec762f | |||
| aa62ca490e | |||
| 97f7a9e0ff | |||
| cd4ccb4ac8 | |||
| 6696015970 | |||
| e8839b15a0 | |||
| 548e883d82 | |||
| 37ac49767e | |||
| 9b04bcefba | |||
| e9b2436ce0 | |||
| 8903e480cf | |||
| d27cc5dddc | |||
| 943f459b91 | |||
| 5106538934 | |||
| 2669543e56 | |||
| 0262ed3d97 | |||
| 9ee960c4ef | |||
| 7f640649b9 | |||
| a8929c2862 | |||
| b90ba53a3f | |||
| c4e9d69e00 | |||
| 0673896133 | |||
| 1164841950 | |||
| 5824e70895 | |||
| 04ccdbf96a | |||
| f165ccb941 | |||
| e0fb924a1d | |||
| cf5518c7ec | |||
| 26df03cfd7 | |||
| ab064bce6e | |||
| 76b7f453c1 | |||
| 438d2db2e7 | |||
| 99913ada94 | |||
| 584b323121 | |||
| 4788ae7723 | |||
| 51f0066e61 | |||
| bfa6c0782a | |||
| 2f21e767f3 | |||
| f6bcf198ee | |||
| b13fafd624 | |||
| 631d050540 | |||
| d48029a407 | |||
| 18dea507d1 | |||
| 99a660485e | |||
| cf6dcf9ce2 | |||
| 22bc536978 | |||
| f2205b93f4 | |||
| b0c7c8570b | |||
| fe9a95c60d | |||
| bd8ee9b647 | |||
| 660130f007 | |||
| 34d30e3134 | |||
| 049545fcc8 |
@@ -19,6 +19,7 @@ These are product invariants, not preferences. Do not violate them, and flag any
|
|||||||
5. **Sources are first-class.** Don't model citations as free-text afterthoughts. A `Source` is a reusable entity; a `Citation` links it to a specific fact.
|
5. **Sources are first-class.** Don't model citations as free-text afterthoughts. A `Source` is a reusable entity; a `Citation` links it to a specific fact.
|
||||||
6. **Only legal data sources.** Ship scrapers/connectors only for permissible sources (FamilySearch API, Find A Grave, WikiTree, BLM/GLO, USGS, public-domain newspapers, public county records). Never add connectors for paywalled/terms-prohibited sites (Ancestry, MyHeritage, 23andMe).
|
6. **Only legal data sources.** Ship scrapers/connectors only for permissible sources (FamilySearch API, Find A Grave, WikiTree, BLM/GLO, USGS, public-domain newspapers, public county records). Never add connectors for paywalled/terms-prohibited sites (Ancestry, MyHeritage, 23andMe).
|
||||||
7. **Everything is configurable via environment.** Auth, mail, object storage, database, model providers, scrapers — all twelve-factor. No hard-coded endpoints or keys.
|
7. **Everything is configurable via environment.** Auth, mail, object storage, database, model providers, scrapers — all twelve-factor. No hard-coded endpoints or keys.
|
||||||
|
8. **Full CRUD on every object.** Every stored entity (person, name, event, relationship, source, citation, media, tree, …) must support create, read, **update**, and delete — in the API *and* the UI. Historical research is constant correction and new information, so nothing is write-once. Any new feature or data type ships with all four operations; an entity you can create but not edit is a bug.
|
||||||
|
|
||||||
## Tech stack
|
## Tech stack
|
||||||
|
|
||||||
|
|||||||
@@ -21,7 +21,11 @@ RUN --mount=type=cache,target=/root/.cache/uv \
|
|||||||
COPY app ./app
|
COPY app ./app
|
||||||
COPY alembic.ini ./alembic.ini
|
COPY alembic.ini ./alembic.ini
|
||||||
COPY migrations ./migrations
|
COPY migrations ./migrations
|
||||||
|
COPY docker-entrypoint.sh ./docker-entrypoint.sh
|
||||||
|
RUN chmod +x ./docker-entrypoint.sh
|
||||||
|
|
||||||
EXPOSE 8000
|
EXPOSE 8000
|
||||||
|
|
||||||
|
# The entrypoint runs migrations first when RUN_MIGRATIONS=1, then the command.
|
||||||
|
ENTRYPOINT ["./docker-entrypoint.sh"]
|
||||||
CMD ["uv", "run", "--no-dev", "uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]
|
CMD ["uv", "run", "--no-dev", "uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]
|
||||||
|
|||||||
@@ -10,6 +10,8 @@ from app.core.db import get_session
|
|||||||
from app.integrations.mailer.base import Mailer
|
from app.integrations.mailer.base import Mailer
|
||||||
from app.integrations.mailer.console import ConsoleMailer
|
from app.integrations.mailer.console import ConsoleMailer
|
||||||
from app.integrations.mailer.smtp import SMTPMailer
|
from app.integrations.mailer.smtp import SMTPMailer
|
||||||
|
from app.integrations.objectstore.base import ObjectStore
|
||||||
|
from app.integrations.objectstore.s3 import S3ObjectStore
|
||||||
from app.models.user import User
|
from app.models.user import User
|
||||||
from app.services import auth_service
|
from app.services import auth_service
|
||||||
|
|
||||||
@@ -38,6 +40,18 @@ async def get_current_user(request: Request, session: SessionDep) -> User:
|
|||||||
CurrentUser = Annotated[User, Depends(get_current_user)]
|
CurrentUser = Annotated[User, Depends(get_current_user)]
|
||||||
|
|
||||||
|
|
||||||
|
async def get_current_user_or_none(request: Request, session: SessionDep) -> User | None:
|
||||||
|
"""Optional auth for public read endpoints — never raises. Returns the user
|
||||||
|
when a valid session is present, else None (anonymous viewer)."""
|
||||||
|
raw_token = extract_session_token(request)
|
||||||
|
if raw_token is None:
|
||||||
|
return None
|
||||||
|
return await auth_service.resolve_session_user(session, raw_token=raw_token)
|
||||||
|
|
||||||
|
|
||||||
|
CurrentUserOrNone = Annotated[User | None, Depends(get_current_user_or_none)]
|
||||||
|
|
||||||
|
|
||||||
def get_mailer() -> Mailer:
|
def get_mailer() -> Mailer:
|
||||||
settings = get_settings()
|
settings = get_settings()
|
||||||
if settings.mailer == "smtp" and settings.smtp_host:
|
if settings.mailer == "smtp" and settings.smtp_host:
|
||||||
@@ -46,3 +60,10 @@ def get_mailer() -> Mailer:
|
|||||||
|
|
||||||
|
|
||||||
MailerDep = Annotated[Mailer, Depends(get_mailer)]
|
MailerDep = Annotated[Mailer, Depends(get_mailer)]
|
||||||
|
|
||||||
|
|
||||||
|
def get_objectstore() -> ObjectStore:
|
||||||
|
return S3ObjectStore(get_settings())
|
||||||
|
|
||||||
|
|
||||||
|
ObjectStoreDep = Annotated[ObjectStore, Depends(get_objectstore)]
|
||||||
|
|||||||
@@ -5,8 +5,13 @@ from fastapi import APIRouter
|
|||||||
from app.api.v1 import (
|
from app.api.v1 import (
|
||||||
auth,
|
auth,
|
||||||
citations,
|
citations,
|
||||||
|
cleanup,
|
||||||
events,
|
events,
|
||||||
|
gedcom,
|
||||||
|
media,
|
||||||
|
names,
|
||||||
persons,
|
persons,
|
||||||
|
public,
|
||||||
relationships,
|
relationships,
|
||||||
sources,
|
sources,
|
||||||
trees,
|
trees,
|
||||||
@@ -18,7 +23,12 @@ api_router.include_router(auth.router)
|
|||||||
api_router.include_router(users.router)
|
api_router.include_router(users.router)
|
||||||
api_router.include_router(trees.router)
|
api_router.include_router(trees.router)
|
||||||
api_router.include_router(persons.router)
|
api_router.include_router(persons.router)
|
||||||
|
api_router.include_router(names.router)
|
||||||
api_router.include_router(events.router)
|
api_router.include_router(events.router)
|
||||||
api_router.include_router(relationships.router)
|
api_router.include_router(relationships.router)
|
||||||
api_router.include_router(sources.router)
|
api_router.include_router(sources.router)
|
||||||
api_router.include_router(citations.router)
|
api_router.include_router(citations.router)
|
||||||
|
api_router.include_router(media.router)
|
||||||
|
api_router.include_router(gedcom.router)
|
||||||
|
api_router.include_router(cleanup.router)
|
||||||
|
api_router.include_router(public.router)
|
||||||
|
|||||||
@@ -1,9 +1,10 @@
|
|||||||
from fastapi import APIRouter, HTTPException, Request, Response, status
|
from fastapi import APIRouter, HTTPException, Request, Response, status
|
||||||
|
|
||||||
from app.api.deps import MailerDep, SessionDep, extract_session_token
|
from app.api.deps import CurrentUser, MailerDep, SessionDep, extract_session_token
|
||||||
from app.core.config import get_settings
|
from app.core.config import get_settings
|
||||||
from app.schemas.auth import (
|
from app.schemas.auth import (
|
||||||
LoginRequest,
|
LoginRequest,
|
||||||
|
PasswordChange,
|
||||||
PasswordResetConfirm,
|
PasswordResetConfirm,
|
||||||
PasswordResetRequest,
|
PasswordResetRequest,
|
||||||
RegisterRequest,
|
RegisterRequest,
|
||||||
@@ -79,3 +80,15 @@ async def reset_password(data: PasswordResetConfirm, session: SessionDep) -> Non
|
|||||||
await auth_service.reset_password(
|
await auth_service.reset_password(
|
||||||
session, raw_token=data.token, new_password=data.new_password
|
session, raw_token=data.token, new_password=data.new_password
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/change-password", status_code=status.HTTP_204_NO_CONTENT)
|
||||||
|
async def change_password(
|
||||||
|
data: PasswordChange, session: SessionDep, current: CurrentUser
|
||||||
|
) -> None:
|
||||||
|
await auth_service.change_password(
|
||||||
|
session,
|
||||||
|
user=current,
|
||||||
|
current_password=data.current_password,
|
||||||
|
new_password=data.new_password,
|
||||||
|
)
|
||||||
|
|||||||
@@ -3,7 +3,7 @@ import uuid
|
|||||||
from fastapi import APIRouter, status
|
from fastapi import APIRouter, status
|
||||||
|
|
||||||
from app.api.deps import CurrentUser, SessionDep
|
from app.api.deps import CurrentUser, SessionDep
|
||||||
from app.schemas.source import CitationCreate, CitationRead
|
from app.schemas.source import CitationCreate, CitationRead, CitationUpdate
|
||||||
from app.services import citation_service, tree_service
|
from app.services import citation_service, tree_service
|
||||||
|
|
||||||
router = APIRouter(prefix="/trees", tags=["citations"])
|
router = APIRouter(prefix="/trees", tags=["citations"])
|
||||||
@@ -31,6 +31,25 @@ async def list_citations(
|
|||||||
return [CitationRead.model_validate(c) for c in citations]
|
return [CitationRead.model_validate(c) for c in citations]
|
||||||
|
|
||||||
|
|
||||||
|
@router.patch("/{tree_id}/citations/{citation_id}", response_model=CitationRead)
|
||||||
|
async def update_citation(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
citation_id: uuid.UUID,
|
||||||
|
data: CitationUpdate,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
) -> CitationRead:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
citation = await citation_service.update_citation(
|
||||||
|
session,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
citation_id=citation_id,
|
||||||
|
changes=data.model_dump(exclude_unset=True),
|
||||||
|
)
|
||||||
|
return CitationRead.model_validate(citation)
|
||||||
|
|
||||||
|
|
||||||
@router.delete("/{tree_id}/citations/{citation_id}", status_code=status.HTTP_204_NO_CONTENT)
|
@router.delete("/{tree_id}/citations/{citation_id}", status_code=status.HTTP_204_NO_CONTENT)
|
||||||
async def delete_citation(
|
async def delete_citation(
|
||||||
tree_id: uuid.UUID, citation_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
tree_id: uuid.UUID, citation_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
|||||||
@@ -0,0 +1,101 @@
|
|||||||
|
import uuid
|
||||||
|
|
||||||
|
from fastapi import APIRouter, File, UploadFile
|
||||||
|
|
||||||
|
from app.api.deps import CurrentUser, SessionDep
|
||||||
|
from app.schemas.cleanup import (
|
||||||
|
CleanupResult,
|
||||||
|
DeceasedApply,
|
||||||
|
DeceasedCandidate,
|
||||||
|
GenderApply,
|
||||||
|
GenderProposal,
|
||||||
|
NameApply,
|
||||||
|
NameIssue,
|
||||||
|
)
|
||||||
|
from app.services import cleanup_service, tree_service
|
||||||
|
|
||||||
|
router = APIRouter(prefix="/trees", tags=["cleanup"])
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/{tree_id}/cleanup/deceased", response_model=list[DeceasedCandidate])
|
||||||
|
async def preview_deceased(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
born_on_or_before: int = 1930,
|
||||||
|
) -> list[DeceasedCandidate]:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
rows = await cleanup_service.preview_deceased(
|
||||||
|
session, actor=current, tree=tree, year=born_on_or_before
|
||||||
|
)
|
||||||
|
return [DeceasedCandidate(**r) for r in rows]
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/{tree_id}/cleanup/deceased", response_model=CleanupResult)
|
||||||
|
async def apply_deceased(
|
||||||
|
tree_id: uuid.UUID, data: DeceasedApply, session: SessionDep, current: CurrentUser
|
||||||
|
) -> CleanupResult:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
n = await cleanup_service.apply_deceased(
|
||||||
|
session, actor=current, tree=tree, person_ids=data.person_ids
|
||||||
|
)
|
||||||
|
return CleanupResult(updated=n)
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/{tree_id}/cleanup/gender/preview", response_model=list[GenderProposal])
|
||||||
|
async def preview_gender(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
file: UploadFile = File(...),
|
||||||
|
) -> list[GenderProposal]:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
text = (await file.read()).decode("utf-8", errors="replace")
|
||||||
|
rows = await cleanup_service.preview_gender(
|
||||||
|
session, actor=current, tree=tree, gedcom_text=text
|
||||||
|
)
|
||||||
|
return [GenderProposal(**r) for r in rows]
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/{tree_id}/cleanup/gender/guess", response_model=list[GenderProposal])
|
||||||
|
async def guess_gender(
|
||||||
|
tree_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
) -> list[GenderProposal]:
|
||||||
|
"""Best-guess sex from first names (bundled dictionary) for people missing it."""
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
rows = await cleanup_service.guess_gender_by_name(session, actor=current, tree=tree)
|
||||||
|
return [GenderProposal(**r) for r in rows]
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/{tree_id}/cleanup/gender", response_model=CleanupResult)
|
||||||
|
async def apply_gender(
|
||||||
|
tree_id: uuid.UUID, data: GenderApply, session: SessionDep, current: CurrentUser
|
||||||
|
) -> CleanupResult:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
n = await cleanup_service.apply_gender(
|
||||||
|
session,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
updates=[u.model_dump() for u in data.updates],
|
||||||
|
)
|
||||||
|
return CleanupResult(updated=n)
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/{tree_id}/cleanup/names", response_model=list[NameIssue])
|
||||||
|
async def preview_names(
|
||||||
|
tree_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
) -> list[NameIssue]:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
rows = await cleanup_service.preview_names(session, actor=current, tree=tree)
|
||||||
|
return [NameIssue(**r) for r in rows]
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/{tree_id}/cleanup/names", response_model=CleanupResult)
|
||||||
|
async def apply_names(
|
||||||
|
tree_id: uuid.UUID, data: NameApply, session: SessionDep, current: CurrentUser
|
||||||
|
) -> CleanupResult:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
n = await cleanup_service.apply_names(
|
||||||
|
session, actor=current, tree=tree, edits=[e.model_dump() for e in data.edits]
|
||||||
|
)
|
||||||
|
return CleanupResult(updated=n)
|
||||||
@@ -3,7 +3,7 @@ import uuid
|
|||||||
from fastapi import APIRouter, status
|
from fastapi import APIRouter, status
|
||||||
|
|
||||||
from app.api.deps import CurrentUser, SessionDep
|
from app.api.deps import CurrentUser, SessionDep
|
||||||
from app.schemas.event import EventCreate, EventRead
|
from app.schemas.event import EventCreate, EventRead, EventUpdate
|
||||||
from app.services import event_service, tree_service
|
from app.services import event_service, tree_service
|
||||||
|
|
||||||
router = APIRouter(prefix="/trees", tags=["events"])
|
router = APIRouter(prefix="/trees", tags=["events"])
|
||||||
@@ -20,6 +20,15 @@ async def create_event(
|
|||||||
return EventRead.model_validate(event)
|
return EventRead.model_validate(event)
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/{tree_id}/events", response_model=list[EventRead])
|
||||||
|
async def list_tree_events(
|
||||||
|
tree_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
) -> list[EventRead]:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
events = await event_service.list_events(session, viewer_id=current.id, tree=tree)
|
||||||
|
return [EventRead.model_validate(e) for e in events]
|
||||||
|
|
||||||
|
|
||||||
@router.get("/{tree_id}/persons/{person_id}/events", response_model=list[EventRead])
|
@router.get("/{tree_id}/persons/{person_id}/events", response_model=list[EventRead])
|
||||||
async def list_person_events(
|
async def list_person_events(
|
||||||
tree_id: uuid.UUID, person_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
tree_id: uuid.UUID, person_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
@@ -31,6 +40,25 @@ async def list_person_events(
|
|||||||
return [EventRead.model_validate(e) for e in events]
|
return [EventRead.model_validate(e) for e in events]
|
||||||
|
|
||||||
|
|
||||||
|
@router.patch("/{tree_id}/events/{event_id}", response_model=EventRead)
|
||||||
|
async def update_event(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
event_id: uuid.UUID,
|
||||||
|
data: EventUpdate,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
) -> EventRead:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
event = await event_service.update_event(
|
||||||
|
session,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
event_id=event_id,
|
||||||
|
changes=data.model_dump(exclude_unset=True),
|
||||||
|
)
|
||||||
|
return EventRead.model_validate(event)
|
||||||
|
|
||||||
|
|
||||||
@router.delete("/{tree_id}/events/{event_id}", status_code=status.HTTP_204_NO_CONTENT)
|
@router.delete("/{tree_id}/events/{event_id}", status_code=status.HTTP_204_NO_CONTENT)
|
||||||
async def delete_event(
|
async def delete_event(
|
||||||
tree_id: uuid.UUID, event_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
tree_id: uuid.UUID, event_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
|||||||
@@ -0,0 +1,68 @@
|
|||||||
|
import json
|
||||||
|
import uuid
|
||||||
|
|
||||||
|
from fastapi import APIRouter, File, Form, Response, UploadFile
|
||||||
|
|
||||||
|
from app.api.deps import CurrentUser, SessionDep
|
||||||
|
from app.schemas.gedcom import ImportPreview, ImportReport
|
||||||
|
from app.services import gedcom, tree_service
|
||||||
|
|
||||||
|
router = APIRouter(prefix="/trees", tags=["gedcom"])
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/{tree_id}/gedcom/preview", response_model=ImportPreview)
|
||||||
|
async def preview_gedcom(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
file: UploadFile = File(...),
|
||||||
|
) -> ImportPreview:
|
||||||
|
"""Dry run: report counts and incoming people that look like duplicates of
|
||||||
|
existing ones, so the user can choose how to resolve each before importing."""
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
text = (await file.read()).decode("utf-8", errors="replace")
|
||||||
|
report = await gedcom.preview_gedcom(session, actor=current, tree=tree, text=text)
|
||||||
|
return ImportPreview(**report)
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/{tree_id}/gedcom/import", response_model=ImportReport)
|
||||||
|
async def import_gedcom(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
file: UploadFile = File(...),
|
||||||
|
default_action: str = Form("new"),
|
||||||
|
resolutions: str = Form("{}"),
|
||||||
|
) -> ImportReport:
|
||||||
|
"""Import a GEDCOM. ``default_action`` (new|skip|merge|overwrite) applies to
|
||||||
|
incoming people that match an existing one; ``resolutions`` is a JSON object
|
||||||
|
{xref: {action, target_id}} overriding it per record."""
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
text = (await file.read()).decode("utf-8", errors="replace")
|
||||||
|
try:
|
||||||
|
parsed = json.loads(resolutions or "{}")
|
||||||
|
except json.JSONDecodeError:
|
||||||
|
parsed = {}
|
||||||
|
report = await gedcom.import_gedcom(
|
||||||
|
session,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
text=text,
|
||||||
|
default_action=default_action,
|
||||||
|
resolutions=parsed,
|
||||||
|
)
|
||||||
|
return ImportReport(**report)
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/{tree_id}/gedcom/export")
|
||||||
|
async def export_gedcom(
|
||||||
|
tree_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
) -> Response:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
text = await gedcom.export_gedcom(session, viewer_id=current.id, tree=tree)
|
||||||
|
safe = "".join(c for c in tree.name if c.isalnum() or c in " -_").strip() or "tree"
|
||||||
|
return Response(
|
||||||
|
content=text,
|
||||||
|
media_type="text/plain",
|
||||||
|
headers={"Content-Disposition": f'attachment; filename="{safe}.ged"'},
|
||||||
|
)
|
||||||
@@ -0,0 +1,109 @@
|
|||||||
|
import uuid
|
||||||
|
|
||||||
|
from fastapi import APIRouter, File, Form, Response, UploadFile, status
|
||||||
|
|
||||||
|
from app.api.deps import CurrentUser, ObjectStoreDep, SessionDep
|
||||||
|
from app.schemas.media import MediaRead, MediaUpdate
|
||||||
|
from app.services import media_service, tree_service
|
||||||
|
|
||||||
|
|
||||||
|
def _content_url(media) -> str:
|
||||||
|
return f"/api/v1/trees/{media.tree_id}/media/{media.id}/content"
|
||||||
|
|
||||||
|
|
||||||
|
def _read(media) -> MediaRead:
|
||||||
|
out = MediaRead.model_validate(media)
|
||||||
|
# Stream through the backend (privacy-checked, browser-reachable) rather
|
||||||
|
# than expose the internal object store directly.
|
||||||
|
out.url = _content_url(media)
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
router = APIRouter(prefix="/trees", tags=["media"])
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/{tree_id}/media", response_model=MediaRead, status_code=status.HTTP_201_CREATED)
|
||||||
|
async def upload_media(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
store: ObjectStoreDep,
|
||||||
|
file: UploadFile = File(...),
|
||||||
|
title: str | None = Form(None),
|
||||||
|
person_id: uuid.UUID | None = Form(None),
|
||||||
|
event_id: uuid.UUID | None = Form(None),
|
||||||
|
source_id: uuid.UUID | None = Form(None),
|
||||||
|
) -> MediaRead:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
data = await file.read()
|
||||||
|
media = await media_service.upload_media(
|
||||||
|
session,
|
||||||
|
store,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
data=data,
|
||||||
|
filename=file.filename or "upload",
|
||||||
|
content_type=file.content_type or "application/octet-stream",
|
||||||
|
title=title,
|
||||||
|
person_id=person_id,
|
||||||
|
event_id=event_id,
|
||||||
|
source_id=source_id,
|
||||||
|
)
|
||||||
|
return _read(media)
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/{tree_id}/media", response_model=list[MediaRead])
|
||||||
|
async def list_media(
|
||||||
|
tree_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
) -> list[MediaRead]:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
items = await media_service.list_media(session, viewer_id=current.id, tree=tree)
|
||||||
|
return [_read(m) for m in items]
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/{tree_id}/media/{media_id}/content")
|
||||||
|
async def media_content(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
media_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
store: ObjectStoreDep,
|
||||||
|
) -> Response:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
media = await media_service.get_media(
|
||||||
|
session, viewer_id=current.id, tree=tree, media_id=media_id
|
||||||
|
)
|
||||||
|
data = await store.get_object(key=media.storage_key)
|
||||||
|
return Response(
|
||||||
|
content=data,
|
||||||
|
media_type=media.content_type,
|
||||||
|
headers={"Content-Disposition": f'inline; filename="{media.original_filename}"'},
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@router.patch("/{tree_id}/media/{media_id}", response_model=MediaRead)
|
||||||
|
async def update_media(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
media_id: uuid.UUID,
|
||||||
|
data: MediaUpdate,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
store: ObjectStoreDep,
|
||||||
|
) -> MediaRead:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
media = await media_service.update_media(
|
||||||
|
session,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
media_id=media_id,
|
||||||
|
changes=data.model_dump(exclude_unset=True),
|
||||||
|
)
|
||||||
|
return _read(media)
|
||||||
|
|
||||||
|
|
||||||
|
@router.delete("/{tree_id}/media/{media_id}", status_code=status.HTTP_204_NO_CONTENT)
|
||||||
|
async def delete_media(
|
||||||
|
tree_id: uuid.UUID, media_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
) -> None:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
await media_service.delete_media(session, actor=current, tree=tree, media_id=media_id)
|
||||||
@@ -0,0 +1,90 @@
|
|||||||
|
import uuid
|
||||||
|
|
||||||
|
from fastapi import APIRouter, status
|
||||||
|
|
||||||
|
from app.api.deps import CurrentUser, SessionDep
|
||||||
|
from app.schemas.name import NameCreate, NameRead, NameUpdate
|
||||||
|
from app.services import name_service, tree_service
|
||||||
|
|
||||||
|
# Names are nested under their person (which is nested under the tree tenant).
|
||||||
|
router = APIRouter(prefix="/trees", tags=["names"])
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/{tree_id}/persons/{person_id}/names", response_model=list[NameRead])
|
||||||
|
async def list_names(
|
||||||
|
tree_id: uuid.UUID, person_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
) -> list[NameRead]:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
names = await name_service.list_names(
|
||||||
|
session, viewer_id=current.id, tree=tree, person_id=person_id
|
||||||
|
)
|
||||||
|
return [NameRead.model_validate(n) for n in names]
|
||||||
|
|
||||||
|
|
||||||
|
@router.post(
|
||||||
|
"/{tree_id}/persons/{person_id}/names",
|
||||||
|
response_model=NameRead,
|
||||||
|
status_code=status.HTTP_201_CREATED,
|
||||||
|
)
|
||||||
|
async def create_name(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
data: NameCreate,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
) -> NameRead:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
name = await name_service.create_name(
|
||||||
|
session,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
person_id=person_id,
|
||||||
|
name_type=data.name_type,
|
||||||
|
given=data.given,
|
||||||
|
surname=data.surname,
|
||||||
|
prefix=data.prefix,
|
||||||
|
suffix=data.suffix,
|
||||||
|
nickname=data.nickname,
|
||||||
|
is_primary=data.is_primary,
|
||||||
|
)
|
||||||
|
return NameRead.model_validate(name)
|
||||||
|
|
||||||
|
|
||||||
|
@router.patch(
|
||||||
|
"/{tree_id}/persons/{person_id}/names/{name_id}", response_model=NameRead
|
||||||
|
)
|
||||||
|
async def update_name(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
name_id: uuid.UUID,
|
||||||
|
data: NameUpdate,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
) -> NameRead:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
name = await name_service.update_name(
|
||||||
|
session,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
person_id=person_id,
|
||||||
|
name_id=name_id,
|
||||||
|
changes=data.model_dump(exclude_unset=True),
|
||||||
|
)
|
||||||
|
return NameRead.model_validate(name)
|
||||||
|
|
||||||
|
|
||||||
|
@router.delete(
|
||||||
|
"/{tree_id}/persons/{person_id}/names/{name_id}",
|
||||||
|
status_code=status.HTTP_204_NO_CONTENT,
|
||||||
|
)
|
||||||
|
async def delete_name(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
name_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
) -> None:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
await name_service.delete_name(
|
||||||
|
session, actor=current, tree=tree, person_id=person_id, name_id=name_id
|
||||||
|
)
|
||||||
@@ -3,7 +3,7 @@ import uuid
|
|||||||
from fastapi import APIRouter, status
|
from fastapi import APIRouter, status
|
||||||
|
|
||||||
from app.api.deps import CurrentUser, SessionDep
|
from app.api.deps import CurrentUser, SessionDep
|
||||||
from app.schemas.person import PersonCreate, PersonRead
|
from app.schemas.person import PersonCreate, PersonRead, PersonUpdate
|
||||||
from app.services import person_service, tree_service
|
from app.services import person_service, tree_service
|
||||||
|
|
||||||
# Persons are nested under their tree (the tenant boundary).
|
# Persons are nested under their tree (the tenant boundary).
|
||||||
@@ -36,13 +36,73 @@ async def create_person(
|
|||||||
|
|
||||||
@router.get("/{tree_id}/persons", response_model=list[PersonRead])
|
@router.get("/{tree_id}/persons", response_model=list[PersonRead])
|
||||||
async def list_persons(
|
async def list_persons(
|
||||||
tree_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
tree_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
deleted: bool = False,
|
||||||
|
q: str | None = None,
|
||||||
) -> list[PersonRead]:
|
) -> list[PersonRead]:
|
||||||
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
persons = await person_service.list_persons(session, viewer_id=current.id, tree=tree)
|
if q:
|
||||||
|
persons = await person_service.search_persons(
|
||||||
|
session, viewer_id=current.id, tree=tree, query=q
|
||||||
|
)
|
||||||
|
elif deleted:
|
||||||
|
persons = await person_service.list_deleted_persons(
|
||||||
|
session, viewer_id=current.id, tree=tree
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
persons = await person_service.list_persons(session, viewer_id=current.id, tree=tree)
|
||||||
return [PersonRead.model_validate(p) for p in persons]
|
return [PersonRead.model_validate(p) for p in persons]
|
||||||
|
|
||||||
|
|
||||||
|
@router.patch("/{tree_id}/persons/{person_id}", response_model=PersonRead)
|
||||||
|
async def update_person(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
data: PersonUpdate,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
) -> PersonRead:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
person = await person_service.update_person(
|
||||||
|
session,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
person_id=person_id,
|
||||||
|
changes=data.model_dump(exclude_unset=True),
|
||||||
|
)
|
||||||
|
return PersonRead.model_validate(person)
|
||||||
|
|
||||||
|
|
||||||
|
@router.delete("/{tree_id}/persons/{person_id}")
|
||||||
|
async def delete_person(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
cascade: bool = False,
|
||||||
|
) -> dict[str, int]:
|
||||||
|
"""Delete a person. ``cascade=true`` also deletes all descendants. Returns
|
||||||
|
the number of persons deleted (1 unless cascading)."""
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
deleted = await person_service.delete_person(
|
||||||
|
session, actor=current, tree=tree, person_id=person_id, cascade=cascade
|
||||||
|
)
|
||||||
|
return {"deleted": deleted}
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/{tree_id}/persons/{person_id}/restore", response_model=PersonRead)
|
||||||
|
async def restore_person(
|
||||||
|
tree_id: uuid.UUID, person_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
) -> PersonRead:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
person = await person_service.restore_person(
|
||||||
|
session, actor=current, tree=tree, person_id=person_id
|
||||||
|
)
|
||||||
|
return PersonRead.model_validate(person)
|
||||||
|
|
||||||
|
|
||||||
@router.get("/{tree_id}/persons/{person_id}", response_model=PersonRead)
|
@router.get("/{tree_id}/persons/{person_id}", response_model=PersonRead)
|
||||||
async def get_person(
|
async def get_person(
|
||||||
tree_id: uuid.UUID, person_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
tree_id: uuid.UUID, person_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
|||||||
@@ -0,0 +1,135 @@
|
|||||||
|
"""Public, read-only viewing surface.
|
||||||
|
|
||||||
|
Optional auth (anonymous allowed). Every response is built by
|
||||||
|
``public_view_service``, which routes through the privacy engine and redacts
|
||||||
|
possibly-living people. No create/update/delete here.
|
||||||
|
"""
|
||||||
|
|
||||||
|
import uuid
|
||||||
|
|
||||||
|
from fastapi import APIRouter
|
||||||
|
|
||||||
|
from app.api.deps import CurrentUserOrNone, SessionDep
|
||||||
|
from app.schemas.event import EventRead
|
||||||
|
from app.schemas.name import NameRead
|
||||||
|
from app.schemas.person import PersonRead
|
||||||
|
from app.schemas.relationship import RelationshipRead
|
||||||
|
from app.schemas.tree import PublicTreeRead
|
||||||
|
from app.services import public_view_service
|
||||||
|
|
||||||
|
router = APIRouter(prefix="/public", tags=["public"])
|
||||||
|
|
||||||
|
|
||||||
|
def _vid(viewer: CurrentUserOrNone) -> uuid.UUID | None:
|
||||||
|
return viewer.id if viewer else None
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/trees", response_model=list[PublicTreeRead])
|
||||||
|
async def public_directory(
|
||||||
|
session: SessionDep,
|
||||||
|
viewer: CurrentUserOrNone,
|
||||||
|
q: str | None = None,
|
||||||
|
limit: int = 50,
|
||||||
|
offset: int = 0,
|
||||||
|
) -> list[PublicTreeRead]:
|
||||||
|
trees = await public_view_service.list_public_trees(
|
||||||
|
session, viewer_id=_vid(viewer), q=q, limit=limit, offset=offset
|
||||||
|
)
|
||||||
|
return [PublicTreeRead.model_validate(t) for t in trees]
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/trees/{tree_id}", response_model=PublicTreeRead)
|
||||||
|
async def public_tree(
|
||||||
|
tree_id: uuid.UUID, session: SessionDep, viewer: CurrentUserOrNone
|
||||||
|
) -> PublicTreeRead:
|
||||||
|
tree = await public_view_service.get_public_tree(
|
||||||
|
session, viewer_id=_vid(viewer), tree_id=tree_id
|
||||||
|
)
|
||||||
|
return PublicTreeRead.model_validate(tree)
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/trees/{tree_id}/persons", response_model=list[PersonRead])
|
||||||
|
async def public_persons(
|
||||||
|
tree_id: uuid.UUID, session: SessionDep, viewer: CurrentUserOrNone
|
||||||
|
) -> list[PersonRead]:
|
||||||
|
tree = await public_view_service.get_public_tree(
|
||||||
|
session, viewer_id=_vid(viewer), tree_id=tree_id
|
||||||
|
)
|
||||||
|
persons = await public_view_service.list_public_persons(
|
||||||
|
session, viewer_id=_vid(viewer), tree=tree
|
||||||
|
)
|
||||||
|
return [PersonRead.model_validate(p) for p in persons]
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/trees/{tree_id}/relationships", response_model=list[RelationshipRead])
|
||||||
|
async def public_relationships(
|
||||||
|
tree_id: uuid.UUID, session: SessionDep, viewer: CurrentUserOrNone
|
||||||
|
) -> list[RelationshipRead]:
|
||||||
|
tree = await public_view_service.get_public_tree(
|
||||||
|
session, viewer_id=_vid(viewer), tree_id=tree_id
|
||||||
|
)
|
||||||
|
rels = await public_view_service.list_public_relationships(
|
||||||
|
session, viewer_id=_vid(viewer), tree=tree
|
||||||
|
)
|
||||||
|
return [RelationshipRead.model_validate(r) for r in rels]
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/trees/{tree_id}/events", response_model=list[EventRead])
|
||||||
|
async def public_events(
|
||||||
|
tree_id: uuid.UUID, session: SessionDep, viewer: CurrentUserOrNone
|
||||||
|
) -> list[EventRead]:
|
||||||
|
tree = await public_view_service.get_public_tree(
|
||||||
|
session, viewer_id=_vid(viewer), tree_id=tree_id
|
||||||
|
)
|
||||||
|
events = await public_view_service.list_public_events(
|
||||||
|
session, viewer_id=_vid(viewer), tree=tree
|
||||||
|
)
|
||||||
|
return [EventRead.model_validate(e) for e in events]
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/trees/{tree_id}/persons/{person_id}", response_model=PersonRead)
|
||||||
|
async def public_person(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
viewer: CurrentUserOrNone,
|
||||||
|
) -> PersonRead:
|
||||||
|
tree = await public_view_service.get_public_tree(
|
||||||
|
session, viewer_id=_vid(viewer), tree_id=tree_id
|
||||||
|
)
|
||||||
|
person = await public_view_service.get_public_person(
|
||||||
|
session, viewer_id=_vid(viewer), tree=tree, person_id=person_id
|
||||||
|
)
|
||||||
|
return PersonRead.model_validate(person)
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/trees/{tree_id}/persons/{person_id}/names", response_model=list[NameRead])
|
||||||
|
async def public_person_names(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
viewer: CurrentUserOrNone,
|
||||||
|
) -> list[NameRead]:
|
||||||
|
tree = await public_view_service.get_public_tree(
|
||||||
|
session, viewer_id=_vid(viewer), tree_id=tree_id
|
||||||
|
)
|
||||||
|
names = await public_view_service.list_public_person_names(
|
||||||
|
session, viewer_id=_vid(viewer), tree=tree, person_id=person_id
|
||||||
|
)
|
||||||
|
return [NameRead.model_validate(n) for n in names]
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/trees/{tree_id}/persons/{person_id}/events", response_model=list[EventRead])
|
||||||
|
async def public_person_events(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
session: SessionDep,
|
||||||
|
viewer: CurrentUserOrNone,
|
||||||
|
) -> list[EventRead]:
|
||||||
|
tree = await public_view_service.get_public_tree(
|
||||||
|
session, viewer_id=_vid(viewer), tree_id=tree_id
|
||||||
|
)
|
||||||
|
events = await public_view_service.list_public_person_events(
|
||||||
|
session, viewer_id=_vid(viewer), tree=tree, person_id=person_id
|
||||||
|
)
|
||||||
|
return [EventRead.model_validate(e) for e in events]
|
||||||
@@ -3,7 +3,7 @@ import uuid
|
|||||||
from fastapi import APIRouter, status
|
from fastapi import APIRouter, status
|
||||||
|
|
||||||
from app.api.deps import CurrentUser, SessionDep
|
from app.api.deps import CurrentUser, SessionDep
|
||||||
from app.schemas.relationship import RelationshipCreate, RelationshipRead
|
from app.schemas.relationship import RelationshipCreate, RelationshipRead, RelationshipUpdate
|
||||||
from app.services import relationship_service, tree_service
|
from app.services import relationship_service, tree_service
|
||||||
|
|
||||||
router = APIRouter(prefix="/trees", tags=["relationships"])
|
router = APIRouter(prefix="/trees", tags=["relationships"])
|
||||||
@@ -24,6 +24,15 @@ async def create_relationship(
|
|||||||
return RelationshipRead.model_validate(relationship)
|
return RelationshipRead.model_validate(relationship)
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/{tree_id}/relationships", response_model=list[RelationshipRead])
|
||||||
|
async def list_relationships(
|
||||||
|
tree_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
) -> list[RelationshipRead]:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
rels = await relationship_service.list_relationships(session, viewer_id=current.id, tree=tree)
|
||||||
|
return [RelationshipRead.model_validate(r) for r in rels]
|
||||||
|
|
||||||
|
|
||||||
@router.get(
|
@router.get(
|
||||||
"/{tree_id}/persons/{person_id}/relationships",
|
"/{tree_id}/persons/{person_id}/relationships",
|
||||||
response_model=list[RelationshipRead],
|
response_model=list[RelationshipRead],
|
||||||
@@ -38,6 +47,25 @@ async def list_person_relationships(
|
|||||||
return [RelationshipRead.model_validate(r) for r in rels]
|
return [RelationshipRead.model_validate(r) for r in rels]
|
||||||
|
|
||||||
|
|
||||||
|
@router.patch("/{tree_id}/relationships/{relationship_id}", response_model=RelationshipRead)
|
||||||
|
async def update_relationship(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
relationship_id: uuid.UUID,
|
||||||
|
data: RelationshipUpdate,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
) -> RelationshipRead:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
rel = await relationship_service.update_relationship(
|
||||||
|
session,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
relationship_id=relationship_id,
|
||||||
|
changes=data.model_dump(exclude_unset=True),
|
||||||
|
)
|
||||||
|
return RelationshipRead.model_validate(rel)
|
||||||
|
|
||||||
|
|
||||||
@router.delete(
|
@router.delete(
|
||||||
"/{tree_id}/relationships/{relationship_id}", status_code=status.HTTP_204_NO_CONTENT
|
"/{tree_id}/relationships/{relationship_id}", status_code=status.HTTP_204_NO_CONTENT
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -3,7 +3,7 @@ import uuid
|
|||||||
from fastapi import APIRouter, status
|
from fastapi import APIRouter, status
|
||||||
|
|
||||||
from app.api.deps import CurrentUser, SessionDep
|
from app.api.deps import CurrentUser, SessionDep
|
||||||
from app.schemas.source import SourceCreate, SourceRead
|
from app.schemas.source import SourceCreate, SourceRead, SourceUpdate
|
||||||
from app.services import source_service, tree_service
|
from app.services import source_service, tree_service
|
||||||
|
|
||||||
router = APIRouter(prefix="/trees", tags=["sources"])
|
router = APIRouter(prefix="/trees", tags=["sources"])
|
||||||
@@ -40,6 +40,25 @@ async def get_source(
|
|||||||
return SourceRead.model_validate(source)
|
return SourceRead.model_validate(source)
|
||||||
|
|
||||||
|
|
||||||
|
@router.patch("/{tree_id}/sources/{source_id}", response_model=SourceRead)
|
||||||
|
async def update_source(
|
||||||
|
tree_id: uuid.UUID,
|
||||||
|
source_id: uuid.UUID,
|
||||||
|
data: SourceUpdate,
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
) -> SourceRead:
|
||||||
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
|
source = await source_service.update_source(
|
||||||
|
session,
|
||||||
|
actor=current,
|
||||||
|
tree=tree,
|
||||||
|
source_id=source_id,
|
||||||
|
changes=data.model_dump(exclude_unset=True),
|
||||||
|
)
|
||||||
|
return SourceRead.model_validate(source)
|
||||||
|
|
||||||
|
|
||||||
@router.delete("/{tree_id}/sources/{source_id}", status_code=status.HTTP_204_NO_CONTENT)
|
@router.delete("/{tree_id}/sources/{source_id}", status_code=status.HTTP_204_NO_CONTENT)
|
||||||
async def delete_source(
|
async def delete_source(
|
||||||
tree_id: uuid.UUID, source_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
tree_id: uuid.UUID, source_id: uuid.UUID, session: SessionDep, current: CurrentUser
|
||||||
|
|||||||
@@ -3,7 +3,7 @@ import uuid
|
|||||||
from fastapi import APIRouter, status
|
from fastapi import APIRouter, status
|
||||||
|
|
||||||
from app.api.deps import CurrentUser, SessionDep
|
from app.api.deps import CurrentUser, SessionDep
|
||||||
from app.schemas.tree import TreeCreate, TreeRead
|
from app.schemas.tree import TreeCreate, TreeRead, TreeUpdate
|
||||||
from app.services import tree_service
|
from app.services import tree_service
|
||||||
|
|
||||||
router = APIRouter(prefix="/trees", tags=["trees"])
|
router = APIRouter(prefix="/trees", tags=["trees"])
|
||||||
@@ -22,8 +22,13 @@ async def create_tree(data: TreeCreate, session: SessionDep, current: CurrentUse
|
|||||||
|
|
||||||
|
|
||||||
@router.get("", response_model=list[TreeRead])
|
@router.get("", response_model=list[TreeRead])
|
||||||
async def list_my_trees(session: SessionDep, current: CurrentUser) -> list[TreeRead]:
|
async def list_my_trees(
|
||||||
trees = await tree_service.list_trees_for_user(session, user=current)
|
session: SessionDep, current: CurrentUser, deleted: bool = False
|
||||||
|
) -> list[TreeRead]:
|
||||||
|
if deleted:
|
||||||
|
trees = await tree_service.list_deleted_trees_for_user(session, user=current)
|
||||||
|
else:
|
||||||
|
trees = await tree_service.list_trees_for_user(session, user=current)
|
||||||
return [TreeRead.model_validate(t) for t in trees]
|
return [TreeRead.model_validate(t) for t in trees]
|
||||||
|
|
||||||
|
|
||||||
@@ -31,3 +36,24 @@ async def list_my_trees(session: SessionDep, current: CurrentUser) -> list[TreeR
|
|||||||
async def get_tree(tree_id: uuid.UUID, session: SessionDep, current: CurrentUser) -> TreeRead:
|
async def get_tree(tree_id: uuid.UUID, session: SessionDep, current: CurrentUser) -> TreeRead:
|
||||||
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
tree = await tree_service.get_tree(session, viewer_id=current.id, tree_id=tree_id)
|
||||||
return TreeRead.model_validate(tree)
|
return TreeRead.model_validate(tree)
|
||||||
|
|
||||||
|
|
||||||
|
@router.patch("/{tree_id}", response_model=TreeRead)
|
||||||
|
async def update_tree(
|
||||||
|
tree_id: uuid.UUID, data: TreeUpdate, session: SessionDep, current: CurrentUser
|
||||||
|
) -> TreeRead:
|
||||||
|
tree = await tree_service.update_tree(
|
||||||
|
session, actor=current, tree_id=tree_id, changes=data.model_dump(exclude_unset=True)
|
||||||
|
)
|
||||||
|
return TreeRead.model_validate(tree)
|
||||||
|
|
||||||
|
|
||||||
|
@router.delete("/{tree_id}", status_code=status.HTTP_204_NO_CONTENT)
|
||||||
|
async def delete_tree(tree_id: uuid.UUID, session: SessionDep, current: CurrentUser) -> None:
|
||||||
|
await tree_service.delete_tree(session, actor=current, tree_id=tree_id)
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/{tree_id}/restore", response_model=TreeRead)
|
||||||
|
async def restore_tree(tree_id: uuid.UUID, session: SessionDep, current: CurrentUser) -> TreeRead:
|
||||||
|
tree = await tree_service.restore_tree(session, actor=current, tree_id=tree_id)
|
||||||
|
return TreeRead.model_validate(tree)
|
||||||
|
|||||||
@@ -1,7 +1,8 @@
|
|||||||
from fastapi import APIRouter
|
from fastapi import APIRouter, File, Form, Response, UploadFile
|
||||||
|
|
||||||
from app.api.deps import CurrentUser
|
from app.api.deps import CurrentUser, ObjectStoreDep, SessionDep
|
||||||
from app.schemas.user import UserRead
|
from app.schemas.user import UserRead, UserSelfPersonUpdate
|
||||||
|
from app.services import account_service, user_service
|
||||||
|
|
||||||
router = APIRouter(prefix="/users", tags=["users"])
|
router = APIRouter(prefix="/users", tags=["users"])
|
||||||
|
|
||||||
@@ -9,3 +10,48 @@ router = APIRouter(prefix="/users", tags=["users"])
|
|||||||
@router.get("/me", response_model=UserRead)
|
@router.get("/me", response_model=UserRead)
|
||||||
async def read_me(current: CurrentUser) -> UserRead:
|
async def read_me(current: CurrentUser) -> UserRead:
|
||||||
return UserRead.model_validate(current)
|
return UserRead.model_validate(current)
|
||||||
|
|
||||||
|
|
||||||
|
@router.patch("/me/self-person", response_model=UserRead)
|
||||||
|
async def set_self_person(
|
||||||
|
data: UserSelfPersonUpdate, session: SessionDep, current: CurrentUser
|
||||||
|
) -> UserRead:
|
||||||
|
"""Link (or unlink) the Person record that represents this account."""
|
||||||
|
user = await user_service.set_self_person(
|
||||||
|
session, user=current, person_id=data.self_person_id
|
||||||
|
)
|
||||||
|
return UserRead.model_validate(user)
|
||||||
|
|
||||||
|
|
||||||
|
@router.get("/me/export")
|
||||||
|
async def export_account(
|
||||||
|
session: SessionDep, current: CurrentUser, store: ObjectStoreDep
|
||||||
|
) -> Response:
|
||||||
|
"""Download a full backup (JSON + media) of every tree the user owns."""
|
||||||
|
data = await account_service.export_account(session, store, user=current)
|
||||||
|
return Response(
|
||||||
|
content=data,
|
||||||
|
media_type="application/zip",
|
||||||
|
headers={"Content-Disposition": 'attachment; filename="provenance-export.zip"'},
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/me/import")
|
||||||
|
async def import_account(
|
||||||
|
session: SessionDep,
|
||||||
|
current: CurrentUser,
|
||||||
|
store: ObjectStoreDep,
|
||||||
|
file: UploadFile = File(...),
|
||||||
|
) -> dict:
|
||||||
|
"""Restore a previously-exported backup into new trees (non-destructive)."""
|
||||||
|
raw = await file.read()
|
||||||
|
return await account_service.import_account(session, store, user=current, raw_zip=raw)
|
||||||
|
|
||||||
|
|
||||||
|
@router.delete("/me", status_code=204)
|
||||||
|
async def delete_account(
|
||||||
|
session: SessionDep, current: CurrentUser, confirm_email: str = Form(...)
|
||||||
|
) -> None:
|
||||||
|
"""Delete the account: the user, their owned trees, and their sessions.
|
||||||
|
Requires retyping the account email as a guard."""
|
||||||
|
await account_service.delete_account(session, user=current, confirm_email=confirm_email)
|
||||||
|
|||||||
@@ -35,6 +35,18 @@ class Settings(BaseSettings):
|
|||||||
# Base URL used to build links in outbound email.
|
# Base URL used to build links in outbound email.
|
||||||
app_base_url: str = "http://localhost"
|
app_base_url: str = "http://localhost"
|
||||||
|
|
||||||
|
# --- Object storage (S3-compatible / MinIO) ---
|
||||||
|
s3_endpoint_url: str = "http://minio:9000"
|
||||||
|
s3_bucket: str = "provenance"
|
||||||
|
s3_access_key: str = "provenance"
|
||||||
|
s3_secret_key: str = "change-me-too"
|
||||||
|
s3_region: str = "us-east-1"
|
||||||
|
s3_presign_ttl: int = 3600 # seconds
|
||||||
|
|
||||||
|
# --- Worker ---
|
||||||
|
purge_interval_seconds: int = 3600 # how often to run the soft-delete purge
|
||||||
|
purge_after_days: int = 30 # soft-deleted rows older than this are purged
|
||||||
|
|
||||||
# --- Email (SMTP) ---
|
# --- Email (SMTP) ---
|
||||||
mailer: str = Field(default="console", description="console | smtp")
|
mailer: str = Field(default="console", description="console | smtp")
|
||||||
smtp_host: str | None = None
|
smtp_host: str | None = None
|
||||||
|
|||||||
@@ -0,0 +1,25 @@
|
|||||||
|
"""ObjectStore interface — pluggable binary storage behind the service layer.
|
||||||
|
|
||||||
|
Implementations are S3-compatible (MinIO for self-host, any S3 otherwise).
|
||||||
|
Methods are async wrappers so the service layer stays non-blocking even though
|
||||||
|
the underlying SDK (boto3) is synchronous.
|
||||||
|
"""
|
||||||
|
|
||||||
|
from abc import ABC, abstractmethod
|
||||||
|
|
||||||
|
|
||||||
|
class ObjectStore(ABC):
|
||||||
|
@abstractmethod
|
||||||
|
async def ensure_bucket(self) -> None: ...
|
||||||
|
|
||||||
|
@abstractmethod
|
||||||
|
async def put_object(self, *, key: str, data: bytes, content_type: str) -> None: ...
|
||||||
|
|
||||||
|
@abstractmethod
|
||||||
|
async def get_object(self, *, key: str) -> bytes: ...
|
||||||
|
|
||||||
|
@abstractmethod
|
||||||
|
async def presigned_get_url(self, *, key: str) -> str: ...
|
||||||
|
|
||||||
|
@abstractmethod
|
||||||
|
async def delete_object(self, *, key: str) -> None: ...
|
||||||
@@ -0,0 +1,63 @@
|
|||||||
|
"""S3-compatible ObjectStore (boto3), suitable for MinIO or any S3 provider.
|
||||||
|
|
||||||
|
boto3 is synchronous; each call is dispatched to a thread so request handlers
|
||||||
|
and the worker stay async."""
|
||||||
|
|
||||||
|
import asyncio
|
||||||
|
|
||||||
|
import boto3
|
||||||
|
from botocore.client import Config
|
||||||
|
from botocore.exceptions import ClientError
|
||||||
|
|
||||||
|
from app.core.config import Settings
|
||||||
|
from app.integrations.objectstore.base import ObjectStore
|
||||||
|
|
||||||
|
|
||||||
|
class S3ObjectStore(ObjectStore):
|
||||||
|
def __init__(self, settings: Settings) -> None:
|
||||||
|
self.bucket = settings.s3_bucket
|
||||||
|
self.presign_ttl = settings.s3_presign_ttl
|
||||||
|
self._client = boto3.client(
|
||||||
|
"s3",
|
||||||
|
endpoint_url=settings.s3_endpoint_url,
|
||||||
|
aws_access_key_id=settings.s3_access_key,
|
||||||
|
aws_secret_access_key=settings.s3_secret_key,
|
||||||
|
region_name=settings.s3_region,
|
||||||
|
config=Config(signature_version="s3v4"),
|
||||||
|
)
|
||||||
|
|
||||||
|
def _ensure_bucket_sync(self) -> None:
|
||||||
|
try:
|
||||||
|
self._client.head_bucket(Bucket=self.bucket)
|
||||||
|
except ClientError:
|
||||||
|
self._client.create_bucket(Bucket=self.bucket)
|
||||||
|
|
||||||
|
async def ensure_bucket(self) -> None:
|
||||||
|
await asyncio.to_thread(self._ensure_bucket_sync)
|
||||||
|
|
||||||
|
async def put_object(self, *, key: str, data: bytes, content_type: str) -> None:
|
||||||
|
await asyncio.to_thread(
|
||||||
|
self._client.put_object,
|
||||||
|
Bucket=self.bucket,
|
||||||
|
Key=key,
|
||||||
|
Body=data,
|
||||||
|
ContentType=content_type,
|
||||||
|
)
|
||||||
|
|
||||||
|
async def get_object(self, *, key: str) -> bytes:
|
||||||
|
def _get() -> bytes:
|
||||||
|
obj = self._client.get_object(Bucket=self.bucket, Key=key)
|
||||||
|
return obj["Body"].read()
|
||||||
|
|
||||||
|
return await asyncio.to_thread(_get)
|
||||||
|
|
||||||
|
async def presigned_get_url(self, *, key: str) -> str:
|
||||||
|
return await asyncio.to_thread(
|
||||||
|
self._client.generate_presigned_url,
|
||||||
|
"get_object",
|
||||||
|
Params={"Bucket": self.bucket, "Key": key},
|
||||||
|
ExpiresIn=self.presign_ttl,
|
||||||
|
)
|
||||||
|
|
||||||
|
async def delete_object(self, *, key: str) -> None:
|
||||||
|
await asyncio.to_thread(self._client.delete_object, Bucket=self.bucket, Key=key)
|
||||||
@@ -5,6 +5,7 @@ from app.models.audit import AuditEntry
|
|||||||
from app.models.auth import Session, UserToken
|
from app.models.auth import Session, UserToken
|
||||||
from app.models.base import Base
|
from app.models.base import Base
|
||||||
from app.models.event import Event
|
from app.models.event import Event
|
||||||
|
from app.models.media import Media
|
||||||
from app.models.person import Name, Person
|
from app.models.person import Name, Person
|
||||||
from app.models.place import Place, PlaceName
|
from app.models.place import Place, PlaceName
|
||||||
from app.models.relationship import Relationship
|
from app.models.relationship import Relationship
|
||||||
@@ -28,4 +29,5 @@ __all__ = [
|
|||||||
"AuditEntry",
|
"AuditEntry",
|
||||||
"Session",
|
"Session",
|
||||||
"UserToken",
|
"UserToken",
|
||||||
|
"Media",
|
||||||
]
|
]
|
||||||
|
|||||||
@@ -9,9 +9,10 @@ import enum
|
|||||||
|
|
||||||
|
|
||||||
class TreeVisibility(enum.StrEnum):
|
class TreeVisibility(enum.StrEnum):
|
||||||
public = "public"
|
public = "public" # anyone on the web (anonymous), listed + search-indexable
|
||||||
unlisted = "unlisted"
|
site_members = "site_members" # any authenticated user of this instance
|
||||||
private = "private"
|
unlisted = "unlisted" # anyone with the link (anonymous), not listed/indexed
|
||||||
|
private = "private" # members only (default)
|
||||||
|
|
||||||
|
|
||||||
class MembershipRole(enum.StrEnum):
|
class MembershipRole(enum.StrEnum):
|
||||||
|
|||||||
@@ -0,0 +1,36 @@
|
|||||||
|
"""Media — a binary asset (image, scan, PDF, audio) in object storage. The row
|
||||||
|
holds metadata + checksum + the storage key; the bytes live in the ObjectStore.
|
||||||
|
Optionally attached to a single fact (person, event, or source) for now."""
|
||||||
|
|
||||||
|
import uuid
|
||||||
|
|
||||||
|
from sqlalchemy import BigInteger, ForeignKey, String
|
||||||
|
from sqlalchemy.orm import Mapped, mapped_column
|
||||||
|
|
||||||
|
from app.models.base import Base
|
||||||
|
from app.models.mixins import SoftDelete, TenantScoped, Timestamps, UUIDPrimaryKey
|
||||||
|
|
||||||
|
|
||||||
|
class Media(Base, UUIDPrimaryKey, TenantScoped, Timestamps, SoftDelete):
|
||||||
|
__tablename__ = "media"
|
||||||
|
|
||||||
|
uploader_id: Mapped[uuid.UUID | None] = mapped_column(
|
||||||
|
ForeignKey("users.id", ondelete="SET NULL"), index=True
|
||||||
|
)
|
||||||
|
storage_key: Mapped[str] = mapped_column(String(512), unique=True)
|
||||||
|
original_filename: Mapped[str] = mapped_column(String(512))
|
||||||
|
content_type: Mapped[str] = mapped_column(String(128))
|
||||||
|
byte_size: Mapped[int] = mapped_column(BigInteger)
|
||||||
|
checksum_sha256: Mapped[str] = mapped_column(String(64), index=True)
|
||||||
|
title: Mapped[str | None] = mapped_column(String(512))
|
||||||
|
|
||||||
|
# Optional single attachment target.
|
||||||
|
person_id: Mapped[uuid.UUID | None] = mapped_column(
|
||||||
|
ForeignKey("persons.id", ondelete="SET NULL"), index=True
|
||||||
|
)
|
||||||
|
event_id: Mapped[uuid.UUID | None] = mapped_column(
|
||||||
|
ForeignKey("events.id", ondelete="SET NULL"), index=True
|
||||||
|
)
|
||||||
|
source_id: Mapped[uuid.UUID | None] = mapped_column(
|
||||||
|
ForeignKey("sources.id", ondelete="SET NULL"), index=True
|
||||||
|
)
|
||||||
@@ -7,7 +7,7 @@ aliases) so name changes over time are first-class.
|
|||||||
|
|
||||||
import uuid
|
import uuid
|
||||||
|
|
||||||
from sqlalchemy import Boolean, ForeignKey, Integer, String, Text, text
|
from sqlalchemy import Boolean, ForeignKey, Index, Integer, String, Text, text
|
||||||
from sqlalchemy import Enum as SAEnum
|
from sqlalchemy import Enum as SAEnum
|
||||||
from sqlalchemy.orm import Mapped, mapped_column
|
from sqlalchemy.orm import Mapped, mapped_column
|
||||||
|
|
||||||
@@ -33,6 +33,22 @@ class Person(Base, UUIDPrimaryKey, TenantScoped, Timestamps, SoftDelete):
|
|||||||
|
|
||||||
class Name(Base, UUIDPrimaryKey, TenantScoped, Timestamps, SoftDelete):
|
class Name(Base, UUIDPrimaryKey, TenantScoped, Timestamps, SoftDelete):
|
||||||
__tablename__ = "names"
|
__tablename__ = "names"
|
||||||
|
# Trigram indexes for fuzzy name search (Mueller/Müller/Muller). Requires the
|
||||||
|
# pg_trgm extension (enabled in the accompanying migration).
|
||||||
|
__table_args__ = (
|
||||||
|
Index(
|
||||||
|
"ix_names_given_trgm",
|
||||||
|
"given",
|
||||||
|
postgresql_using="gin",
|
||||||
|
postgresql_ops={"given": "gin_trgm_ops"},
|
||||||
|
),
|
||||||
|
Index(
|
||||||
|
"ix_names_surname_trgm",
|
||||||
|
"surname",
|
||||||
|
postgresql_using="gin",
|
||||||
|
postgresql_ops={"surname": "gin_trgm_ops"},
|
||||||
|
),
|
||||||
|
)
|
||||||
|
|
||||||
person_id: Mapped[uuid.UUID] = mapped_column(
|
person_id: Mapped[uuid.UUID] = mapped_column(
|
||||||
ForeignKey("persons.id", ondelete="CASCADE"), index=True
|
ForeignKey("persons.id", ondelete="CASCADE"), index=True
|
||||||
|
|||||||
@@ -26,6 +26,16 @@ class Tree(Base, UUIDPrimaryKey, Timestamps, SoftDelete):
|
|||||||
default=TreeVisibility.private,
|
default=TreeVisibility.private,
|
||||||
server_default=TreeVisibility.private.value,
|
server_default=TreeVisibility.private.value,
|
||||||
)
|
)
|
||||||
|
# The person a tree opens focused on (its "home"/root person). Cleared if
|
||||||
|
# that person is deleted. use_alter + name: trees<->persons form an FK cycle.
|
||||||
|
home_person_id: Mapped[uuid.UUID | None] = mapped_column(
|
||||||
|
ForeignKey(
|
||||||
|
"persons.id",
|
||||||
|
ondelete="SET NULL",
|
||||||
|
name="fk_trees_home_person_id",
|
||||||
|
use_alter=True,
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class TreeMembership(Base, UUIDPrimaryKey, Timestamps):
|
class TreeMembership(Base, UUIDPrimaryKey, Timestamps):
|
||||||
|
|||||||
@@ -3,9 +3,10 @@ multiple auth providers later (the provider-link table arrives with the auth
|
|||||||
slice). ``hashed_password`` is nullable: external/OIDC users have none.
|
slice). ``hashed_password`` is nullable: external/OIDC users have none.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
import uuid
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
|
||||||
from sqlalchemy import DateTime, String
|
from sqlalchemy import DateTime, ForeignKey, String
|
||||||
from sqlalchemy.orm import Mapped, mapped_column
|
from sqlalchemy.orm import Mapped, mapped_column
|
||||||
|
|
||||||
from app.models.base import Base
|
from app.models.base import Base
|
||||||
@@ -19,3 +20,15 @@ class User(Base, UUIDPrimaryKey, Timestamps, SoftDelete):
|
|||||||
email_verified_at: Mapped[datetime | None] = mapped_column(DateTime(timezone=True))
|
email_verified_at: Mapped[datetime | None] = mapped_column(DateTime(timezone=True))
|
||||||
display_name: Mapped[str | None] = mapped_column(String(255))
|
display_name: Mapped[str | None] = mapped_column(String(255))
|
||||||
hashed_password: Mapped[str | None] = mapped_column(String(255))
|
hashed_password: Mapped[str | None] = mapped_column(String(255))
|
||||||
|
# The Person record that *is* this user ("home person"). Cleared if that
|
||||||
|
# person is deleted, so the link can never dangle.
|
||||||
|
self_person_id: Mapped[uuid.UUID | None] = mapped_column(
|
||||||
|
# use_alter + explicit name: users<->persons<->trees form an FK cycle,
|
||||||
|
# so this constraint must be created/dropped via ALTER, not inline.
|
||||||
|
ForeignKey(
|
||||||
|
"persons.id",
|
||||||
|
ondelete="SET NULL",
|
||||||
|
name="fk_users_self_person_id",
|
||||||
|
use_alter=True,
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|||||||
@@ -29,6 +29,11 @@ class PasswordResetConfirm(BaseModel):
|
|||||||
new_password: str = Field(min_length=8)
|
new_password: str = Field(min_length=8)
|
||||||
|
|
||||||
|
|
||||||
|
class PasswordChange(BaseModel):
|
||||||
|
current_password: str
|
||||||
|
new_password: str = Field(min_length=8)
|
||||||
|
|
||||||
|
|
||||||
class SessionRead(BaseModel):
|
class SessionRead(BaseModel):
|
||||||
user: UserRead
|
user: UserRead
|
||||||
token: str
|
token: str
|
||||||
|
|||||||
@@ -0,0 +1,50 @@
|
|||||||
|
import uuid
|
||||||
|
|
||||||
|
from pydantic import BaseModel
|
||||||
|
|
||||||
|
|
||||||
|
class DeceasedCandidate(BaseModel):
|
||||||
|
person_id: uuid.UUID
|
||||||
|
name: str
|
||||||
|
birth_year: int
|
||||||
|
|
||||||
|
|
||||||
|
class DeceasedApply(BaseModel):
|
||||||
|
person_ids: list[uuid.UUID]
|
||||||
|
|
||||||
|
|
||||||
|
class GenderProposal(BaseModel):
|
||||||
|
person_id: uuid.UUID
|
||||||
|
name: str
|
||||||
|
proposed_gender: str
|
||||||
|
|
||||||
|
|
||||||
|
class GenderUpdate(BaseModel):
|
||||||
|
person_id: uuid.UUID
|
||||||
|
gender: str
|
||||||
|
|
||||||
|
|
||||||
|
class GenderApply(BaseModel):
|
||||||
|
updates: list[GenderUpdate]
|
||||||
|
|
||||||
|
|
||||||
|
class NameIssue(BaseModel):
|
||||||
|
name_id: uuid.UUID
|
||||||
|
person_id: uuid.UUID
|
||||||
|
given: str | None = None
|
||||||
|
surname: str | None = None
|
||||||
|
issue: str
|
||||||
|
|
||||||
|
|
||||||
|
class NameEdit(BaseModel):
|
||||||
|
name_id: uuid.UUID
|
||||||
|
given: str | None = None
|
||||||
|
surname: str | None = None
|
||||||
|
|
||||||
|
|
||||||
|
class NameApply(BaseModel):
|
||||||
|
edits: list[NameEdit]
|
||||||
|
|
||||||
|
|
||||||
|
class CleanupResult(BaseModel):
|
||||||
|
updated: int
|
||||||
@@ -20,6 +20,19 @@ class EventCreate(BaseModel):
|
|||||||
notes: str | None = None
|
notes: str | None = None
|
||||||
|
|
||||||
|
|
||||||
|
class EventUpdate(BaseModel):
|
||||||
|
# All optional; only fields explicitly sent are changed (PATCH semantics).
|
||||||
|
event_type: str | None = None
|
||||||
|
place_id: uuid.UUID | None = None
|
||||||
|
date_value: str | None = None
|
||||||
|
date_start: date | None = None
|
||||||
|
date_end: date | None = None
|
||||||
|
date_precision: str | None = None
|
||||||
|
calendar: str | None = None
|
||||||
|
detail: str | None = None
|
||||||
|
notes: str | None = None
|
||||||
|
|
||||||
|
|
||||||
class EventRead(BaseModel):
|
class EventRead(BaseModel):
|
||||||
model_config = ConfigDict(from_attributes=True)
|
model_config = ConfigDict(from_attributes=True)
|
||||||
|
|
||||||
|
|||||||
@@ -0,0 +1,25 @@
|
|||||||
|
import uuid
|
||||||
|
|
||||||
|
from pydantic import BaseModel
|
||||||
|
|
||||||
|
|
||||||
|
class ImportReport(BaseModel):
|
||||||
|
counts: dict[str, int]
|
||||||
|
unmapped_tags: list[str]
|
||||||
|
|
||||||
|
|
||||||
|
class DuplicateMatch(BaseModel):
|
||||||
|
# An incoming GEDCOM person that resembles an existing one in the tree.
|
||||||
|
xref: str
|
||||||
|
incoming_name: str
|
||||||
|
incoming_birth_year: str | None = None
|
||||||
|
existing_person_id: uuid.UUID
|
||||||
|
existing_name: str
|
||||||
|
existing_birth_year: str | None = None
|
||||||
|
score: str # "high" | "medium"
|
||||||
|
|
||||||
|
|
||||||
|
class ImportPreview(BaseModel):
|
||||||
|
counts: dict[str, int]
|
||||||
|
potential_duplicates: list[DuplicateMatch]
|
||||||
|
unmapped_tags: list[str]
|
||||||
@@ -0,0 +1,29 @@
|
|||||||
|
import uuid
|
||||||
|
from datetime import datetime
|
||||||
|
|
||||||
|
from pydantic import BaseModel, ConfigDict
|
||||||
|
|
||||||
|
|
||||||
|
class MediaUpdate(BaseModel):
|
||||||
|
title: str | None = None
|
||||||
|
person_id: uuid.UUID | None = None
|
||||||
|
event_id: uuid.UUID | None = None
|
||||||
|
source_id: uuid.UUID | None = None
|
||||||
|
|
||||||
|
|
||||||
|
class MediaRead(BaseModel):
|
||||||
|
model_config = ConfigDict(from_attributes=True)
|
||||||
|
|
||||||
|
id: uuid.UUID
|
||||||
|
tree_id: uuid.UUID
|
||||||
|
original_filename: str
|
||||||
|
content_type: str
|
||||||
|
byte_size: int
|
||||||
|
checksum_sha256: str
|
||||||
|
title: str | None
|
||||||
|
person_id: uuid.UUID | None
|
||||||
|
event_id: uuid.UUID | None
|
||||||
|
source_id: uuid.UUID | None
|
||||||
|
created_at: datetime
|
||||||
|
# Presigned download URL, filled in by the router from the ObjectStore.
|
||||||
|
url: str | None = None
|
||||||
@@ -0,0 +1,42 @@
|
|||||||
|
import uuid
|
||||||
|
from datetime import datetime
|
||||||
|
|
||||||
|
from pydantic import BaseModel, ConfigDict
|
||||||
|
|
||||||
|
|
||||||
|
class NameCreate(BaseModel):
|
||||||
|
# Open vocabulary: birth/maiden, married, alias, religious, nickname, ...
|
||||||
|
name_type: str = "birth"
|
||||||
|
given: str | None = None
|
||||||
|
surname: str | None = None
|
||||||
|
prefix: str | None = None
|
||||||
|
suffix: str | None = None
|
||||||
|
nickname: str | None = None
|
||||||
|
is_primary: bool = False
|
||||||
|
|
||||||
|
|
||||||
|
class NameUpdate(BaseModel):
|
||||||
|
name_type: str | None = None
|
||||||
|
given: str | None = None
|
||||||
|
surname: str | None = None
|
||||||
|
prefix: str | None = None
|
||||||
|
suffix: str | None = None
|
||||||
|
nickname: str | None = None
|
||||||
|
is_primary: bool | None = None
|
||||||
|
|
||||||
|
|
||||||
|
class NameRead(BaseModel):
|
||||||
|
model_config = ConfigDict(from_attributes=True)
|
||||||
|
|
||||||
|
id: uuid.UUID
|
||||||
|
tree_id: uuid.UUID
|
||||||
|
person_id: uuid.UUID
|
||||||
|
name_type: str
|
||||||
|
given: str | None
|
||||||
|
surname: str | None
|
||||||
|
prefix: str | None
|
||||||
|
suffix: str | None
|
||||||
|
nickname: str | None
|
||||||
|
is_primary: bool
|
||||||
|
sort_order: int
|
||||||
|
created_at: datetime
|
||||||
@@ -15,6 +15,16 @@ class PersonCreate(BaseModel):
|
|||||||
notes: str | None = None
|
notes: str | None = None
|
||||||
|
|
||||||
|
|
||||||
|
class PersonUpdate(BaseModel):
|
||||||
|
# Person fields + the primary name's parts; only sent fields are changed.
|
||||||
|
given: str | None = None
|
||||||
|
surname: str | None = None
|
||||||
|
gender: str | None = None
|
||||||
|
is_living: bool | None = None
|
||||||
|
privacy: PersonPrivacy | None = None
|
||||||
|
notes: str | None = None
|
||||||
|
|
||||||
|
|
||||||
class PersonRead(BaseModel):
|
class PersonRead(BaseModel):
|
||||||
model_config = ConfigDict(from_attributes=True)
|
model_config = ConfigDict(from_attributes=True)
|
||||||
|
|
||||||
|
|||||||
@@ -15,6 +15,11 @@ class RelationshipCreate(BaseModel):
|
|||||||
notes: str | None = None
|
notes: str | None = None
|
||||||
|
|
||||||
|
|
||||||
|
class RelationshipUpdate(BaseModel):
|
||||||
|
qualifier: ParentChildQualifier | None = None
|
||||||
|
notes: str | None = None
|
||||||
|
|
||||||
|
|
||||||
class RelationshipRead(BaseModel):
|
class RelationshipRead(BaseModel):
|
||||||
model_config = ConfigDict(from_attributes=True)
|
model_config = ConfigDict(from_attributes=True)
|
||||||
|
|
||||||
|
|||||||
@@ -33,6 +33,23 @@ class SourceRead(BaseModel):
|
|||||||
created_at: datetime
|
created_at: datetime
|
||||||
|
|
||||||
|
|
||||||
|
class SourceUpdate(BaseModel):
|
||||||
|
title: str | None = None
|
||||||
|
author: str | None = None
|
||||||
|
source_type: str | None = None
|
||||||
|
repository: str | None = None
|
||||||
|
url: str | None = None
|
||||||
|
citation_text: str | None = None
|
||||||
|
publication_info: str | None = None
|
||||||
|
quality_note: str | None = None
|
||||||
|
|
||||||
|
|
||||||
|
class CitationUpdate(BaseModel):
|
||||||
|
page: str | None = None
|
||||||
|
detail: str | None = None
|
||||||
|
confidence: CitationConfidence | None = None
|
||||||
|
|
||||||
|
|
||||||
class CitationCreate(BaseModel):
|
class CitationCreate(BaseModel):
|
||||||
source_id: uuid.UUID
|
source_id: uuid.UUID
|
||||||
# Exactly one target fact.
|
# Exactly one target fact.
|
||||||
|
|||||||
@@ -12,6 +12,13 @@ class TreeCreate(BaseModel):
|
|||||||
visibility: TreeVisibility = TreeVisibility.private
|
visibility: TreeVisibility = TreeVisibility.private
|
||||||
|
|
||||||
|
|
||||||
|
class TreeUpdate(BaseModel):
|
||||||
|
name: str | None = None
|
||||||
|
description: str | None = None
|
||||||
|
visibility: TreeVisibility | None = None
|
||||||
|
home_person_id: uuid.UUID | None = None
|
||||||
|
|
||||||
|
|
||||||
class TreeRead(BaseModel):
|
class TreeRead(BaseModel):
|
||||||
model_config = ConfigDict(from_attributes=True)
|
model_config = ConfigDict(from_attributes=True)
|
||||||
|
|
||||||
@@ -20,4 +27,18 @@ class TreeRead(BaseModel):
|
|||||||
description: str | None
|
description: str | None
|
||||||
visibility: TreeVisibility
|
visibility: TreeVisibility
|
||||||
owner_id: uuid.UUID
|
owner_id: uuid.UUID
|
||||||
|
home_person_id: uuid.UUID | None = None
|
||||||
created_at: datetime
|
created_at: datetime
|
||||||
|
|
||||||
|
|
||||||
|
class PublicTreeRead(BaseModel):
|
||||||
|
"""Tree projection for the public surface — deliberately omits owner_id so a
|
||||||
|
public/unlisted tree doesn't reveal which account owns it."""
|
||||||
|
|
||||||
|
model_config = ConfigDict(from_attributes=True)
|
||||||
|
|
||||||
|
id: uuid.UUID
|
||||||
|
name: str
|
||||||
|
description: str | None
|
||||||
|
visibility: TreeVisibility
|
||||||
|
home_person_id: uuid.UUID | None = None
|
||||||
|
|||||||
@@ -19,4 +19,10 @@ class UserRead(BaseModel):
|
|||||||
email: str
|
email: str
|
||||||
display_name: str | None
|
display_name: str | None
|
||||||
email_verified_at: datetime | None
|
email_verified_at: datetime | None
|
||||||
|
self_person_id: uuid.UUID | None = None
|
||||||
created_at: datetime
|
created_at: datetime
|
||||||
|
|
||||||
|
|
||||||
|
class UserSelfPersonUpdate(BaseModel):
|
||||||
|
# null clears the link; otherwise the Person that represents this account.
|
||||||
|
self_person_id: uuid.UUID | None = None
|
||||||
|
|||||||
@@ -0,0 +1,352 @@
|
|||||||
|
"""Account-level data portability: export the signed-in user's owned trees as a
|
||||||
|
zip (JSON + media bytes), restore such a zip into a brand-new tree
|
||||||
|
(non-destructive), and delete the account.
|
||||||
|
|
||||||
|
The export format is a zip containing ``account.json`` plus ``media/<id>`` blobs.
|
||||||
|
Restore always creates new trees and remaps ids, so it can't clobber existing
|
||||||
|
data.
|
||||||
|
"""
|
||||||
|
|
||||||
|
import hashlib
|
||||||
|
import io
|
||||||
|
import json
|
||||||
|
import uuid
|
||||||
|
import zipfile
|
||||||
|
from datetime import UTC, date, datetime
|
||||||
|
|
||||||
|
from sqlalchemy import select, update
|
||||||
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
|
from app.integrations.objectstore.base import ObjectStore
|
||||||
|
from app.models.auth import Session as SessionModel
|
||||||
|
from app.models.enums import MembershipRole
|
||||||
|
from app.models.event import Event
|
||||||
|
from app.models.media import Media
|
||||||
|
from app.models.person import Name, Person
|
||||||
|
from app.models.place import Place
|
||||||
|
from app.models.relationship import Relationship
|
||||||
|
from app.models.source import Citation, Source
|
||||||
|
from app.models.tree import Tree, TreeMembership
|
||||||
|
from app.models.user import User
|
||||||
|
from app.services.audit import record_audit
|
||||||
|
from app.services.exceptions import Forbidden, NotFound
|
||||||
|
|
||||||
|
EXPORT_VERSION = 1
|
||||||
|
_DROP = {"created_at", "updated_at", "deleted_at", "tree_id"}
|
||||||
|
# Media columns rebuilt on import (storage is re-keyed, checksum recomputed).
|
||||||
|
_MEDIA_DROP = _DROP | {"uploader_id", "storage_key", "byte_size", "checksum_sha256"}
|
||||||
|
_DATE_FIELDS = {"date_start", "date_end"}
|
||||||
|
|
||||||
|
|
||||||
|
def _row(obj, drop: set[str]) -> dict:
|
||||||
|
out: dict = {}
|
||||||
|
for col in obj.__table__.columns.keys(): # noqa: SIM118
|
||||||
|
if col in drop:
|
||||||
|
continue
|
||||||
|
out[col] = getattr(obj, col)
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
async def _entities(session: AsyncSession, model, tree_id: uuid.UUID):
|
||||||
|
stmt = select(model).where(model.tree_id == tree_id, model.deleted_at.is_(None))
|
||||||
|
return list((await session.execute(stmt)).scalars().all())
|
||||||
|
|
||||||
|
|
||||||
|
async def export_account(session: AsyncSession, store: ObjectStore, *, user: User) -> bytes:
|
||||||
|
"""Build a zip of every tree the user owns: account.json + media blobs."""
|
||||||
|
trees = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Tree).where(Tree.owner_id == user.id, Tree.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
|
||||||
|
payload: dict = {
|
||||||
|
"version": EXPORT_VERSION,
|
||||||
|
"user": {"email": user.email, "display_name": user.display_name},
|
||||||
|
"trees": [],
|
||||||
|
}
|
||||||
|
media_blobs: list[tuple[str, bytes]] = []
|
||||||
|
|
||||||
|
for tree in trees:
|
||||||
|
media_rows = await _entities(session, Media, tree.id)
|
||||||
|
media_out = []
|
||||||
|
for m in media_rows:
|
||||||
|
ref = f"media/{m.id}"
|
||||||
|
rec = _row(m, _MEDIA_DROP)
|
||||||
|
rec["_file"] = ref
|
||||||
|
media_out.append(rec)
|
||||||
|
try:
|
||||||
|
media_blobs.append((ref, await store.get_object(key=m.storage_key)))
|
||||||
|
except Exception: # noqa: BLE001 — a missing blob shouldn't abort the export
|
||||||
|
rec["_file"] = None
|
||||||
|
|
||||||
|
payload["trees"].append({
|
||||||
|
"tree": {
|
||||||
|
"name": tree.name,
|
||||||
|
"description": tree.description,
|
||||||
|
"visibility": tree.visibility,
|
||||||
|
"home_person_id": tree.home_person_id,
|
||||||
|
},
|
||||||
|
"places": [_row(p, _DROP) for p in await _entities(session, Place, tree.id)],
|
||||||
|
"persons": [_row(p, _DROP) for p in await _entities(session, Person, tree.id)],
|
||||||
|
"names": [_row(n, _DROP) for n in await _entities(session, Name, tree.id)],
|
||||||
|
"relationships": [
|
||||||
|
_row(r, _DROP) for r in await _entities(session, Relationship, tree.id)
|
||||||
|
],
|
||||||
|
"events": [_row(e, _DROP) for e in await _entities(session, Event, tree.id)],
|
||||||
|
"sources": [_row(s, _DROP) for s in await _entities(session, Source, tree.id)],
|
||||||
|
"citations": [_row(c, _DROP) for c in await _entities(session, Citation, tree.id)],
|
||||||
|
"media": media_out,
|
||||||
|
})
|
||||||
|
|
||||||
|
buf = io.BytesIO()
|
||||||
|
with zipfile.ZipFile(buf, "w", zipfile.ZIP_DEFLATED) as zf:
|
||||||
|
zf.writestr("account.json", json.dumps(payload, default=str, indent=2))
|
||||||
|
for ref, blob in media_blobs:
|
||||||
|
zf.writestr(ref, blob)
|
||||||
|
return buf.getvalue()
|
||||||
|
|
||||||
|
|
||||||
|
def _as_uuid(v) -> uuid.UUID | None:
|
||||||
|
return uuid.UUID(v) if v else None
|
||||||
|
|
||||||
|
|
||||||
|
def _as_date(v) -> date | None:
|
||||||
|
return date.fromisoformat(v) if v else None
|
||||||
|
|
||||||
|
|
||||||
|
async def import_account(
|
||||||
|
session: AsyncSession, store: ObjectStore, *, user: User, raw_zip: bytes
|
||||||
|
) -> dict:
|
||||||
|
"""Restore an exported zip into NEW trees owned by the user. Non-destructive:
|
||||||
|
every record gets a fresh id; nothing existing is touched."""
|
||||||
|
try:
|
||||||
|
zf = zipfile.ZipFile(io.BytesIO(raw_zip))
|
||||||
|
payload = json.loads(zf.read("account.json"))
|
||||||
|
except (zipfile.BadZipFile, KeyError, json.JSONDecodeError) as e:
|
||||||
|
raise NotFound("not a valid Provenance export") from e
|
||||||
|
|
||||||
|
counts: dict[str, int] = {"trees": 0, "persons": 0, "events": 0, "media": 0}
|
||||||
|
|
||||||
|
for tdata in payload.get("trees", []):
|
||||||
|
t = tdata.get("tree", {})
|
||||||
|
tree = Tree(
|
||||||
|
owner_id=user.id,
|
||||||
|
name=(t.get("name") or "Imported tree"),
|
||||||
|
description=t.get("description"),
|
||||||
|
visibility=t.get("visibility") or "private",
|
||||||
|
)
|
||||||
|
session.add(tree)
|
||||||
|
await session.flush()
|
||||||
|
session.add(
|
||||||
|
TreeMembership(tree_id=tree.id, user_id=user.id, role=MembershipRole.owner)
|
||||||
|
)
|
||||||
|
counts["trees"] += 1
|
||||||
|
|
||||||
|
# id remaps from the export's ids to the freshly created ones.
|
||||||
|
pmap: dict[str, uuid.UUID] = {}
|
||||||
|
rmap: dict[str, uuid.UUID] = {}
|
||||||
|
smap: dict[str, uuid.UUID] = {}
|
||||||
|
nmap: dict[str, uuid.UUID] = {}
|
||||||
|
emap: dict[str, uuid.UUID] = {}
|
||||||
|
plmap: dict[str, uuid.UUID] = {}
|
||||||
|
|
||||||
|
for pl in tdata.get("places", []):
|
||||||
|
obj = Place(
|
||||||
|
tree_id=tree.id,
|
||||||
|
name=pl.get("name") or "",
|
||||||
|
place_type=pl.get("place_type"),
|
||||||
|
latitude=pl.get("latitude"),
|
||||||
|
longitude=pl.get("longitude"),
|
||||||
|
)
|
||||||
|
session.add(obj)
|
||||||
|
await session.flush()
|
||||||
|
plmap[pl["id"]] = obj.id
|
||||||
|
|
||||||
|
for p in tdata.get("persons", []):
|
||||||
|
obj = Person(
|
||||||
|
tree_id=tree.id,
|
||||||
|
gender=p.get("gender"),
|
||||||
|
is_living=p.get("is_living"),
|
||||||
|
privacy=p.get("privacy") or "inherit",
|
||||||
|
notes=p.get("notes"),
|
||||||
|
)
|
||||||
|
session.add(obj)
|
||||||
|
await session.flush()
|
||||||
|
pmap[p["id"]] = obj.id
|
||||||
|
counts["persons"] += 1
|
||||||
|
|
||||||
|
for n in tdata.get("names", []):
|
||||||
|
pid = pmap.get(n.get("person_id"))
|
||||||
|
if pid is None:
|
||||||
|
continue
|
||||||
|
obj = Name(
|
||||||
|
tree_id=tree.id,
|
||||||
|
person_id=pid,
|
||||||
|
name_type=n.get("name_type") or "birth",
|
||||||
|
given=n.get("given"),
|
||||||
|
surname=n.get("surname"),
|
||||||
|
prefix=n.get("prefix"),
|
||||||
|
suffix=n.get("suffix"),
|
||||||
|
nickname=n.get("nickname"),
|
||||||
|
display_name=n.get("display_name"),
|
||||||
|
is_primary=bool(n.get("is_primary")),
|
||||||
|
sort_order=n.get("sort_order") or 0,
|
||||||
|
)
|
||||||
|
session.add(obj)
|
||||||
|
await session.flush()
|
||||||
|
nmap[n["id"]] = obj.id
|
||||||
|
|
||||||
|
for r in tdata.get("relationships", []):
|
||||||
|
a = pmap.get(r.get("person_from_id"))
|
||||||
|
b = pmap.get(r.get("person_to_id"))
|
||||||
|
if a is None or b is None:
|
||||||
|
continue
|
||||||
|
obj = Relationship(
|
||||||
|
tree_id=tree.id,
|
||||||
|
type=r.get("type"),
|
||||||
|
person_from_id=a,
|
||||||
|
person_to_id=b,
|
||||||
|
qualifier=r.get("qualifier"),
|
||||||
|
notes=r.get("notes"),
|
||||||
|
)
|
||||||
|
session.add(obj)
|
||||||
|
await session.flush()
|
||||||
|
rmap[r["id"]] = obj.id
|
||||||
|
|
||||||
|
for e in tdata.get("events", []):
|
||||||
|
obj = Event(
|
||||||
|
tree_id=tree.id,
|
||||||
|
event_type=e.get("event_type") or "other",
|
||||||
|
person_id=pmap.get(e.get("person_id")),
|
||||||
|
relationship_id=rmap.get(e.get("relationship_id")),
|
||||||
|
place_id=plmap.get(e.get("place_id")),
|
||||||
|
date_value=e.get("date_value"),
|
||||||
|
date_start=_as_date(e.get("date_start")),
|
||||||
|
date_end=_as_date(e.get("date_end")),
|
||||||
|
date_precision=e.get("date_precision"),
|
||||||
|
calendar=e.get("calendar") or "gregorian",
|
||||||
|
detail=e.get("detail"),
|
||||||
|
notes=e.get("notes"),
|
||||||
|
)
|
||||||
|
session.add(obj)
|
||||||
|
await session.flush()
|
||||||
|
emap[e["id"]] = obj.id
|
||||||
|
counts["events"] += 1
|
||||||
|
|
||||||
|
for s in tdata.get("sources", []):
|
||||||
|
obj = Source(
|
||||||
|
tree_id=tree.id,
|
||||||
|
title=s.get("title") or "Untitled source",
|
||||||
|
author=s.get("author"),
|
||||||
|
source_type=s.get("source_type"),
|
||||||
|
repository=s.get("repository"),
|
||||||
|
url=s.get("url"),
|
||||||
|
citation_text=s.get("citation_text"),
|
||||||
|
publication_info=s.get("publication_info"),
|
||||||
|
quality_note=s.get("quality_note"),
|
||||||
|
)
|
||||||
|
session.add(obj)
|
||||||
|
await session.flush()
|
||||||
|
smap[s["id"]] = obj.id
|
||||||
|
|
||||||
|
for c in tdata.get("citations", []):
|
||||||
|
sid = smap.get(c.get("source_id"))
|
||||||
|
if sid is None:
|
||||||
|
continue
|
||||||
|
session.add(
|
||||||
|
Citation(
|
||||||
|
tree_id=tree.id,
|
||||||
|
source_id=sid,
|
||||||
|
person_id=pmap.get(c.get("person_id")),
|
||||||
|
event_id=emap.get(c.get("event_id")),
|
||||||
|
name_id=nmap.get(c.get("name_id")),
|
||||||
|
relationship_id=rmap.get(c.get("relationship_id")),
|
||||||
|
page=c.get("page"),
|
||||||
|
detail=c.get("detail"),
|
||||||
|
confidence=c.get("confidence"),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
for m in tdata.get("media", []):
|
||||||
|
ref = m.get("_file")
|
||||||
|
if not ref:
|
||||||
|
continue
|
||||||
|
try:
|
||||||
|
blob = zf.read(ref)
|
||||||
|
except KeyError:
|
||||||
|
continue
|
||||||
|
media_id = uuid.uuid4()
|
||||||
|
filename = m.get("original_filename") or "upload"
|
||||||
|
key = f"{tree.id}/{media_id}/{filename}"
|
||||||
|
await store.ensure_bucket()
|
||||||
|
await store.put_object(
|
||||||
|
key=key,
|
||||||
|
data=blob,
|
||||||
|
content_type=m.get("content_type") or "application/octet-stream",
|
||||||
|
)
|
||||||
|
session.add(
|
||||||
|
Media(
|
||||||
|
id=media_id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
uploader_id=user.id,
|
||||||
|
storage_key=key,
|
||||||
|
original_filename=filename,
|
||||||
|
content_type=m.get("content_type") or "application/octet-stream",
|
||||||
|
byte_size=len(blob),
|
||||||
|
checksum_sha256=hashlib.sha256(blob).hexdigest(),
|
||||||
|
title=m.get("title"),
|
||||||
|
person_id=pmap.get(m.get("person_id")),
|
||||||
|
event_id=emap.get(m.get("event_id")),
|
||||||
|
source_id=smap.get(m.get("source_id")),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
counts["media"] += 1
|
||||||
|
|
||||||
|
# Remap the home person last, once persons exist.
|
||||||
|
home = t.get("home_person_id")
|
||||||
|
if home and home in pmap:
|
||||||
|
tree.home_person_id = pmap[home]
|
||||||
|
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="import",
|
||||||
|
entity_type="Account",
|
||||||
|
entity_id=tree.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=user.id,
|
||||||
|
after=counts,
|
||||||
|
)
|
||||||
|
|
||||||
|
await session.commit()
|
||||||
|
return counts
|
||||||
|
|
||||||
|
|
||||||
|
async def delete_account(session: AsyncSession, *, user: User, confirm_email: str) -> None:
|
||||||
|
"""Soft-delete the account: the user, the trees they own, and all their
|
||||||
|
sessions. Requires the user to retype their email as a guard."""
|
||||||
|
if confirm_email.strip().lower() != user.email.lower():
|
||||||
|
raise Forbidden("email confirmation does not match")
|
||||||
|
now = datetime.now(UTC)
|
||||||
|
|
||||||
|
await session.execute(
|
||||||
|
update(Tree)
|
||||||
|
.where(Tree.owner_id == user.id, Tree.deleted_at.is_(None))
|
||||||
|
.values(deleted_at=now)
|
||||||
|
)
|
||||||
|
await session.execute(
|
||||||
|
update(SessionModel)
|
||||||
|
.where(SessionModel.user_id == user.id, SessionModel.revoked_at.is_(None))
|
||||||
|
.values(revoked_at=now)
|
||||||
|
)
|
||||||
|
user.deleted_at = now
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="delete",
|
||||||
|
entity_type="User",
|
||||||
|
entity_id=user.id,
|
||||||
|
actor_user_id=user.id,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
@@ -3,6 +3,7 @@ the change to a User (or the assistant principal acting for a User). Staged on
|
|||||||
the session; the caller commits as part of its unit of work.
|
the session; the caller commits as part of its unit of work.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
import json
|
||||||
import uuid
|
import uuid
|
||||||
|
|
||||||
from sqlalchemy.ext.asyncio import AsyncSession
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
@@ -11,6 +12,14 @@ from app.models.audit import AuditEntry
|
|||||||
from app.models.enums import AuditActorType
|
from app.models.enums import AuditActorType
|
||||||
|
|
||||||
|
|
||||||
|
def _json_safe(d: dict | None) -> dict | None:
|
||||||
|
"""Coerce a change dict to JSON-native types (UUIDs, enums, dates -> str) so
|
||||||
|
it lands in the JSON audit column regardless of what the caller passed."""
|
||||||
|
if d is None:
|
||||||
|
return None
|
||||||
|
return json.loads(json.dumps(d, default=str))
|
||||||
|
|
||||||
|
|
||||||
def record_audit(
|
def record_audit(
|
||||||
session: AsyncSession,
|
session: AsyncSession,
|
||||||
*,
|
*,
|
||||||
@@ -30,8 +39,8 @@ def record_audit(
|
|||||||
tree_id=tree_id,
|
tree_id=tree_id,
|
||||||
actor_user_id=actor_user_id,
|
actor_user_id=actor_user_id,
|
||||||
actor_type=actor_type,
|
actor_type=actor_type,
|
||||||
before=before,
|
before=_json_safe(before),
|
||||||
after=after,
|
after=_json_safe(after),
|
||||||
)
|
)
|
||||||
session.add(entry)
|
session.add(entry)
|
||||||
return entry
|
return entry
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ from sqlalchemy import select, update
|
|||||||
from sqlalchemy.ext.asyncio import AsyncSession
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
from app.core.config import get_settings
|
from app.core.config import get_settings
|
||||||
from app.core.security import generate_token, hash_password, hash_token
|
from app.core.security import generate_token, hash_password, hash_token, verify_password
|
||||||
from app.integrations.auth.local import LocalAuthProvider
|
from app.integrations.auth.local import LocalAuthProvider
|
||||||
from app.integrations.mailer.base import Mailer
|
from app.integrations.mailer.base import Mailer
|
||||||
from app.models.auth import Session as SessionModel
|
from app.models.auth import Session as SessionModel
|
||||||
@@ -17,7 +17,7 @@ from app.models.auth import UserToken
|
|||||||
from app.models.enums import TokenPurpose
|
from app.models.enums import TokenPurpose
|
||||||
from app.models.user import User
|
from app.models.user import User
|
||||||
from app.services.audit import record_audit
|
from app.services.audit import record_audit
|
||||||
from app.services.exceptions import Conflict, NotFound
|
from app.services.exceptions import Conflict, Forbidden, NotFound
|
||||||
|
|
||||||
_local_provider = LocalAuthProvider()
|
_local_provider = LocalAuthProvider()
|
||||||
|
|
||||||
@@ -178,6 +178,26 @@ async def request_password_reset(session: AsyncSession, mailer: Mailer, *, email
|
|||||||
await mailer.send_password_reset(to=email, link=_link("/auth/reset-password", raw))
|
await mailer.send_password_reset(to=email, link=_link("/auth/reset-password", raw))
|
||||||
|
|
||||||
|
|
||||||
|
async def change_password(
|
||||||
|
session: AsyncSession, *, user: User, current_password: str, new_password: str
|
||||||
|
) -> None:
|
||||||
|
"""Change a logged-in user's password after re-verifying the current one.
|
||||||
|
Revokes other sessions so a changed password takes effect everywhere."""
|
||||||
|
if not user.hashed_password or not verify_password(
|
||||||
|
user.hashed_password, current_password
|
||||||
|
):
|
||||||
|
raise Forbidden("current password is incorrect")
|
||||||
|
user.hashed_password = hash_password(new_password)
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="change_password",
|
||||||
|
entity_type="User",
|
||||||
|
entity_id=user.id,
|
||||||
|
actor_user_id=user.id,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
|
||||||
|
|
||||||
async def reset_password(session: AsyncSession, *, raw_token: str, new_password: str) -> None:
|
async def reset_password(session: AsyncSession, *, raw_token: str, new_password: str) -> None:
|
||||||
token = await _consume_token(session, raw_token, TokenPurpose.password_reset)
|
token = await _consume_token(session, raw_token, TokenPurpose.password_reset)
|
||||||
await session.execute(
|
await session.execute(
|
||||||
|
|||||||
@@ -113,6 +113,38 @@ async def list_citations(
|
|||||||
return list((await session.execute(stmt)).scalars().all())
|
return list((await session.execute(stmt)).scalars().all())
|
||||||
|
|
||||||
|
|
||||||
|
async def update_citation(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, citation_id: uuid.UUID, changes: dict
|
||||||
|
) -> Citation:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
citation = (
|
||||||
|
await session.execute(
|
||||||
|
select(Citation).where(
|
||||||
|
Citation.id == citation_id,
|
||||||
|
Citation.tree_id == tree.id,
|
||||||
|
Citation.deleted_at.is_(None),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if citation is None:
|
||||||
|
raise NotFound("citation not found")
|
||||||
|
for key in {"page", "detail", "confidence"} & changes.keys():
|
||||||
|
setattr(citation, key, changes[key])
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="update",
|
||||||
|
entity_type="Citation",
|
||||||
|
entity_id=citation.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after=changes,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(citation)
|
||||||
|
return citation
|
||||||
|
|
||||||
|
|
||||||
async def delete_citation(
|
async def delete_citation(
|
||||||
session: AsyncSession, *, actor: User, tree: Tree, citation_id: uuid.UUID
|
session: AsyncSession, *, actor: User, tree: Tree, citation_id: uuid.UUID
|
||||||
) -> None:
|
) -> None:
|
||||||
|
|||||||
@@ -0,0 +1,289 @@
|
|||||||
|
"""Bulk tree cleanup — preview/apply pairs for common import messes.
|
||||||
|
|
||||||
|
Per the project's #1 rule (the assistant proposes, humans approve), each fix has
|
||||||
|
a *preview* that returns the proposed changes and an *apply* that commits only
|
||||||
|
the ids/edits the user confirmed. Nothing here mutates without an explicit apply
|
||||||
|
call carrying the user's selections.
|
||||||
|
"""
|
||||||
|
|
||||||
|
import re
|
||||||
|
import uuid
|
||||||
|
|
||||||
|
from sqlalchemy import select
|
||||||
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
|
from app.models.event import Event
|
||||||
|
from app.models.person import Name, Person
|
||||||
|
from app.models.tree import Tree
|
||||||
|
from app.models.user import User
|
||||||
|
from app.services import gedcom, privacy
|
||||||
|
from app.services.audit import record_audit
|
||||||
|
from app.services.exceptions import Forbidden, NotFound
|
||||||
|
from app.services.name_gender_data import guess_sex
|
||||||
|
|
||||||
|
|
||||||
|
async def _require_editor(session: AsyncSession, *, actor: User, tree: Tree) -> None:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
|
||||||
|
|
||||||
|
async def _persons(session: AsyncSession, tree_id: uuid.UUID) -> list[Person]:
|
||||||
|
return list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(Person.tree_id == tree_id, Person.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
async def _primary_name_by_person(
|
||||||
|
session: AsyncSession, tree_id: uuid.UUID
|
||||||
|
) -> dict[uuid.UUID, Name]:
|
||||||
|
names = (
|
||||||
|
await session.execute(
|
||||||
|
select(Name)
|
||||||
|
.where(Name.tree_id == tree_id, Name.deleted_at.is_(None))
|
||||||
|
.order_by(Name.is_primary.desc(), Name.sort_order)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
out: dict[uuid.UUID, Name] = {}
|
||||||
|
for n in names:
|
||||||
|
out.setdefault(n.person_id, n)
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
async def _birth_year_by_person(session: AsyncSession, tree_id: uuid.UUID) -> dict[uuid.UUID, int]:
|
||||||
|
evs = (
|
||||||
|
await session.execute(
|
||||||
|
select(Event).where(
|
||||||
|
Event.tree_id == tree_id,
|
||||||
|
Event.deleted_at.is_(None),
|
||||||
|
Event.event_type == "birth",
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
out: dict[uuid.UUID, int] = {}
|
||||||
|
for e in evs:
|
||||||
|
if not e.person_id or e.person_id in out:
|
||||||
|
continue
|
||||||
|
y = e.date_start.year if e.date_start else None
|
||||||
|
if y is None:
|
||||||
|
ys = gedcom._year(e.date_value)
|
||||||
|
y = int(ys) if ys else None
|
||||||
|
if y is not None:
|
||||||
|
out[e.person_id] = y
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
def _display(n: Name | None) -> str:
|
||||||
|
if n is None:
|
||||||
|
return "Unnamed"
|
||||||
|
return " ".join(x for x in (n.given, n.surname) if x) or (n.display_name or "Unnamed")
|
||||||
|
|
||||||
|
|
||||||
|
# ---- 1. Mark deceased by birth year -------------------------------------------------
|
||||||
|
|
||||||
|
async def preview_deceased(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, year: int
|
||||||
|
) -> list[dict]:
|
||||||
|
await _require_editor(session, actor=actor, tree=tree)
|
||||||
|
names = await _primary_name_by_person(session, tree.id)
|
||||||
|
years = await _birth_year_by_person(session, tree.id)
|
||||||
|
out: list[dict] = []
|
||||||
|
for p in await _persons(session, tree.id):
|
||||||
|
if p.is_living is False: # already deceased
|
||||||
|
continue
|
||||||
|
by = years.get(p.id)
|
||||||
|
if by is not None and by <= year:
|
||||||
|
out.append(
|
||||||
|
{"person_id": str(p.id), "name": _display(names.get(p.id)), "birth_year": by}
|
||||||
|
)
|
||||||
|
out.sort(key=lambda r: r["birth_year"])
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
async def apply_deceased(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, person_ids: list[uuid.UUID]
|
||||||
|
) -> int:
|
||||||
|
await _require_editor(session, actor=actor, tree=tree)
|
||||||
|
persons = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(
|
||||||
|
Person.tree_id == tree.id,
|
||||||
|
Person.deleted_at.is_(None),
|
||||||
|
Person.id.in_(person_ids),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
for p in persons:
|
||||||
|
p.is_living = False
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="cleanup_deceased",
|
||||||
|
entity_type="Tree",
|
||||||
|
entity_id=tree.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after={"count": len(persons)},
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
return len(persons)
|
||||||
|
|
||||||
|
|
||||||
|
# ---- 2. Re-derive gender from a source GEDCOM (matches by name) ----------------------
|
||||||
|
|
||||||
|
async def preview_gender(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, gedcom_text: str
|
||||||
|
) -> list[dict]:
|
||||||
|
await _require_editor(session, actor=actor, tree=tree)
|
||||||
|
name2sex: dict[str, str] = {}
|
||||||
|
for rec in gedcom.parse_records(gedcom_text):
|
||||||
|
if rec.tag != "INDI":
|
||||||
|
continue
|
||||||
|
summ = gedcom._person_summary(rec)
|
||||||
|
sex = gedcom._sex(rec.text("SEX"))
|
||||||
|
if sex and summ["norm"]:
|
||||||
|
name2sex.setdefault(summ["norm"], sex)
|
||||||
|
|
||||||
|
names = await _primary_name_by_person(session, tree.id)
|
||||||
|
out: list[dict] = []
|
||||||
|
for p in await _persons(session, tree.id):
|
||||||
|
if p.gender: # only fill in what's missing
|
||||||
|
continue
|
||||||
|
nm = names.get(p.id)
|
||||||
|
if nm is None:
|
||||||
|
continue
|
||||||
|
proposed = name2sex.get(gedcom._norm(nm.given, nm.surname))
|
||||||
|
if proposed:
|
||||||
|
out.append({"person_id": str(p.id), "name": _display(nm), "proposed_gender": proposed})
|
||||||
|
out.sort(key=lambda r: r["name"])
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
async def guess_gender_by_name(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree
|
||||||
|
) -> list[dict]:
|
||||||
|
"""Best-guess sex from the first given name for people who don't have it set,
|
||||||
|
using the bundled name dictionary. Ambiguous/unknown names are skipped."""
|
||||||
|
await _require_editor(session, actor=actor, tree=tree)
|
||||||
|
names = await _primary_name_by_person(session, tree.id)
|
||||||
|
out: list[dict] = []
|
||||||
|
for p in await _persons(session, tree.id):
|
||||||
|
if p.gender:
|
||||||
|
continue
|
||||||
|
nm = names.get(p.id)
|
||||||
|
if nm is None:
|
||||||
|
continue
|
||||||
|
proposed = guess_sex(nm.given)
|
||||||
|
if proposed:
|
||||||
|
out.append({"person_id": str(p.id), "name": _display(nm), "proposed_gender": proposed})
|
||||||
|
out.sort(key=lambda r: r["name"])
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
async def apply_gender(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, updates: list[dict]
|
||||||
|
) -> int:
|
||||||
|
"""updates: [{person_id, gender}]."""
|
||||||
|
await _require_editor(session, actor=actor, tree=tree)
|
||||||
|
wanted = {uuid.UUID(str(u["person_id"])): u["gender"] for u in updates if u.get("gender")}
|
||||||
|
persons = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(
|
||||||
|
Person.tree_id == tree.id,
|
||||||
|
Person.deleted_at.is_(None),
|
||||||
|
Person.id.in_(wanted.keys()),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
for p in persons:
|
||||||
|
p.gender = wanted[p.id]
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="cleanup_gender",
|
||||||
|
entity_type="Tree",
|
||||||
|
entity_id=tree.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after={"count": len(persons)},
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
return len(persons)
|
||||||
|
|
||||||
|
|
||||||
|
# ---- 3. Flag malformed names for review --------------------------------------------
|
||||||
|
|
||||||
|
_YEAR_RE = re.compile(r"\b\d{3,4}\b")
|
||||||
|
|
||||||
|
|
||||||
|
def _name_issue(n: Name) -> str | None:
|
||||||
|
given = (n.given or "").strip()
|
||||||
|
surname = (n.surname or "").strip()
|
||||||
|
if _YEAR_RE.search(surname) or re.search(r"\d", surname):
|
||||||
|
return "date_in_surname"
|
||||||
|
if re.search(r"\d", given):
|
||||||
|
return "date_in_given"
|
||||||
|
# A given name with many tokens often means a maiden+married name was packed
|
||||||
|
# in (e.g. "Mary Smith Jones") — surface it for a human to split.
|
||||||
|
if surname == "" and len(given.split()) >= 2:
|
||||||
|
return "no_surname"
|
||||||
|
if len(given.split()) >= 3:
|
||||||
|
return "packed_given"
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
async def preview_names(session: AsyncSession, *, actor: User, tree: Tree) -> list[dict]:
|
||||||
|
await _require_editor(session, actor=actor, tree=tree)
|
||||||
|
names = (
|
||||||
|
await session.execute(
|
||||||
|
select(Name).where(Name.tree_id == tree.id, Name.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
out: list[dict] = []
|
||||||
|
for n in names:
|
||||||
|
issue = _name_issue(n)
|
||||||
|
if issue:
|
||||||
|
out.append({
|
||||||
|
"name_id": str(n.id),
|
||||||
|
"person_id": str(n.person_id),
|
||||||
|
"given": n.given,
|
||||||
|
"surname": n.surname,
|
||||||
|
"issue": issue,
|
||||||
|
})
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
async def apply_names(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, edits: list[dict]
|
||||||
|
) -> int:
|
||||||
|
"""edits: [{name_id, given, surname}] — the user's corrected values."""
|
||||||
|
await _require_editor(session, actor=actor, tree=tree)
|
||||||
|
by_id = {uuid.UUID(str(e["name_id"])): e for e in edits}
|
||||||
|
rows = (
|
||||||
|
await session.execute(
|
||||||
|
select(Name).where(
|
||||||
|
Name.tree_id == tree.id,
|
||||||
|
Name.deleted_at.is_(None),
|
||||||
|
Name.id.in_(by_id.keys()),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
if len(rows) != len(by_id):
|
||||||
|
raise NotFound("one or more names not found in this tree")
|
||||||
|
for n in rows:
|
||||||
|
e = by_id[n.id]
|
||||||
|
n.given = (e.get("given") or "").strip() or None
|
||||||
|
n.surname = (e.get("surname") or "").strip() or None
|
||||||
|
n.display_name = None # rebuild from parts
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="cleanup_names",
|
||||||
|
entity_type="Tree",
|
||||||
|
entity_id=tree.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after={"count": len(rows)},
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
return len(rows)
|
||||||
@@ -91,6 +91,20 @@ async def create_event(
|
|||||||
return event
|
return event
|
||||||
|
|
||||||
|
|
||||||
|
async def list_events(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree
|
||||||
|
) -> list[Event]:
|
||||||
|
"""All events in the tree — lets the family view compute birth/death years."""
|
||||||
|
if not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
||||||
|
raise Forbidden("not permitted to view this tree")
|
||||||
|
stmt = (
|
||||||
|
select(Event)
|
||||||
|
.where(Event.tree_id == tree.id, Event.deleted_at.is_(None))
|
||||||
|
.order_by(Event.date_start.nulls_last(), Event.created_at)
|
||||||
|
)
|
||||||
|
return list((await session.execute(stmt)).scalars().all())
|
||||||
|
|
||||||
|
|
||||||
async def list_events_for_person(
|
async def list_events_for_person(
|
||||||
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree, person_id: uuid.UUID
|
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree, person_id: uuid.UUID
|
||||||
) -> list[Event]:
|
) -> list[Event]:
|
||||||
@@ -108,6 +122,44 @@ async def list_events_for_person(
|
|||||||
return list((await session.execute(stmt)).scalars().all())
|
return list((await session.execute(stmt)).scalars().all())
|
||||||
|
|
||||||
|
|
||||||
|
async def update_event(
|
||||||
|
session: AsyncSession,
|
||||||
|
*,
|
||||||
|
actor: User,
|
||||||
|
tree: Tree,
|
||||||
|
event_id: uuid.UUID,
|
||||||
|
changes: dict,
|
||||||
|
) -> Event:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
event = (
|
||||||
|
await session.execute(
|
||||||
|
select(Event).where(
|
||||||
|
Event.id == event_id, Event.tree_id == tree.id, Event.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if event is None:
|
||||||
|
raise NotFound("event not found")
|
||||||
|
if "place_id" in changes and changes["place_id"] is not None:
|
||||||
|
if not await _belongs_to_tree(session, Place, changes["place_id"], tree.id):
|
||||||
|
raise NotFound("place not found in this tree")
|
||||||
|
for key, value in changes.items():
|
||||||
|
setattr(event, key, value)
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="update",
|
||||||
|
entity_type="Event",
|
||||||
|
entity_id=event.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after=changes,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(event)
|
||||||
|
return event
|
||||||
|
|
||||||
|
|
||||||
async def delete_event(
|
async def delete_event(
|
||||||
session: AsyncSession, *, actor: User, tree: Tree, event_id: uuid.UUID
|
session: AsyncSession, *, actor: User, tree: Tree, event_id: uuid.UUID
|
||||||
) -> None:
|
) -> None:
|
||||||
|
|||||||
@@ -0,0 +1,801 @@
|
|||||||
|
"""GEDCOM import/export.
|
||||||
|
|
||||||
|
A pragmatic parser + mapper for the common subset of GEDCOM (5.5.1 / 7 share
|
||||||
|
the line grammar): INDI, FAM, SOUR. Import maps records into a tree and returns
|
||||||
|
a mapping report (counts + unmapped tags); export serializes the tree back to
|
||||||
|
GEDCOM. Runs inline for now — large files should move to the worker later.
|
||||||
|
|
||||||
|
Import is duplicate-aware: ``preview_gedcom`` reports incoming people that look
|
||||||
|
like existing ones, and ``import_gedcom`` applies a per-record resolution
|
||||||
|
(new / skip / merge / overwrite). Names carry their GEDCOM type (a married name
|
||||||
|
imports as a typed alternate, not a second primary).
|
||||||
|
"""
|
||||||
|
|
||||||
|
import re
|
||||||
|
import uuid
|
||||||
|
from collections import defaultdict
|
||||||
|
from datetime import UTC, date, datetime
|
||||||
|
from difflib import SequenceMatcher
|
||||||
|
|
||||||
|
from sqlalchemy import or_, select, update
|
||||||
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
|
from app.models.enums import ParentChildQualifier, RelationshipType
|
||||||
|
from app.models.event import Event
|
||||||
|
from app.models.person import Name, Person
|
||||||
|
from app.models.place import Place
|
||||||
|
from app.models.relationship import Relationship
|
||||||
|
from app.models.source import Citation, Source
|
||||||
|
from app.models.tree import Tree
|
||||||
|
from app.models.user import User
|
||||||
|
from app.services import privacy
|
||||||
|
from app.services.audit import record_audit
|
||||||
|
from app.services.exceptions import Forbidden
|
||||||
|
|
||||||
|
# GEDCOM event tag -> our event_type (INDI-level).
|
||||||
|
INDI_EVENTS = {
|
||||||
|
"BIRT": "birth", "DEAT": "death", "BAPM": "baptism", "CHR": "christening",
|
||||||
|
"BURI": "burial", "CREM": "cremation", "RESI": "residence", "CENS": "census",
|
||||||
|
"IMMI": "immigration", "EMIG": "emigration", "OCCU": "occupation",
|
||||||
|
"EDUC": "education", "GRAD": "graduation", "RETI": "retirement",
|
||||||
|
"NATU": "naturalization", "BAPL": "baptism", "RELI": "religion",
|
||||||
|
}
|
||||||
|
# INDI attribute tags whose line VALUE is the fact (no date), stored in detail.
|
||||||
|
VALUE_EVENTS = {"RELI", "OCCU", "EDUC"}
|
||||||
|
# INDI sub-tags consumed elsewhere or intentionally ignored (not "unmapped").
|
||||||
|
INDI_SKIP_TAGS = {
|
||||||
|
"NAME", "SEX", "SOUR", "FAMC", "FAMS", "CHAN", "OBJE", "_UID", "_MARNM", "NOTE",
|
||||||
|
}
|
||||||
|
# FAM-level events.
|
||||||
|
FAM_EVENTS = {"MARR": "marriage", "DIV": "divorce", "ENGA": "engagement"}
|
||||||
|
EVENT_TO_GED = {v: k for k, v in {**INDI_EVENTS, **FAM_EVENTS}.items()}
|
||||||
|
|
||||||
|
# GEDCOM NAME TYPE (or _MARNM-derived) -> our Name.name_type vocabulary.
|
||||||
|
NAME_TYPE_MAP = {
|
||||||
|
"birth": "birth", "maiden": "birth", "married": "married",
|
||||||
|
"aka": "alias", "also known as": "alias", "nickname": "nickname",
|
||||||
|
"religious": "religious", "immigrant": "immigration",
|
||||||
|
"immigration": "immigration", "professional": "alias", "other": "alias",
|
||||||
|
}
|
||||||
|
# Our type -> GEDCOM TYPE on export (birth is the default; emit nothing).
|
||||||
|
EXPORT_TYPE_MAP = {
|
||||||
|
"married": "married", "alias": "aka", "nickname": "nickname",
|
||||||
|
"religious": "religious", "immigration": "immigrant",
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
class GedcomNode:
|
||||||
|
__slots__ = ("level", "tag", "value", "xref", "children")
|
||||||
|
|
||||||
|
def __init__(self, level: int, tag: str, value: str = "", xref: str | None = None):
|
||||||
|
self.level = level
|
||||||
|
self.tag = tag
|
||||||
|
self.value = value
|
||||||
|
self.xref = xref
|
||||||
|
self.children: list[GedcomNode] = []
|
||||||
|
|
||||||
|
def first(self, tag: str) -> "GedcomNode | None":
|
||||||
|
return next((c for c in self.children if c.tag == tag), None)
|
||||||
|
|
||||||
|
def all(self, tag: str) -> list["GedcomNode"]:
|
||||||
|
return [c for c in self.children if c.tag == tag]
|
||||||
|
|
||||||
|
def text(self, tag: str, default: str | None = None) -> str | None:
|
||||||
|
n = self.first(tag)
|
||||||
|
return n.value if n is not None else default
|
||||||
|
|
||||||
|
|
||||||
|
def parse_records(text: str) -> list[GedcomNode]:
|
||||||
|
roots: list[GedcomNode] = []
|
||||||
|
stack: list[GedcomNode] = []
|
||||||
|
for raw in text.replace("\r\n", "\n").replace("\r", "\n").split("\n"):
|
||||||
|
line = raw.lstrip("").rstrip()
|
||||||
|
if not line.strip():
|
||||||
|
continue
|
||||||
|
parts = line.split(" ", 1)
|
||||||
|
try:
|
||||||
|
level = int(parts[0])
|
||||||
|
except ValueError:
|
||||||
|
continue
|
||||||
|
rest = parts[1] if len(parts) > 1 else ""
|
||||||
|
xref: str | None = None
|
||||||
|
if rest.startswith("@"):
|
||||||
|
end = rest.find("@", 1)
|
||||||
|
if end != -1:
|
||||||
|
xref = rest[: end + 1]
|
||||||
|
rest = rest[end + 1:].strip()
|
||||||
|
tparts = rest.split(" ", 1)
|
||||||
|
tag = tparts[0]
|
||||||
|
value = tparts[1] if len(tparts) > 1 else ""
|
||||||
|
|
||||||
|
while stack and stack[-1].level >= level:
|
||||||
|
stack.pop()
|
||||||
|
parent = stack[-1] if stack else None
|
||||||
|
|
||||||
|
if tag in ("CONC", "CONT") and parent is not None:
|
||||||
|
parent.value += ("" if tag == "CONC" else "\n") + value
|
||||||
|
continue
|
||||||
|
|
||||||
|
node = GedcomNode(level, tag, value, xref)
|
||||||
|
if parent is None:
|
||||||
|
roots.append(node)
|
||||||
|
else:
|
||||||
|
parent.children.append(node)
|
||||||
|
stack.append(node)
|
||||||
|
return roots
|
||||||
|
|
||||||
|
|
||||||
|
def _parse_name(value: str) -> tuple[str | None, str | None]:
|
||||||
|
if "/" in value:
|
||||||
|
given, _, rest = value.partition("/")
|
||||||
|
surname = rest.split("/", 1)[0]
|
||||||
|
return given.strip() or None, surname.strip() or None
|
||||||
|
return value.strip() or None, None
|
||||||
|
|
||||||
|
|
||||||
|
def _parse_marnm(value: str, base_given: str | None) -> tuple[str | None, str | None]:
|
||||||
|
"""A _MARNM value is sometimes a full name ("Jane /Smith/") and sometimes
|
||||||
|
just the married surname ("Smith"). Keep the given name from the base name
|
||||||
|
in the latter case."""
|
||||||
|
v = (value or "").strip()
|
||||||
|
if "/" in v:
|
||||||
|
g, s = _parse_name(v)
|
||||||
|
return (g or base_given), s
|
||||||
|
return base_given, (v or None)
|
||||||
|
|
||||||
|
|
||||||
|
def _extract_names(rec: GedcomNode) -> list[dict]:
|
||||||
|
"""All names for an INDI, typed. Multiple NAME records (each with an optional
|
||||||
|
TYPE) plus any _MARNM (married name) subtags become separate Name rows. The
|
||||||
|
first birth/maiden name is primary."""
|
||||||
|
out: list[dict] = []
|
||||||
|
for nm in rec.all("NAME"):
|
||||||
|
g, s = _parse_name(nm.value)
|
||||||
|
t = (nm.text("TYPE") or "").strip().lower()
|
||||||
|
ntype = NAME_TYPE_MAP.get(t, t or "birth")
|
||||||
|
out.append({"type": ntype, "given": g, "surname": s, "display": nm.value or None,
|
||||||
|
"nickname": nm.text("NICK")})
|
||||||
|
for mar in nm.all("_MARNM"):
|
||||||
|
mg, ms = _parse_marnm(mar.value, g)
|
||||||
|
out.append({"type": "married", "given": mg, "surname": ms,
|
||||||
|
"display": mar.value or None, "nickname": None})
|
||||||
|
for mar in rec.all("_MARNM"):
|
||||||
|
base_g = out[0]["given"] if out else None
|
||||||
|
mg, ms = _parse_marnm(mar.value, base_g)
|
||||||
|
out.append({"type": "married", "given": mg, "surname": ms,
|
||||||
|
"display": mar.value or None, "nickname": None})
|
||||||
|
if not out:
|
||||||
|
return out
|
||||||
|
primary_idx = next((i for i, n in enumerate(out) if n["type"] == "birth"), 0)
|
||||||
|
for i, n in enumerate(out):
|
||||||
|
n["is_primary"] = i == primary_idx
|
||||||
|
n["sort"] = i
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
def _norm(given: str | None, surname: str | None) -> str:
|
||||||
|
return re.sub(r"\s+", " ", f"{given or ''} {surname or ''}".strip().lower())
|
||||||
|
|
||||||
|
|
||||||
|
def _year(date_value: str | None) -> str | None:
|
||||||
|
if not date_value:
|
||||||
|
return None
|
||||||
|
m = re.search(r"\b(\d{3,4})\b", date_value)
|
||||||
|
return m.group(1) if m else None
|
||||||
|
|
||||||
|
|
||||||
|
def _date_start(date_value: str | None) -> date | None:
|
||||||
|
y = _year(date_value)
|
||||||
|
if not y:
|
||||||
|
return None
|
||||||
|
try:
|
||||||
|
return date(int(y), 1, 1)
|
||||||
|
except ValueError:
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
def _sex(value: str | None) -> str | None:
|
||||||
|
if not value:
|
||||||
|
return None
|
||||||
|
v = value.strip().upper()
|
||||||
|
return {"M": "male", "F": "female"}.get(v, value.strip().lower() or None)
|
||||||
|
|
||||||
|
|
||||||
|
def _notes_text(rec: GedcomNode) -> str | None:
|
||||||
|
"""Join an INDI's NOTE lines (which pack confidence / findagrave / fs_pid /
|
||||||
|
free text) into the person's notes field."""
|
||||||
|
vals = [n.value.strip() for n in rec.all("NOTE") if n.value and n.value.strip()]
|
||||||
|
return "\n".join(vals) or None
|
||||||
|
|
||||||
|
|
||||||
|
def _person_summary(rec: GedcomNode) -> dict:
|
||||||
|
"""Display name + birth year for an incoming INDI, for duplicate matching."""
|
||||||
|
names = _extract_names(rec)
|
||||||
|
primary = next((n for n in names if n.get("is_primary")), names[0] if names else None)
|
||||||
|
g = primary["given"] if primary else None
|
||||||
|
s = primary["surname"] if primary else None
|
||||||
|
disp = " ".join(x for x in (g, s) if x)
|
||||||
|
if not disp and primary:
|
||||||
|
disp = primary.get("display") or ""
|
||||||
|
birth = rec.first("BIRT")
|
||||||
|
year = _year(birth.text("DATE")) if birth else None
|
||||||
|
return {"names": names, "norm": _norm(g, s), "name": disp or "(no name)", "year": year}
|
||||||
|
|
||||||
|
|
||||||
|
async def _build_existing_index(session: AsyncSession, tree: Tree) -> list[dict]:
|
||||||
|
"""Existing (non-deleted) people with a display name + birth year, for
|
||||||
|
matching incoming records against."""
|
||||||
|
persons = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(Person.tree_id == tree.id, Person.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
names = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Name).where(Name.tree_id == tree.id, Name.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
name_by_person: dict[uuid.UUID, Name] = {}
|
||||||
|
for n in sorted(names, key=lambda n: (not n.is_primary, n.sort_order)):
|
||||||
|
name_by_person.setdefault(n.person_id, n)
|
||||||
|
births = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Event).where(
|
||||||
|
Event.tree_id == tree.id,
|
||||||
|
Event.deleted_at.is_(None),
|
||||||
|
Event.event_type == "birth",
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
year_by_person: dict[uuid.UUID, str] = {}
|
||||||
|
for e in births:
|
||||||
|
if e.person_id and e.person_id not in year_by_person:
|
||||||
|
y = str(e.date_start.year) if e.date_start else _year(e.date_value)
|
||||||
|
if y:
|
||||||
|
year_by_person[e.person_id] = y
|
||||||
|
|
||||||
|
index: list[dict] = []
|
||||||
|
for p in persons:
|
||||||
|
nm = name_by_person.get(p.id)
|
||||||
|
g = nm.given if nm else None
|
||||||
|
s = nm.surname if nm else None
|
||||||
|
disp = " ".join(x for x in (g, s) if x) or (nm.display_name if nm else None)
|
||||||
|
index.append({
|
||||||
|
"id": p.id,
|
||||||
|
"norm": _norm(g, s),
|
||||||
|
"name": disp or "(no name)",
|
||||||
|
"year": year_by_person.get(p.id),
|
||||||
|
})
|
||||||
|
return index
|
||||||
|
|
||||||
|
|
||||||
|
def _best_match(norm: str, year: str | None, index: list[dict]) -> tuple[dict | None, str | None]:
|
||||||
|
"""Closest existing person by name similarity, rejecting clear birth-year
|
||||||
|
conflicts. Returns (entry, "high"|"medium") or (None, None)."""
|
||||||
|
if not norm:
|
||||||
|
return None, None
|
||||||
|
best: dict | None = None
|
||||||
|
best_r = 0.0
|
||||||
|
for e in index:
|
||||||
|
if not e["norm"]:
|
||||||
|
continue
|
||||||
|
r = SequenceMatcher(None, norm, e["norm"]).ratio()
|
||||||
|
if r < 0.88:
|
||||||
|
continue
|
||||||
|
if year and e["year"] and abs(int(year) - int(e["year"])) > 1:
|
||||||
|
continue # same-ish name but different birth year — not a duplicate
|
||||||
|
if r > best_r:
|
||||||
|
best_r = r
|
||||||
|
best = e
|
||||||
|
if best is None:
|
||||||
|
return None, None
|
||||||
|
year_match = bool(year and best["year"] and abs(int(year) - int(best["year"])) <= 1)
|
||||||
|
both_unknown = not year and not best["year"]
|
||||||
|
score = "high" if best_r >= 0.93 and (year_match or both_unknown) else "medium"
|
||||||
|
return best, score
|
||||||
|
|
||||||
|
|
||||||
|
def _relkey(rtype: RelationshipType, a: uuid.UUID, b: uuid.UUID) -> tuple:
|
||||||
|
if rtype == RelationshipType.parent_child:
|
||||||
|
return ("pc", str(a), str(b))
|
||||||
|
return (rtype.value, *sorted([str(a), str(b)]))
|
||||||
|
|
||||||
|
|
||||||
|
def _count_incoming(roots: list[GedcomNode]) -> tuple[dict, list[str]]:
|
||||||
|
counts: dict[str, int] = defaultdict(int)
|
||||||
|
unmapped: set[str] = set()
|
||||||
|
for rec in roots:
|
||||||
|
if rec.tag == "INDI" and rec.xref:
|
||||||
|
counts["persons"] += 1
|
||||||
|
counts["names"] += len(_extract_names(rec))
|
||||||
|
for child in rec.children:
|
||||||
|
if child.tag in INDI_EVENTS:
|
||||||
|
counts["events"] += 1
|
||||||
|
elif child.tag not in INDI_SKIP_TAGS:
|
||||||
|
unmapped.add(child.tag)
|
||||||
|
elif rec.tag == "FAM":
|
||||||
|
counts["families"] += 1
|
||||||
|
for child in rec.children:
|
||||||
|
if child.tag in FAM_EVENTS:
|
||||||
|
counts["events"] += 1
|
||||||
|
elif rec.tag == "SOUR" and rec.xref:
|
||||||
|
counts["sources"] += 1
|
||||||
|
return dict(counts), sorted(unmapped)
|
||||||
|
|
||||||
|
|
||||||
|
async def preview_gedcom(session: AsyncSession, *, actor: User, tree: Tree, text: str) -> dict:
|
||||||
|
"""Dry run: what would import, and which incoming people look like existing
|
||||||
|
ones. No writes."""
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
roots = parse_records(text)
|
||||||
|
counts, unmapped = _count_incoming(roots)
|
||||||
|
index = await _build_existing_index(session, tree)
|
||||||
|
|
||||||
|
duplicates: list[dict] = []
|
||||||
|
for rec in roots:
|
||||||
|
if rec.tag != "INDI" or not rec.xref:
|
||||||
|
continue
|
||||||
|
summ = _person_summary(rec)
|
||||||
|
entry, score = _best_match(summ["norm"], summ["year"], index)
|
||||||
|
if entry is None:
|
||||||
|
continue
|
||||||
|
duplicates.append({
|
||||||
|
"xref": rec.xref,
|
||||||
|
"incoming_name": summ["name"],
|
||||||
|
"incoming_birth_year": summ["year"],
|
||||||
|
"existing_person_id": entry["id"],
|
||||||
|
"existing_name": entry["name"],
|
||||||
|
"existing_birth_year": entry["year"],
|
||||||
|
"score": score,
|
||||||
|
})
|
||||||
|
return {"counts": counts, "potential_duplicates": duplicates, "unmapped_tags": unmapped}
|
||||||
|
|
||||||
|
|
||||||
|
async def import_gedcom(
|
||||||
|
session: AsyncSession,
|
||||||
|
*,
|
||||||
|
actor: User,
|
||||||
|
tree: Tree,
|
||||||
|
text: str,
|
||||||
|
default_action: str = "new",
|
||||||
|
resolutions: dict | None = None,
|
||||||
|
) -> dict:
|
||||||
|
"""Import records. ``default_action`` (new|skip|merge|overwrite) applies to
|
||||||
|
incoming people that match an existing one; ``resolutions`` overrides it per
|
||||||
|
GEDCOM xref ({xref: {action, target_id}}). 'skip' links families to the
|
||||||
|
existing person but copies nothing; 'merge' also copies the incoming names
|
||||||
|
(as alternates), events and citations onto them; 'overwrite' deletes the
|
||||||
|
existing person and imports the incoming one fresh."""
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
|
||||||
|
resolutions = resolutions or {}
|
||||||
|
roots = parse_records(text)
|
||||||
|
counts: dict[str, int] = defaultdict(int)
|
||||||
|
unmapped: set[str] = set()
|
||||||
|
place_cache: dict[str, uuid.UUID] = {}
|
||||||
|
source_map: dict[str, uuid.UUID] = {}
|
||||||
|
person_map: dict[str, uuid.UUID] = {}
|
||||||
|
now = datetime.now(UTC)
|
||||||
|
|
||||||
|
index = await _build_existing_index(session, tree)
|
||||||
|
|
||||||
|
# Pre-load existing relationship keys so a merge doesn't create dup edges.
|
||||||
|
existing_rels = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Relationship).where(
|
||||||
|
Relationship.tree_id == tree.id, Relationship.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
rel_keys = {_relkey(r.type, r.person_from_id, r.person_to_id) for r in existing_rels}
|
||||||
|
|
||||||
|
def add_relationship(
|
||||||
|
rtype: RelationshipType, a: uuid.UUID, b: uuid.UUID, **kw
|
||||||
|
) -> Relationship | None:
|
||||||
|
key = _relkey(rtype, a, b)
|
||||||
|
if key in rel_keys:
|
||||||
|
return None
|
||||||
|
rel = Relationship(tree_id=tree.id, type=rtype, person_from_id=a, person_to_id=b, **kw)
|
||||||
|
session.add(rel)
|
||||||
|
rel_keys.add(key)
|
||||||
|
counts["relationships"] += 1
|
||||||
|
return rel
|
||||||
|
|
||||||
|
async def place_id(name: str | None) -> uuid.UUID | None:
|
||||||
|
if not name:
|
||||||
|
return None
|
||||||
|
if name in place_cache:
|
||||||
|
return place_cache[name]
|
||||||
|
p = Place(tree_id=tree.id, name=name)
|
||||||
|
session.add(p)
|
||||||
|
await session.flush()
|
||||||
|
place_cache[name] = p.id
|
||||||
|
counts["places"] += 1
|
||||||
|
return p.id
|
||||||
|
|
||||||
|
# Sources first (so citations can reference them).
|
||||||
|
for rec in roots:
|
||||||
|
if rec.tag == "SOUR" and rec.xref:
|
||||||
|
src = Source(
|
||||||
|
tree_id=tree.id,
|
||||||
|
title=rec.text("TITL") or rec.text("ABBR") or "Untitled source",
|
||||||
|
author=rec.text("AUTH"),
|
||||||
|
publication_info=rec.text("PUBL"),
|
||||||
|
citation_text=rec.text("TEXT"),
|
||||||
|
)
|
||||||
|
session.add(src)
|
||||||
|
await session.flush()
|
||||||
|
source_map[rec.xref] = src.id
|
||||||
|
counts["sources"] += 1
|
||||||
|
|
||||||
|
async def add_citations(holder: GedcomNode, **target) -> None:
|
||||||
|
for s in holder.all("SOUR"):
|
||||||
|
sid = source_map.get(s.value.strip())
|
||||||
|
if sid is None:
|
||||||
|
continue
|
||||||
|
session.add(Citation(tree_id=tree.id, source_id=sid, page=s.text("PAGE"), **target))
|
||||||
|
counts["citations"] += 1
|
||||||
|
|
||||||
|
def add_names(person_id: uuid.UUID, names: list[dict], *, set_primary: bool) -> None:
|
||||||
|
for nd in names:
|
||||||
|
session.add(
|
||||||
|
Name(
|
||||||
|
tree_id=tree.id,
|
||||||
|
person_id=person_id,
|
||||||
|
name_type=nd["type"],
|
||||||
|
given=nd["given"],
|
||||||
|
surname=nd["surname"],
|
||||||
|
nickname=nd.get("nickname"),
|
||||||
|
display_name=nd.get("display"),
|
||||||
|
is_primary=set_primary and nd.get("is_primary", False),
|
||||||
|
sort_order=nd.get("sort", 0),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
counts["names"] += 1
|
||||||
|
|
||||||
|
async def add_events(rec: GedcomNode, person_id: uuid.UUID) -> None:
|
||||||
|
for child in rec.children:
|
||||||
|
if child.tag in INDI_EVENTS:
|
||||||
|
dv = child.text("DATE")
|
||||||
|
# Attribute-style facts (RELI, OCCU, EDUC) carry their value on
|
||||||
|
# the line itself; store it in detail.
|
||||||
|
detail = child.value.strip() if child.tag in VALUE_EVENTS else None
|
||||||
|
ev = Event(
|
||||||
|
tree_id=tree.id,
|
||||||
|
person_id=person_id,
|
||||||
|
event_type=INDI_EVENTS[child.tag],
|
||||||
|
date_value=dv,
|
||||||
|
date_start=_date_start(dv),
|
||||||
|
place_id=await place_id(child.text("PLAC")),
|
||||||
|
detail=detail or None,
|
||||||
|
notes=child.text("NOTE"),
|
||||||
|
)
|
||||||
|
session.add(ev)
|
||||||
|
await session.flush()
|
||||||
|
counts["events"] += 1
|
||||||
|
await add_citations(child, event_id=ev.id)
|
||||||
|
elif child.tag in INDI_SKIP_TAGS:
|
||||||
|
continue
|
||||||
|
else:
|
||||||
|
unmapped.add(child.tag)
|
||||||
|
|
||||||
|
async def soft_delete_existing(person_id: uuid.UUID) -> None:
|
||||||
|
p = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(Person.id == person_id, Person.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if p is None:
|
||||||
|
return
|
||||||
|
p.deleted_at = now
|
||||||
|
rels = (
|
||||||
|
await session.execute(
|
||||||
|
select(Relationship).where(
|
||||||
|
Relationship.tree_id == tree.id,
|
||||||
|
Relationship.deleted_at.is_(None),
|
||||||
|
or_(
|
||||||
|
Relationship.person_from_id == person_id,
|
||||||
|
Relationship.person_to_id == person_id,
|
||||||
|
),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
for r in rels:
|
||||||
|
r.deleted_at = now
|
||||||
|
await session.execute(
|
||||||
|
update(User).where(User.self_person_id == person_id).values(self_person_id=None)
|
||||||
|
)
|
||||||
|
|
||||||
|
# Precompute the best match per incoming xref (for default-policy resolution).
|
||||||
|
matches: dict[str, dict] = {}
|
||||||
|
for rec in roots:
|
||||||
|
if rec.tag == "INDI" and rec.xref:
|
||||||
|
summ = _person_summary(rec)
|
||||||
|
entry, _score = _best_match(summ["norm"], summ["year"], index)
|
||||||
|
if entry is not None:
|
||||||
|
matches[rec.xref] = entry
|
||||||
|
|
||||||
|
def resolve(xref: str) -> tuple[str, uuid.UUID | None]:
|
||||||
|
ov = resolutions.get(xref)
|
||||||
|
if ov:
|
||||||
|
action = ov.get("action", "new")
|
||||||
|
tid = ov.get("target_id")
|
||||||
|
target = uuid.UUID(tid) if tid else (matches[xref]["id"] if xref in matches else None)
|
||||||
|
if action in ("skip", "merge", "overwrite") and target is None:
|
||||||
|
return "new", None
|
||||||
|
return action, target
|
||||||
|
if default_action != "new" and xref in matches:
|
||||||
|
return default_action, matches[xref]["id"]
|
||||||
|
return "new", None
|
||||||
|
|
||||||
|
# Individuals.
|
||||||
|
for rec in roots:
|
||||||
|
if rec.tag != "INDI" or not rec.xref:
|
||||||
|
continue
|
||||||
|
names = _extract_names(rec)
|
||||||
|
action, target = resolve(rec.xref)
|
||||||
|
|
||||||
|
if action == "skip" and target is not None:
|
||||||
|
person_map[rec.xref] = target
|
||||||
|
counts["skipped"] += 1
|
||||||
|
continue
|
||||||
|
if action == "merge" and target is not None:
|
||||||
|
person_map[rec.xref] = target
|
||||||
|
add_names(target, names, set_primary=False)
|
||||||
|
await add_events(rec, target)
|
||||||
|
await add_citations(rec, person_id=target)
|
||||||
|
note = _notes_text(rec)
|
||||||
|
if note:
|
||||||
|
existing = (
|
||||||
|
await session.execute(select(Person).where(Person.id == target))
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if existing is not None:
|
||||||
|
existing.notes = "\n".join(filter(None, [existing.notes, note]))
|
||||||
|
counts["merged"] += 1
|
||||||
|
continue
|
||||||
|
if action == "overwrite" and target is not None:
|
||||||
|
await soft_delete_existing(target)
|
||||||
|
counts["overwritten"] += 1
|
||||||
|
|
||||||
|
person = Person(tree_id=tree.id, gender=_sex(rec.text("SEX")), notes=_notes_text(rec))
|
||||||
|
session.add(person)
|
||||||
|
await session.flush()
|
||||||
|
person_map[rec.xref] = person.id
|
||||||
|
counts["persons"] += 1
|
||||||
|
add_names(person.id, names, set_primary=True)
|
||||||
|
await add_citations(rec, person_id=person.id)
|
||||||
|
await add_events(rec, person.id)
|
||||||
|
|
||||||
|
# Families -> partnerships, parent-child edges, marriage events.
|
||||||
|
for rec in roots:
|
||||||
|
if rec.tag != "FAM":
|
||||||
|
continue
|
||||||
|
counts["families"] += 1
|
||||||
|
husb = person_map.get((rec.text("HUSB") or "").strip())
|
||||||
|
wife = person_map.get((rec.text("WIFE") or "").strip())
|
||||||
|
partnership_id: uuid.UUID | None = None
|
||||||
|
if husb and wife and husb != wife:
|
||||||
|
rel = add_relationship(RelationshipType.partnership, husb, wife)
|
||||||
|
if rel is not None:
|
||||||
|
await session.flush()
|
||||||
|
partnership_id = rel.id
|
||||||
|
if partnership_id is None and husb and wife:
|
||||||
|
# Edge already existed — find it so marriage events can attach.
|
||||||
|
existing = next(
|
||||||
|
(
|
||||||
|
r for r in existing_rels
|
||||||
|
if r.type == RelationshipType.partnership
|
||||||
|
and {r.person_from_id, r.person_to_id} == {husb, wife}
|
||||||
|
),
|
||||||
|
None,
|
||||||
|
)
|
||||||
|
partnership_id = existing.id if existing else None
|
||||||
|
|
||||||
|
for fe in rec.children:
|
||||||
|
if fe.tag in FAM_EVENTS and partnership_id is not None:
|
||||||
|
dv = fe.text("DATE")
|
||||||
|
ev = Event(
|
||||||
|
tree_id=tree.id,
|
||||||
|
relationship_id=partnership_id,
|
||||||
|
event_type=FAM_EVENTS[fe.tag],
|
||||||
|
date_value=dv,
|
||||||
|
date_start=_date_start(dv),
|
||||||
|
place_id=await place_id(fe.text("PLAC")),
|
||||||
|
)
|
||||||
|
session.add(ev)
|
||||||
|
await session.flush()
|
||||||
|
counts["events"] += 1
|
||||||
|
|
||||||
|
for chil in rec.all("CHIL"):
|
||||||
|
cp = person_map.get(chil.value.strip())
|
||||||
|
if cp is None:
|
||||||
|
continue
|
||||||
|
for parent in (husb, wife):
|
||||||
|
if parent and parent != cp:
|
||||||
|
add_relationship(
|
||||||
|
RelationshipType.parent_child,
|
||||||
|
parent,
|
||||||
|
cp,
|
||||||
|
qualifier=ParentChildQualifier.biological,
|
||||||
|
)
|
||||||
|
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="import",
|
||||||
|
entity_type="Gedcom",
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after=dict(counts),
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
return {"counts": dict(counts), "unmapped_tags": sorted(unmapped)}
|
||||||
|
|
||||||
|
|
||||||
|
def _ged_date(value: str | None) -> str | None:
|
||||||
|
return value.strip() if value else None
|
||||||
|
|
||||||
|
|
||||||
|
async def export_gedcom(session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree) -> str:
|
||||||
|
if not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
||||||
|
raise Forbidden("not permitted to view this tree")
|
||||||
|
|
||||||
|
persons = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(Person.tree_id == tree.id, Person.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
names = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Name).where(Name.tree_id == tree.id, Name.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
events = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Event).where(Event.tree_id == tree.id, Event.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
rels = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Relationship).where(
|
||||||
|
Relationship.tree_id == tree.id, Relationship.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
sources = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Source).where(Source.tree_id == tree.id, Source.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
)
|
||||||
|
places = {
|
||||||
|
p.id: p
|
||||||
|
for p in (
|
||||||
|
await session.execute(select(Place).where(Place.tree_id == tree.id))
|
||||||
|
).scalars().all()
|
||||||
|
}
|
||||||
|
|
||||||
|
pxref = {p.id: f"@I{i + 1}@" for i, p in enumerate(persons)}
|
||||||
|
gender_by_id = {p.id: p.gender for p in persons}
|
||||||
|
sxref = {s.id: f"@S{i + 1}@" for i, s in enumerate(sources)}
|
||||||
|
names_by_person: dict[uuid.UUID, list[Name]] = defaultdict(list)
|
||||||
|
for n in sorted(names, key=lambda n: (n.sort_order, not n.is_primary)):
|
||||||
|
names_by_person[n.person_id].append(n)
|
||||||
|
events_by_person: dict[uuid.UUID, list[Event]] = defaultdict(list)
|
||||||
|
events_by_rel: dict[uuid.UUID, list[Event]] = defaultdict(list)
|
||||||
|
for e in events:
|
||||||
|
if e.person_id:
|
||||||
|
events_by_person[e.person_id].append(e)
|
||||||
|
elif e.relationship_id:
|
||||||
|
events_by_rel[e.relationship_id].append(e)
|
||||||
|
|
||||||
|
# Build families from parent-child + partnership edges (group by parent set).
|
||||||
|
parents_of: dict[uuid.UUID, set[uuid.UUID]] = defaultdict(set)
|
||||||
|
for r in rels:
|
||||||
|
if r.type == RelationshipType.parent_child:
|
||||||
|
parents_of[r.person_to_id].add(r.person_from_id)
|
||||||
|
fams: dict[frozenset, dict] = {}
|
||||||
|
for child, ps in parents_of.items():
|
||||||
|
key = frozenset(ps)
|
||||||
|
fams.setdefault(key, {"parents": set(ps), "children": [], "rel_id": None})
|
||||||
|
fams[key]["children"].append(child)
|
||||||
|
for r in rels:
|
||||||
|
if r.type == RelationshipType.partnership:
|
||||||
|
key = frozenset({r.person_from_id, r.person_to_id})
|
||||||
|
fam = fams.setdefault(
|
||||||
|
key,
|
||||||
|
{"parents": {r.person_from_id, r.person_to_id}, "children": [], "rel_id": None},
|
||||||
|
)
|
||||||
|
fam["rel_id"] = r.id
|
||||||
|
fam_list = list(fams.values())
|
||||||
|
fxref = {id(f): f"@F{i + 1}@" for i, f in enumerate(fam_list)}
|
||||||
|
# person -> the families they are a spouse in / a child in
|
||||||
|
spouse_fams: dict[uuid.UUID, list[str]] = defaultdict(list)
|
||||||
|
child_fams: dict[uuid.UUID, str] = {}
|
||||||
|
for f in fam_list:
|
||||||
|
x = fxref[id(f)]
|
||||||
|
for pid in f["parents"]:
|
||||||
|
spouse_fams[pid].append(x)
|
||||||
|
for cid in f["children"]:
|
||||||
|
child_fams[cid] = x
|
||||||
|
|
||||||
|
out: list[str] = ["0 HEAD", "1 SOUR Provenance", "1 GEDC", "2 VERS 5.5.1", "1 CHAR UTF-8"]
|
||||||
|
|
||||||
|
for p in persons:
|
||||||
|
out.append(f"0 {pxref[p.id]} INDI")
|
||||||
|
for n in names_by_person.get(p.id, []):
|
||||||
|
display = n.display_name or f"{n.given or ''} /{n.surname or ''}/".strip()
|
||||||
|
out.append(f"1 NAME {display}")
|
||||||
|
ged_type = EXPORT_TYPE_MAP.get(n.name_type)
|
||||||
|
if ged_type:
|
||||||
|
out.append(f"2 TYPE {ged_type}")
|
||||||
|
sex = {"male": "M", "female": "F"}.get(p.gender or "")
|
||||||
|
if sex:
|
||||||
|
out.append(f"1 SEX {sex}")
|
||||||
|
for e in events_by_person.get(p.id, []):
|
||||||
|
tag = EVENT_TO_GED.get(e.event_type)
|
||||||
|
if not tag:
|
||||||
|
continue
|
||||||
|
out.append(f"1 {tag}")
|
||||||
|
if _ged_date(e.date_value):
|
||||||
|
out.append(f"2 DATE {e.date_value}")
|
||||||
|
if e.place_id and e.place_id in places:
|
||||||
|
out.append(f"2 PLAC {places[e.place_id].name}")
|
||||||
|
if p.id in child_fams:
|
||||||
|
out.append(f"1 FAMC {child_fams[p.id]}")
|
||||||
|
for x in spouse_fams.get(p.id, []):
|
||||||
|
out.append(f"1 FAMS {x}")
|
||||||
|
|
||||||
|
for f in fam_list:
|
||||||
|
x = fxref[id(f)]
|
||||||
|
out.append(f"0 {x} FAM")
|
||||||
|
ps = list(f["parents"])
|
||||||
|
# HUSB/WIFE by recorded gender where possible.
|
||||||
|
males = [pid for pid in ps if gender_by_id.get(pid) == "male"]
|
||||||
|
females = [pid for pid in ps if gender_by_id.get(pid) == "female"]
|
||||||
|
husb = males[0] if males else (ps[0] if ps else None)
|
||||||
|
wife = females[0] if females else next((pid for pid in ps if pid != husb), None)
|
||||||
|
if husb:
|
||||||
|
out.append(f"1 HUSB {pxref[husb]}")
|
||||||
|
if wife:
|
||||||
|
out.append(f"1 WIFE {pxref[wife]}")
|
||||||
|
for cid in f["children"]:
|
||||||
|
out.append(f"1 CHIL {pxref[cid]}")
|
||||||
|
if f["rel_id"]:
|
||||||
|
for e in events_by_rel.get(f["rel_id"], []):
|
||||||
|
tag = EVENT_TO_GED.get(e.event_type)
|
||||||
|
if not tag:
|
||||||
|
continue
|
||||||
|
out.append(f"1 {tag}")
|
||||||
|
if _ged_date(e.date_value):
|
||||||
|
out.append(f"2 DATE {e.date_value}")
|
||||||
|
|
||||||
|
for s in sources:
|
||||||
|
out.append(f"0 {sxref[s.id]} SOUR")
|
||||||
|
if s.title:
|
||||||
|
out.append(f"1 TITL {s.title}")
|
||||||
|
if s.author:
|
||||||
|
out.append(f"1 AUTH {s.author}")
|
||||||
|
if s.publication_info:
|
||||||
|
out.append(f"1 PUBL {s.publication_info}")
|
||||||
|
|
||||||
|
out.append("0 TRLR")
|
||||||
|
return "\n".join(out) + "\n"
|
||||||
@@ -0,0 +1,154 @@
|
|||||||
|
"""Media service. Bytes go to the ObjectStore; a metadata row goes to the DB.
|
||||||
|
Writes require editor rights; reads go through the privacy engine."""
|
||||||
|
|
||||||
|
import hashlib
|
||||||
|
import uuid
|
||||||
|
from datetime import UTC, datetime
|
||||||
|
|
||||||
|
from sqlalchemy import select
|
||||||
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
|
from app.integrations.objectstore.base import ObjectStore
|
||||||
|
from app.models.media import Media
|
||||||
|
from app.models.tree import Tree
|
||||||
|
from app.models.user import User
|
||||||
|
from app.services import privacy
|
||||||
|
from app.services.audit import record_audit
|
||||||
|
from app.services.exceptions import Forbidden, NotFound
|
||||||
|
|
||||||
|
|
||||||
|
async def upload_media(
|
||||||
|
session: AsyncSession,
|
||||||
|
store: ObjectStore,
|
||||||
|
*,
|
||||||
|
actor: User,
|
||||||
|
tree: Tree,
|
||||||
|
data: bytes,
|
||||||
|
filename: str,
|
||||||
|
content_type: str,
|
||||||
|
title: str | None = None,
|
||||||
|
person_id: uuid.UUID | None = None,
|
||||||
|
event_id: uuid.UUID | None = None,
|
||||||
|
source_id: uuid.UUID | None = None,
|
||||||
|
) -> Media:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
|
||||||
|
media_id = uuid.uuid4()
|
||||||
|
key = f"{tree.id}/{media_id}/{filename}"
|
||||||
|
await store.ensure_bucket()
|
||||||
|
await store.put_object(key=key, data=data, content_type=content_type)
|
||||||
|
|
||||||
|
media = Media(
|
||||||
|
id=media_id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
uploader_id=actor.id,
|
||||||
|
storage_key=key,
|
||||||
|
original_filename=filename,
|
||||||
|
content_type=content_type,
|
||||||
|
byte_size=len(data),
|
||||||
|
checksum_sha256=hashlib.sha256(data).hexdigest(),
|
||||||
|
title=title,
|
||||||
|
person_id=person_id,
|
||||||
|
event_id=event_id,
|
||||||
|
source_id=source_id,
|
||||||
|
)
|
||||||
|
session.add(media)
|
||||||
|
await session.flush()
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="create",
|
||||||
|
entity_type="Media",
|
||||||
|
entity_id=media.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after={"filename": filename, "bytes": len(data)},
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(media)
|
||||||
|
return media
|
||||||
|
|
||||||
|
|
||||||
|
async def list_media(session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree) -> list[Media]:
|
||||||
|
if not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
||||||
|
raise Forbidden("not permitted to view this tree")
|
||||||
|
stmt = (
|
||||||
|
select(Media)
|
||||||
|
.where(Media.tree_id == tree.id, Media.deleted_at.is_(None))
|
||||||
|
.order_by(Media.created_at.desc())
|
||||||
|
)
|
||||||
|
return list((await session.execute(stmt)).scalars().all())
|
||||||
|
|
||||||
|
|
||||||
|
async def get_media(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree, media_id: uuid.UUID
|
||||||
|
) -> Media:
|
||||||
|
if not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
||||||
|
raise Forbidden("not permitted to view this tree")
|
||||||
|
media = (
|
||||||
|
await session.execute(
|
||||||
|
select(Media).where(
|
||||||
|
Media.id == media_id, Media.tree_id == tree.id, Media.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if media is None:
|
||||||
|
raise NotFound("media not found")
|
||||||
|
return media
|
||||||
|
|
||||||
|
|
||||||
|
async def update_media(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, media_id: uuid.UUID, changes: dict
|
||||||
|
) -> Media:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
media = (
|
||||||
|
await session.execute(
|
||||||
|
select(Media).where(
|
||||||
|
Media.id == media_id, Media.tree_id == tree.id, Media.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if media is None:
|
||||||
|
raise NotFound("media not found")
|
||||||
|
for key in {"title", "person_id", "event_id", "source_id"} & changes.keys():
|
||||||
|
setattr(media, key, changes[key])
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="update",
|
||||||
|
entity_type="Media",
|
||||||
|
entity_id=media.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after=changes,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(media)
|
||||||
|
return media
|
||||||
|
|
||||||
|
|
||||||
|
async def delete_media(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, media_id: uuid.UUID
|
||||||
|
) -> None:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
media = (
|
||||||
|
await session.execute(
|
||||||
|
select(Media).where(
|
||||||
|
Media.id == media_id, Media.tree_id == tree.id, Media.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if media is None:
|
||||||
|
raise NotFound("media not found")
|
||||||
|
# Soft delete the row; the object is removed by the worker's purge job.
|
||||||
|
media.deleted_at = datetime.now(UTC)
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="delete",
|
||||||
|
entity_type="Media",
|
||||||
|
entity_id=media.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
@@ -0,0 +1,69 @@
|
|||||||
|
"""A curated given-name -> sex lookup for best-guessing a person's sex from
|
||||||
|
their first name. Weighted toward English + German names (this codebase's first
|
||||||
|
real tree is a German-American family). Deterministic and offline — no model
|
||||||
|
needed; the Cleanup tool previews every guess before anything is applied.
|
||||||
|
|
||||||
|
Genuinely ambiguous names (Marion, Frances/Francis, Jordan, Jamie, Robin, Leslie,
|
||||||
|
Dana, …) are intentionally left out of BOTH sets so they aren't guessed — better
|
||||||
|
a human decides those than a coin flip.
|
||||||
|
"""
|
||||||
|
|
||||||
|
MALE_NAMES: set[str] = {
|
||||||
|
# English / common US
|
||||||
|
"james", "john", "robert", "michael", "william", "david", "richard", "joseph",
|
||||||
|
"thomas", "charles", "christopher", "daniel", "matthew", "anthony", "donald",
|
||||||
|
"mark", "paul", "steven", "andrew", "kenneth", "george", "joshua", "kevin",
|
||||||
|
"brian", "edward", "ronald", "timothy", "jason", "jeffrey", "gary", "ryan",
|
||||||
|
"nicholas", "eric", "stephen", "jacob", "larry", "frank", "jonathan", "scott",
|
||||||
|
"raymond", "gregory", "samuel", "benjamin", "patrick", "jack", "dennis", "jerry",
|
||||||
|
"alexander", "tyler", "henry", "douglas", "peter", "adam", "harold", "albert",
|
||||||
|
"arthur", "carl", "ralph", "roy", "eugene", "louis", "philip", "bobby", "walter",
|
||||||
|
"willie", "wayne", "fred", "howard", "ernest", "earl", "clarence", "leon",
|
||||||
|
"leonard", "lewis", "floyd", "leroy", "elmer", "homer", "orrin", "josias",
|
||||||
|
"emerson", "dale", "bernard", "vernon", "virgil", "wilbur", "russell",
|
||||||
|
"harvey", "herbert", "melvin", "lloyd", "marvin", "norman", "stanley",
|
||||||
|
# German
|
||||||
|
"hans", "karl", "wilhelm", "friedrich", "heinrich", "otto", "hermann", "gustav",
|
||||||
|
"ludwig", "ernst", "fritz", "johann", "conrad", "konrad", "reinhold", "rudolf",
|
||||||
|
"rudolph", "gerhard", "helmut", "horst", "klaus", "kurt", "dieter", "günther",
|
||||||
|
"gunther", "manfred", "siegfried", "hilgard", "christian", "august", "wolfgang",
|
||||||
|
"jürgen", "jurgen", "matthias", "lothar", "bruno", "gottlieb", "reinhard",
|
||||||
|
}
|
||||||
|
|
||||||
|
FEMALE_NAMES: set[str] = {
|
||||||
|
# English / common US
|
||||||
|
"mary", "patricia", "jennifer", "linda", "elizabeth", "barbara", "susan",
|
||||||
|
"jessica", "sarah", "karen", "nancy", "lisa", "betty", "margaret", "sandra",
|
||||||
|
"ashley", "kimberly", "emily", "donna", "michelle", "carol", "amanda", "dorothy",
|
||||||
|
"melissa", "deborah", "stephanie", "rebecca", "sharon", "laura", "cynthia",
|
||||||
|
"kathleen", "amy", "angela", "shirley", "anna", "ruth", "brenda", "pamela",
|
||||||
|
"nicole", "katherine", "virginia", "catherine", "helen", "debra", "rachel",
|
||||||
|
"carolyn", "janet", "maria", "heather", "diane", "julie", "joyce", "victoria",
|
||||||
|
"kelly", "christina", "joan", "evelyn", "judith", "megan", "alice", "frances",
|
||||||
|
"marie", "florence", "flora", "zella", "thelma", "ellen", "althea", "della",
|
||||||
|
"beatrice", "pauline", "hedwig", "florentine", "wilhelmina", "augusta", "bertha",
|
||||||
|
"gladys", "mildred", "lucille", "edith", "esther", "irene", "hazel", "doris",
|
||||||
|
"rose", "rita", "norma", "june", "lois", "marjorie",
|
||||||
|
# German
|
||||||
|
"greta", "ilse", "ursula", "gertrud", "gertrude", "frieda", "frida", "else",
|
||||||
|
"hilda", "hilde", "hildegard", "ingrid", "helga", "renate", "monika", "sieglinde",
|
||||||
|
"brigitte", "gisela", "elke", "anneliese", "waltraud", "edeltraud", "johanna",
|
||||||
|
"katharina", "margarethe", "wilhelmine", "emilie", "auguste",
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
def guess_sex(given: str | None) -> str | None:
|
||||||
|
"""Best-guess "male"/"female" from the first token of a given name, or None
|
||||||
|
if unknown/ambiguous."""
|
||||||
|
if not given:
|
||||||
|
return None
|
||||||
|
first = given.strip().split()[0].lower() if given.strip() else ""
|
||||||
|
# Strip trailing punctuation/initials like "wm." -> "wm".
|
||||||
|
first = first.strip(".,'\"")
|
||||||
|
if not first:
|
||||||
|
return None
|
||||||
|
if first in MALE_NAMES:
|
||||||
|
return "male"
|
||||||
|
if first in FEMALE_NAMES:
|
||||||
|
return "female"
|
||||||
|
return None
|
||||||
@@ -0,0 +1,208 @@
|
|||||||
|
"""Name service. A Person carries one or more Name rows — a primary (typically
|
||||||
|
the birth/maiden name) plus typed alternates (married, alias, religious, …).
|
||||||
|
Exactly one name is primary at a time; it drives display everywhere. Writes
|
||||||
|
require editor rights; reads go through the tree's view check.
|
||||||
|
"""
|
||||||
|
|
||||||
|
import uuid
|
||||||
|
from datetime import UTC, datetime
|
||||||
|
|
||||||
|
from sqlalchemy import select, update
|
||||||
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
|
from app.models.person import Name, Person
|
||||||
|
from app.models.tree import Tree
|
||||||
|
from app.models.user import User
|
||||||
|
from app.services import privacy
|
||||||
|
from app.services.audit import record_audit
|
||||||
|
from app.services.exceptions import Forbidden, NotFound
|
||||||
|
|
||||||
|
|
||||||
|
async def _get_person(session: AsyncSession, *, tree: Tree, person_id: uuid.UUID) -> Person:
|
||||||
|
person = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(
|
||||||
|
Person.id == person_id, Person.tree_id == tree.id, Person.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if person is None:
|
||||||
|
raise NotFound("person not found")
|
||||||
|
return person
|
||||||
|
|
||||||
|
|
||||||
|
async def _clear_primary(
|
||||||
|
session: AsyncSession, *, person_id: uuid.UUID, keep: uuid.UUID | None
|
||||||
|
) -> None:
|
||||||
|
"""Demote every other name so exactly one stays primary."""
|
||||||
|
stmt = (
|
||||||
|
update(Name)
|
||||||
|
.where(Name.person_id == person_id, Name.deleted_at.is_(None), Name.is_primary.is_(True))
|
||||||
|
.values(is_primary=False)
|
||||||
|
)
|
||||||
|
if keep is not None:
|
||||||
|
stmt = stmt.where(Name.id != keep)
|
||||||
|
await session.execute(stmt)
|
||||||
|
|
||||||
|
|
||||||
|
async def list_names(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree, person_id: uuid.UUID
|
||||||
|
) -> list[Name]:
|
||||||
|
if not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
||||||
|
raise Forbidden("not permitted to view this tree")
|
||||||
|
await _get_person(session, tree=tree, person_id=person_id)
|
||||||
|
stmt = (
|
||||||
|
select(Name)
|
||||||
|
.where(Name.person_id == person_id, Name.deleted_at.is_(None))
|
||||||
|
.order_by(Name.is_primary.desc(), Name.sort_order, Name.created_at)
|
||||||
|
)
|
||||||
|
return list((await session.execute(stmt)).scalars().all())
|
||||||
|
|
||||||
|
|
||||||
|
async def create_name(
|
||||||
|
session: AsyncSession,
|
||||||
|
*,
|
||||||
|
actor: User,
|
||||||
|
tree: Tree,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
name_type: str = "birth",
|
||||||
|
given: str | None = None,
|
||||||
|
surname: str | None = None,
|
||||||
|
prefix: str | None = None,
|
||||||
|
suffix: str | None = None,
|
||||||
|
nickname: str | None = None,
|
||||||
|
is_primary: bool = False,
|
||||||
|
) -> Name:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
await _get_person(session, tree=tree, person_id=person_id)
|
||||||
|
|
||||||
|
# First name for a person is always primary; otherwise honor the flag.
|
||||||
|
existing = (
|
||||||
|
await session.execute(
|
||||||
|
select(Name.id).where(Name.person_id == person_id, Name.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).first()
|
||||||
|
primary = is_primary or existing is None
|
||||||
|
if primary:
|
||||||
|
await _clear_primary(session, person_id=person_id, keep=None)
|
||||||
|
|
||||||
|
name = Name(
|
||||||
|
tree_id=tree.id,
|
||||||
|
person_id=person_id,
|
||||||
|
name_type=name_type,
|
||||||
|
given=given,
|
||||||
|
surname=surname,
|
||||||
|
prefix=prefix,
|
||||||
|
suffix=suffix,
|
||||||
|
nickname=nickname,
|
||||||
|
is_primary=primary,
|
||||||
|
)
|
||||||
|
session.add(name)
|
||||||
|
await session.flush()
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="create",
|
||||||
|
entity_type="Name",
|
||||||
|
entity_id=name.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after={"name_type": name_type, "given": given, "surname": surname},
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(name)
|
||||||
|
return name
|
||||||
|
|
||||||
|
|
||||||
|
_NAME_FIELDS = {"name_type", "given", "surname", "prefix", "suffix", "nickname"}
|
||||||
|
|
||||||
|
|
||||||
|
async def update_name(
|
||||||
|
session: AsyncSession,
|
||||||
|
*,
|
||||||
|
actor: User,
|
||||||
|
tree: Tree,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
name_id: uuid.UUID,
|
||||||
|
changes: dict,
|
||||||
|
) -> Name:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
name = (
|
||||||
|
await session.execute(
|
||||||
|
select(Name).where(
|
||||||
|
Name.id == name_id,
|
||||||
|
Name.person_id == person_id,
|
||||||
|
Name.tree_id == tree.id,
|
||||||
|
Name.deleted_at.is_(None),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if name is None:
|
||||||
|
raise NotFound("name not found")
|
||||||
|
|
||||||
|
for key in _NAME_FIELDS & changes.keys():
|
||||||
|
setattr(name, key, changes[key])
|
||||||
|
if changes.get("is_primary") is True:
|
||||||
|
await _clear_primary(session, person_id=person_id, keep=name.id)
|
||||||
|
name.is_primary = True
|
||||||
|
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="update",
|
||||||
|
entity_type="Name",
|
||||||
|
entity_id=name.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after=changes,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(name)
|
||||||
|
return name
|
||||||
|
|
||||||
|
|
||||||
|
async def delete_name(
|
||||||
|
session: AsyncSession,
|
||||||
|
*,
|
||||||
|
actor: User,
|
||||||
|
tree: Tree,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
name_id: uuid.UUID,
|
||||||
|
) -> None:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
name = (
|
||||||
|
await session.execute(
|
||||||
|
select(Name).where(
|
||||||
|
Name.id == name_id,
|
||||||
|
Name.person_id == person_id,
|
||||||
|
Name.tree_id == tree.id,
|
||||||
|
Name.deleted_at.is_(None),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if name is None:
|
||||||
|
raise NotFound("name not found")
|
||||||
|
name.deleted_at = datetime.now(UTC)
|
||||||
|
was_primary = name.is_primary
|
||||||
|
name.is_primary = False
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="delete",
|
||||||
|
entity_type="Name",
|
||||||
|
entity_id=name.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
)
|
||||||
|
# Promote another name to primary so the person never loses their display name.
|
||||||
|
if was_primary:
|
||||||
|
nxt = (
|
||||||
|
await session.execute(
|
||||||
|
select(Name)
|
||||||
|
.where(Name.person_id == person_id, Name.deleted_at.is_(None))
|
||||||
|
.order_by(Name.sort_order, Name.created_at)
|
||||||
|
)
|
||||||
|
).scalars().first()
|
||||||
|
if nxt is not None:
|
||||||
|
nxt.is_primary = True
|
||||||
|
await session.commit()
|
||||||
@@ -4,12 +4,14 @@ person through the privacy engine. Each returned Person gets a transient
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
import uuid
|
import uuid
|
||||||
|
from datetime import UTC, datetime
|
||||||
|
|
||||||
from sqlalchemy import select
|
from sqlalchemy import func, or_, select, update
|
||||||
from sqlalchemy.ext.asyncio import AsyncSession
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
from app.models.enums import PersonPrivacy
|
from app.models.enums import PersonPrivacy, RelationshipType
|
||||||
from app.models.person import Name, Person
|
from app.models.person import Name, Person
|
||||||
|
from app.models.relationship import Relationship
|
||||||
from app.models.tree import Tree
|
from app.models.tree import Tree
|
||||||
from app.models.user import User
|
from app.models.user import User
|
||||||
from app.services import privacy
|
from app.services import privacy
|
||||||
@@ -24,6 +26,14 @@ def _format_name(name: Name) -> str | None:
|
|||||||
return joined or name.display_name
|
return joined or name.display_name
|
||||||
|
|
||||||
|
|
||||||
|
def _redact(person: Person) -> None:
|
||||||
|
"""Minimise a possibly-living person for a non-member view (transient only —
|
||||||
|
never committed)."""
|
||||||
|
person.primary_name = "Living person"
|
||||||
|
person.gender = None
|
||||||
|
person.is_living = True
|
||||||
|
|
||||||
|
|
||||||
async def _attach_primary_name(session: AsyncSession, person: Person) -> None:
|
async def _attach_primary_name(session: AsyncSession, person: Person) -> None:
|
||||||
stmt = (
|
stmt = (
|
||||||
select(Name)
|
select(Name)
|
||||||
@@ -86,6 +96,59 @@ async def create_person(
|
|||||||
return person
|
return person
|
||||||
|
|
||||||
|
|
||||||
|
_PERSON_FIELDS = {"gender", "is_living", "privacy", "notes"}
|
||||||
|
|
||||||
|
|
||||||
|
async def update_person(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, person_id: uuid.UUID, changes: dict
|
||||||
|
) -> Person:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
person = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(
|
||||||
|
Person.id == person_id, Person.tree_id == tree.id, Person.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if person is None:
|
||||||
|
raise NotFound("person not found")
|
||||||
|
|
||||||
|
for key in _PERSON_FIELDS & changes.keys():
|
||||||
|
setattr(person, key, changes[key])
|
||||||
|
|
||||||
|
if "given" in changes or "surname" in changes:
|
||||||
|
name = (
|
||||||
|
await session.execute(
|
||||||
|
select(Name)
|
||||||
|
.where(Name.person_id == person.id, Name.deleted_at.is_(None))
|
||||||
|
.order_by(Name.is_primary.desc(), Name.sort_order)
|
||||||
|
)
|
||||||
|
).scalars().first()
|
||||||
|
if name is None:
|
||||||
|
name = Name(tree_id=tree.id, person_id=person.id, name_type="birth", is_primary=True)
|
||||||
|
session.add(name)
|
||||||
|
if "given" in changes:
|
||||||
|
name.given = changes["given"]
|
||||||
|
if "surname" in changes:
|
||||||
|
name.surname = changes["surname"]
|
||||||
|
name.display_name = None # rebuild display from parts
|
||||||
|
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="update",
|
||||||
|
entity_type="Person",
|
||||||
|
entity_id=person.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after=changes,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(person)
|
||||||
|
await _attach_primary_name(session, person)
|
||||||
|
return person
|
||||||
|
|
||||||
|
|
||||||
async def get_person(
|
async def get_person(
|
||||||
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree, person_id: uuid.UUID
|
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree, person_id: uuid.UUID
|
||||||
) -> Person:
|
) -> Person:
|
||||||
@@ -103,15 +166,181 @@ async def get_person(
|
|||||||
if person is None:
|
if person is None:
|
||||||
raise NotFound("person not found")
|
raise NotFound("person not found")
|
||||||
# Run the single person through the privacy engine (redaction lands Phase 2).
|
# Run the single person through the privacy engine (redaction lands Phase 2).
|
||||||
if (
|
vis = await privacy.person_visibility(
|
||||||
await privacy.person_visibility(session, user_id=viewer_id, tree=tree, person=person)
|
session, user_id=viewer_id, tree=tree, person=person
|
||||||
== Visibility.hidden
|
)
|
||||||
):
|
if vis == Visibility.hidden:
|
||||||
raise NotFound("person not found")
|
raise NotFound("person not found")
|
||||||
|
if vis == Visibility.redacted:
|
||||||
|
_redact(person)
|
||||||
|
else:
|
||||||
|
await _attach_primary_name(session, person)
|
||||||
|
return person
|
||||||
|
|
||||||
|
|
||||||
|
async def _children_of(
|
||||||
|
session: AsyncSession, *, tree_id: uuid.UUID, parent_id: uuid.UUID
|
||||||
|
) -> list[uuid.UUID]:
|
||||||
|
rows = (
|
||||||
|
await session.execute(
|
||||||
|
select(Relationship.person_to_id).where(
|
||||||
|
Relationship.tree_id == tree_id,
|
||||||
|
Relationship.deleted_at.is_(None),
|
||||||
|
Relationship.type == RelationshipType.parent_child,
|
||||||
|
Relationship.person_from_id == parent_id,
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
return list(rows)
|
||||||
|
|
||||||
|
|
||||||
|
async def _soft_delete_one(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, person: Person, now: datetime
|
||||||
|
) -> None:
|
||||||
|
"""Soft-delete a single person and the relationships touching them, so no
|
||||||
|
dangling edges are left to break the tree view."""
|
||||||
|
person.deleted_at = now
|
||||||
|
rels = (
|
||||||
|
await session.execute(
|
||||||
|
select(Relationship).where(
|
||||||
|
Relationship.tree_id == tree.id,
|
||||||
|
Relationship.deleted_at.is_(None),
|
||||||
|
or_(
|
||||||
|
Relationship.person_from_id == person.id,
|
||||||
|
Relationship.person_to_id == person.id,
|
||||||
|
),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
for rel in rels:
|
||||||
|
rel.deleted_at = now
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="delete",
|
||||||
|
entity_type="Person",
|
||||||
|
entity_id=person.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after={"cascaded_relationships": len(rels)},
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
async def delete_person(
|
||||||
|
session: AsyncSession,
|
||||||
|
*,
|
||||||
|
actor: User,
|
||||||
|
tree: Tree,
|
||||||
|
person_id: uuid.UUID,
|
||||||
|
cascade: bool = False,
|
||||||
|
) -> int:
|
||||||
|
"""Soft-delete a person. Always removes the relationships that touch them
|
||||||
|
(preventing dangling edges). With ``cascade=True``, recursively deletes
|
||||||
|
their descendants too — handy for pruning a bad GEDCOM import. Returns the
|
||||||
|
number of persons deleted."""
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
person = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(
|
||||||
|
Person.id == person_id, Person.tree_id == tree.id, Person.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if person is None:
|
||||||
|
raise NotFound("person not found")
|
||||||
|
|
||||||
|
now = datetime.now(UTC)
|
||||||
|
|
||||||
|
# Gather the set of persons to delete. For cascade, walk descendants
|
||||||
|
# breadth-first, guarding against cycles.
|
||||||
|
to_delete: list[Person] = [person]
|
||||||
|
if cascade:
|
||||||
|
seen = {person.id}
|
||||||
|
frontier = [person.id]
|
||||||
|
while frontier:
|
||||||
|
nxt: list[uuid.UUID] = []
|
||||||
|
for pid in frontier:
|
||||||
|
for child_id in await _children_of(session, tree_id=tree.id, parent_id=pid):
|
||||||
|
if child_id not in seen:
|
||||||
|
seen.add(child_id)
|
||||||
|
nxt.append(child_id)
|
||||||
|
frontier = nxt
|
||||||
|
extra_ids = [pid for pid in seen if pid != person.id]
|
||||||
|
if extra_ids:
|
||||||
|
extra = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(
|
||||||
|
Person.id.in_(extra_ids),
|
||||||
|
Person.tree_id == tree.id,
|
||||||
|
Person.deleted_at.is_(None),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
to_delete.extend(extra)
|
||||||
|
|
||||||
|
for p in to_delete:
|
||||||
|
await _soft_delete_one(session, actor=actor, tree=tree, person=p, now=now)
|
||||||
|
|
||||||
|
# Soft delete leaves the row in place, so the DB-level "ON DELETE SET NULL"
|
||||||
|
# never fires — clear any links (account self-person, tree home person) to a
|
||||||
|
# deleted person.
|
||||||
|
deleted_ids = [p.id for p in to_delete]
|
||||||
|
await session.execute(
|
||||||
|
update(User).where(User.self_person_id.in_(deleted_ids)).values(self_person_id=None)
|
||||||
|
)
|
||||||
|
await session.execute(
|
||||||
|
update(Tree).where(Tree.home_person_id.in_(deleted_ids)).values(home_person_id=None)
|
||||||
|
)
|
||||||
|
|
||||||
|
await session.commit()
|
||||||
|
return len(to_delete)
|
||||||
|
|
||||||
|
|
||||||
|
async def restore_person(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, person_id: uuid.UUID
|
||||||
|
) -> Person:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
person = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(
|
||||||
|
Person.id == person_id, Person.tree_id == tree.id, Person.deleted_at.is_not(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if person is None:
|
||||||
|
raise NotFound("deleted person not found")
|
||||||
|
person.deleted_at = None
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="restore",
|
||||||
|
entity_type="Person",
|
||||||
|
entity_id=person.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(person)
|
||||||
await _attach_primary_name(session, person)
|
await _attach_primary_name(session, person)
|
||||||
return person
|
return person
|
||||||
|
|
||||||
|
|
||||||
|
async def list_deleted_persons(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree
|
||||||
|
) -> list[Person]:
|
||||||
|
if not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
||||||
|
raise Forbidden("not permitted to view this tree")
|
||||||
|
stmt = (
|
||||||
|
select(Person)
|
||||||
|
.where(Person.tree_id == tree.id, Person.deleted_at.is_not(None))
|
||||||
|
.order_by(Person.deleted_at.desc())
|
||||||
|
)
|
||||||
|
persons = list((await session.execute(stmt)).scalars().all())
|
||||||
|
for person in persons:
|
||||||
|
await _attach_primary_name(session, person)
|
||||||
|
return persons
|
||||||
|
|
||||||
|
|
||||||
async def list_persons(
|
async def list_persons(
|
||||||
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree
|
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree
|
||||||
) -> list[Person]:
|
) -> list[Person]:
|
||||||
@@ -127,13 +356,66 @@ async def list_persons(
|
|||||||
|
|
||||||
visible: list[Person] = []
|
visible: list[Person] = []
|
||||||
for person in persons:
|
for person in persons:
|
||||||
if (
|
vis = await privacy.person_visibility(
|
||||||
await privacy.person_visibility(
|
session, user_id=viewer_id, tree=tree, person=person
|
||||||
session, user_id=viewer_id, tree=tree, person=person
|
)
|
||||||
)
|
if vis == Visibility.hidden:
|
||||||
== Visibility.hidden
|
|
||||||
):
|
|
||||||
continue
|
continue
|
||||||
await _attach_primary_name(session, person)
|
if vis == Visibility.redacted:
|
||||||
|
_redact(person)
|
||||||
|
else:
|
||||||
|
await _attach_primary_name(session, person)
|
||||||
visible.append(person)
|
visible.append(person)
|
||||||
return visible
|
return visible
|
||||||
|
|
||||||
|
|
||||||
|
async def search_persons(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree, query: str, limit: int = 50
|
||||||
|
) -> list[Person]:
|
||||||
|
if not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
||||||
|
raise Forbidden("not permitted to view this tree")
|
||||||
|
q = query.strip()
|
||||||
|
if not q:
|
||||||
|
return []
|
||||||
|
like = f"%{q}%"
|
||||||
|
score = func.greatest(
|
||||||
|
func.similarity(func.coalesce(Name.given, ""), q),
|
||||||
|
func.similarity(func.coalesce(Name.surname, ""), q),
|
||||||
|
)
|
||||||
|
sub = (
|
||||||
|
select(Name.person_id.label("pid"), func.max(score).label("score"))
|
||||||
|
.where(
|
||||||
|
Name.tree_id == tree.id,
|
||||||
|
Name.deleted_at.is_(None),
|
||||||
|
or_(
|
||||||
|
Name.given.op("%")(q),
|
||||||
|
Name.surname.op("%")(q),
|
||||||
|
Name.given.ilike(like),
|
||||||
|
Name.surname.ilike(like),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
.group_by(Name.person_id)
|
||||||
|
.order_by(func.max(score).desc())
|
||||||
|
.limit(limit)
|
||||||
|
.subquery()
|
||||||
|
)
|
||||||
|
stmt = (
|
||||||
|
select(Person)
|
||||||
|
.join(sub, sub.c.pid == Person.id)
|
||||||
|
.where(Person.tree_id == tree.id, Person.deleted_at.is_(None))
|
||||||
|
.order_by(sub.c.score.desc())
|
||||||
|
)
|
||||||
|
persons = list((await session.execute(stmt)).scalars().all())
|
||||||
|
out: list[Person] = []
|
||||||
|
for person in persons:
|
||||||
|
vis = await privacy.person_visibility(
|
||||||
|
session, user_id=viewer_id, tree=tree, person=person
|
||||||
|
)
|
||||||
|
if vis == Visibility.hidden:
|
||||||
|
continue
|
||||||
|
if vis == Visibility.redacted:
|
||||||
|
_redact(person)
|
||||||
|
else:
|
||||||
|
await _attach_primary_name(session, person)
|
||||||
|
out.append(person)
|
||||||
|
return out
|
||||||
|
|||||||
@@ -8,14 +8,20 @@ tree's visibility, the per-person override, and (Phase 2) living-person status.
|
|||||||
|
|
||||||
import enum
|
import enum
|
||||||
import uuid
|
import uuid
|
||||||
|
from datetime import UTC, datetime
|
||||||
|
|
||||||
from sqlalchemy import select
|
from sqlalchemy import select
|
||||||
from sqlalchemy.ext.asyncio import AsyncSession
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
from app.models.enums import MembershipRole, PersonPrivacy, TreeVisibility
|
from app.models.enums import MembershipRole, PersonPrivacy, TreeVisibility
|
||||||
|
from app.models.event import Event
|
||||||
from app.models.person import Person
|
from app.models.person import Person
|
||||||
from app.models.tree import Tree, TreeMembership
|
from app.models.tree import Tree, TreeMembership
|
||||||
|
|
||||||
|
# A person with no death fact whose birth is within this window (or unknown) is
|
||||||
|
# treated as possibly living and redacted from non-members (ARCHITECTURE §6).
|
||||||
|
LIVING_RECENCY_YEARS = 100
|
||||||
|
|
||||||
|
|
||||||
class Visibility(enum.StrEnum):
|
class Visibility(enum.StrEnum):
|
||||||
full = "full"
|
full = "full"
|
||||||
@@ -39,8 +45,17 @@ async def can_view_tree(session: AsyncSession, *, user_id: uuid.UUID | None, tre
|
|||||||
if tree.deleted_at is not None:
|
if tree.deleted_at is not None:
|
||||||
return False
|
return False
|
||||||
if await get_membership_role(session, user_id, tree.id) is not None:
|
if await get_membership_role(session, user_id, tree.id) is not None:
|
||||||
|
return True # members always (any role)
|
||||||
|
# Non-members. Branch on the viewer's auth state:
|
||||||
|
# public / unlisted → anyone, including anonymous (unlisted is gated only
|
||||||
|
# by knowing the link, so the API must never *list* it).
|
||||||
|
# site_members → any authenticated account on this instance.
|
||||||
|
# private → no one.
|
||||||
|
if tree.visibility in (TreeVisibility.public, TreeVisibility.unlisted):
|
||||||
return True
|
return True
|
||||||
return tree.visibility in (TreeVisibility.public, TreeVisibility.unlisted)
|
if tree.visibility == TreeVisibility.site_members:
|
||||||
|
return user_id is not None
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
async def can_edit_tree(session: AsyncSession, *, user_id: uuid.UUID | None, tree: Tree) -> bool:
|
async def can_edit_tree(session: AsyncSession, *, user_id: uuid.UUID | None, tree: Tree) -> bool:
|
||||||
@@ -48,15 +63,56 @@ async def can_edit_tree(session: AsyncSession, *, user_id: uuid.UUID | None, tre
|
|||||||
return role in (MembershipRole.owner, MembershipRole.editor)
|
return role in (MembershipRole.owner, MembershipRole.editor)
|
||||||
|
|
||||||
|
|
||||||
|
async def is_possibly_living(session: AsyncSession, person: Person) -> bool:
|
||||||
|
"""True if the person should be treated as living: explicit flag, or (absent
|
||||||
|
a death fact) a birth within the recency window or an unknown birth."""
|
||||||
|
if person.is_living is True:
|
||||||
|
return True
|
||||||
|
if person.is_living is False:
|
||||||
|
return False
|
||||||
|
death = (
|
||||||
|
await session.execute(
|
||||||
|
select(Event.id)
|
||||||
|
.where(
|
||||||
|
Event.person_id == person.id,
|
||||||
|
Event.event_type == "death",
|
||||||
|
Event.deleted_at.is_(None),
|
||||||
|
)
|
||||||
|
.limit(1)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if death is not None:
|
||||||
|
return False
|
||||||
|
birth = (
|
||||||
|
await session.execute(
|
||||||
|
select(Event.date_start)
|
||||||
|
.where(
|
||||||
|
Event.person_id == person.id,
|
||||||
|
Event.event_type == "birth",
|
||||||
|
Event.date_start.is_not(None),
|
||||||
|
Event.deleted_at.is_(None),
|
||||||
|
)
|
||||||
|
.order_by(Event.date_start)
|
||||||
|
.limit(1)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if birth is None:
|
||||||
|
return True # unknown birth → treat as possibly living
|
||||||
|
return (datetime.now(UTC).year - birth.year) < LIVING_RECENCY_YEARS
|
||||||
|
|
||||||
|
|
||||||
async def person_visibility(
|
async def person_visibility(
|
||||||
session: AsyncSession, *, user_id: uuid.UUID | None, tree: Tree, person: Person
|
session: AsyncSession, *, user_id: uuid.UUID | None, tree: Tree, person: Person
|
||||||
) -> Visibility:
|
) -> Visibility:
|
||||||
if not await can_view_tree(session, user_id=user_id, tree=tree):
|
if not await can_view_tree(session, user_id=user_id, tree=tree):
|
||||||
return Visibility.hidden
|
return Visibility.hidden
|
||||||
if await get_membership_role(session, user_id, tree.id) is not None:
|
if await get_membership_role(session, user_id, tree.id) is not None:
|
||||||
return Visibility.full
|
return Visibility.full # members see everyone in their tree
|
||||||
# Non-member viewing a public/unlisted tree:
|
# Non-member viewing a public/unlisted tree:
|
||||||
if person.privacy == PersonPrivacy.private:
|
if person.privacy == PersonPrivacy.private:
|
||||||
return Visibility.hidden
|
return Visibility.hidden
|
||||||
# TODO(Phase 2): redact living people for non-members (ARCHITECTURE §6).
|
if person.privacy == PersonPrivacy.public:
|
||||||
|
return Visibility.full # explicit per-person opt-in
|
||||||
|
if await is_possibly_living(session, person):
|
||||||
|
return Visibility.redacted # living people are protected by default
|
||||||
return Visibility.full
|
return Visibility.full
|
||||||
|
|||||||
@@ -0,0 +1,256 @@
|
|||||||
|
"""Read-only, redaction-safe projections for the public viewing surface.
|
||||||
|
|
||||||
|
INVARIANT (CLAUDE.md #2): everything returned here has passed through
|
||||||
|
``privacy.person_visibility``. A non-member must never receive a possibly-living
|
||||||
|
person's real name, dates, alternate names, or media. The rules:
|
||||||
|
|
||||||
|
- persons : redacted (living → "Living person"); hidden dropped.
|
||||||
|
- relationships : only when BOTH endpoints are non-hidden (a link to a
|
||||||
|
redacted person is fine — the name is already hidden).
|
||||||
|
- events : only for FULL-visibility persons; partnership events only
|
||||||
|
when BOTH partners are full (a marriage date would leak a
|
||||||
|
living partner's timeline otherwise).
|
||||||
|
- names : only for FULL-visibility persons.
|
||||||
|
- media : NOT exposed yet (deferred — see docs/design/tree-visibility.md).
|
||||||
|
|
||||||
|
A tree that isn't viewable raises NotFound (never Forbidden) so the public
|
||||||
|
surface can't be used to probe whether a private tree exists.
|
||||||
|
"""
|
||||||
|
|
||||||
|
import uuid
|
||||||
|
|
||||||
|
from sqlalchemy import select
|
||||||
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
|
from app.models.enums import TreeVisibility
|
||||||
|
from app.models.event import Event
|
||||||
|
from app.models.person import Name, Person
|
||||||
|
from app.models.relationship import Relationship
|
||||||
|
from app.models.tree import Tree
|
||||||
|
from app.services import privacy
|
||||||
|
from app.services.exceptions import NotFound
|
||||||
|
from app.services.person_service import _attach_primary_name, _redact
|
||||||
|
from app.services.privacy import Visibility
|
||||||
|
|
||||||
|
|
||||||
|
async def get_public_tree(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID | None, tree_id: uuid.UUID
|
||||||
|
) -> Tree:
|
||||||
|
tree = (
|
||||||
|
await session.execute(
|
||||||
|
select(Tree).where(Tree.id == tree_id, Tree.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
# 404 (not 403) when not viewable: don't reveal that a private tree exists.
|
||||||
|
if tree is None or not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
||||||
|
raise NotFound("tree not found")
|
||||||
|
return tree
|
||||||
|
|
||||||
|
|
||||||
|
async def _persons(session: AsyncSession, tree: Tree) -> list[Person]:
|
||||||
|
return list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(Person.tree_id == tree.id, Person.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
)
|
||||||
|
.scalars()
|
||||||
|
.all()
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
async def _visibility_map(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID | None, tree: Tree, persons: list[Person]
|
||||||
|
) -> dict[uuid.UUID, Visibility]:
|
||||||
|
return {
|
||||||
|
p.id: await privacy.person_visibility(
|
||||||
|
session, user_id=viewer_id, tree=tree, person=p
|
||||||
|
)
|
||||||
|
for p in persons
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
async def list_public_persons(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID | None, tree: Tree
|
||||||
|
) -> list[Person]:
|
||||||
|
out: list[Person] = []
|
||||||
|
for p in await _persons(session, tree):
|
||||||
|
vis = await privacy.person_visibility(session, user_id=viewer_id, tree=tree, person=p)
|
||||||
|
if vis == Visibility.hidden:
|
||||||
|
continue
|
||||||
|
if vis == Visibility.redacted:
|
||||||
|
_redact(p)
|
||||||
|
else:
|
||||||
|
await _attach_primary_name(session, p)
|
||||||
|
out.append(p)
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
async def get_public_person(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID | None, tree: Tree, person_id: uuid.UUID
|
||||||
|
) -> Person:
|
||||||
|
person = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(
|
||||||
|
Person.id == person_id,
|
||||||
|
Person.tree_id == tree.id,
|
||||||
|
Person.deleted_at.is_(None),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if person is None:
|
||||||
|
raise NotFound("person not found")
|
||||||
|
vis = await privacy.person_visibility(session, user_id=viewer_id, tree=tree, person=person)
|
||||||
|
if vis == Visibility.hidden:
|
||||||
|
raise NotFound("person not found")
|
||||||
|
if vis == Visibility.redacted:
|
||||||
|
_redact(person)
|
||||||
|
else:
|
||||||
|
await _attach_primary_name(session, person)
|
||||||
|
return person
|
||||||
|
|
||||||
|
|
||||||
|
async def _person_visibility(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID | None, tree: Tree, person_id: uuid.UUID
|
||||||
|
) -> Visibility | None:
|
||||||
|
person = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(
|
||||||
|
Person.id == person_id,
|
||||||
|
Person.tree_id == tree.id,
|
||||||
|
Person.deleted_at.is_(None),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if person is None:
|
||||||
|
return None
|
||||||
|
return await privacy.person_visibility(session, user_id=viewer_id, tree=tree, person=person)
|
||||||
|
|
||||||
|
|
||||||
|
async def list_public_relationships(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID | None, tree: Tree
|
||||||
|
) -> list[Relationship]:
|
||||||
|
persons = await _persons(session, tree)
|
||||||
|
vis = await _visibility_map(session, viewer_id=viewer_id, tree=tree, persons=persons)
|
||||||
|
nonhidden = {pid for pid, v in vis.items() if v != Visibility.hidden}
|
||||||
|
rels = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Relationship).where(
|
||||||
|
Relationship.tree_id == tree.id, Relationship.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
.scalars()
|
||||||
|
.all()
|
||||||
|
)
|
||||||
|
return [
|
||||||
|
r for r in rels if r.person_from_id in nonhidden and r.person_to_id in nonhidden
|
||||||
|
]
|
||||||
|
|
||||||
|
|
||||||
|
async def list_public_events(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID | None, tree: Tree
|
||||||
|
) -> list[Event]:
|
||||||
|
persons = await _persons(session, tree)
|
||||||
|
vis = await _visibility_map(session, viewer_id=viewer_id, tree=tree, persons=persons)
|
||||||
|
full = {pid for pid, v in vis.items() if v == Visibility.full}
|
||||||
|
rels = {
|
||||||
|
r.id: r
|
||||||
|
for r in (
|
||||||
|
await session.execute(
|
||||||
|
select(Relationship).where(
|
||||||
|
Relationship.tree_id == tree.id, Relationship.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
.scalars()
|
||||||
|
.all()
|
||||||
|
}
|
||||||
|
events = list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Event).where(Event.tree_id == tree.id, Event.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
)
|
||||||
|
.scalars()
|
||||||
|
.all()
|
||||||
|
)
|
||||||
|
out: list[Event] = []
|
||||||
|
for e in events:
|
||||||
|
if e.person_id is not None:
|
||||||
|
if e.person_id in full:
|
||||||
|
out.append(e)
|
||||||
|
elif e.relationship_id is not None:
|
||||||
|
r = rels.get(e.relationship_id)
|
||||||
|
if r is not None and r.person_from_id in full and r.person_to_id in full:
|
||||||
|
out.append(e)
|
||||||
|
return out
|
||||||
|
|
||||||
|
|
||||||
|
async def list_public_person_names(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID | None, tree: Tree, person_id: uuid.UUID
|
||||||
|
) -> list[Name]:
|
||||||
|
vis = await _person_visibility(session, viewer_id=viewer_id, tree=tree, person_id=person_id)
|
||||||
|
if vis is None:
|
||||||
|
raise NotFound("person not found")
|
||||||
|
if vis != Visibility.full:
|
||||||
|
return [] # redacted/hidden → no names (the real name must not leak)
|
||||||
|
return list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Name)
|
||||||
|
.where(Name.person_id == person_id, Name.deleted_at.is_(None))
|
||||||
|
.order_by(Name.is_primary.desc(), Name.sort_order, Name.created_at)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
.scalars()
|
||||||
|
.all()
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
async def list_public_person_events(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID | None, tree: Tree, person_id: uuid.UUID
|
||||||
|
) -> list[Event]:
|
||||||
|
vis = await _person_visibility(session, viewer_id=viewer_id, tree=tree, person_id=person_id)
|
||||||
|
if vis is None:
|
||||||
|
raise NotFound("person not found")
|
||||||
|
if vis != Visibility.full:
|
||||||
|
return [] # redacted/hidden → no dates
|
||||||
|
return list(
|
||||||
|
(
|
||||||
|
await session.execute(
|
||||||
|
select(Event)
|
||||||
|
.where(
|
||||||
|
Event.person_id == person_id,
|
||||||
|
Event.tree_id == tree.id,
|
||||||
|
Event.deleted_at.is_(None),
|
||||||
|
)
|
||||||
|
.order_by(Event.date_start.nulls_last(), Event.created_at)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
.scalars()
|
||||||
|
.all()
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
async def list_public_trees(
|
||||||
|
session: AsyncSession,
|
||||||
|
*,
|
||||||
|
viewer_id: uuid.UUID | None,
|
||||||
|
q: str | None = None,
|
||||||
|
limit: int = 50,
|
||||||
|
offset: int = 0,
|
||||||
|
) -> list[Tree]:
|
||||||
|
# Anonymous: only `public`. Authenticated: also `site_members`. Never list
|
||||||
|
# `unlisted` (reachable by link only) or `private`.
|
||||||
|
allowed = [TreeVisibility.public]
|
||||||
|
if viewer_id is not None:
|
||||||
|
allowed.append(TreeVisibility.site_members)
|
||||||
|
stmt = select(Tree).where(
|
||||||
|
Tree.deleted_at.is_(None), Tree.visibility.in_(allowed)
|
||||||
|
)
|
||||||
|
if q and q.strip():
|
||||||
|
stmt = stmt.where(Tree.name.ilike(f"%{q.strip()}%"))
|
||||||
|
stmt = stmt.order_by(Tree.name).limit(min(limit, 100)).offset(max(offset, 0))
|
||||||
|
return list((await session.execute(stmt)).scalars().all())
|
||||||
@@ -4,7 +4,7 @@ Writes require editor rights; reads go through the privacy engine."""
|
|||||||
import uuid
|
import uuid
|
||||||
from datetime import UTC, datetime
|
from datetime import UTC, datetime
|
||||||
|
|
||||||
from sqlalchemy import or_, select
|
from sqlalchemy import and_, or_, select
|
||||||
from sqlalchemy.ext.asyncio import AsyncSession
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
from app.models.enums import ParentChildQualifier, RelationshipType
|
from app.models.enums import ParentChildQualifier, RelationshipType
|
||||||
@@ -49,6 +49,38 @@ async def create_relationship(
|
|||||||
if not await _person_in_tree(session, pid, tree.id):
|
if not await _person_in_tree(session, pid, tree.id):
|
||||||
raise NotFound("person not found in this tree")
|
raise NotFound("person not found in this tree")
|
||||||
|
|
||||||
|
# Reject an equivalent existing edge so the same two people can't be linked
|
||||||
|
# the same way twice. parent_child is directional (parent -> child);
|
||||||
|
# partnership/sibling are symmetric, so match the pair in either order.
|
||||||
|
if type is RelationshipType.parent_child:
|
||||||
|
pair = and_(
|
||||||
|
Relationship.person_from_id == person_from_id,
|
||||||
|
Relationship.person_to_id == person_to_id,
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
pair = or_(
|
||||||
|
and_(
|
||||||
|
Relationship.person_from_id == person_from_id,
|
||||||
|
Relationship.person_to_id == person_to_id,
|
||||||
|
),
|
||||||
|
and_(
|
||||||
|
Relationship.person_from_id == person_to_id,
|
||||||
|
Relationship.person_to_id == person_from_id,
|
||||||
|
),
|
||||||
|
)
|
||||||
|
existing = (
|
||||||
|
await session.execute(
|
||||||
|
select(Relationship.id).where(
|
||||||
|
Relationship.tree_id == tree.id,
|
||||||
|
Relationship.type == type,
|
||||||
|
Relationship.deleted_at.is_(None),
|
||||||
|
pair,
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if existing is not None:
|
||||||
|
raise Conflict("these two people are already linked that way")
|
||||||
|
|
||||||
relationship = Relationship(
|
relationship = Relationship(
|
||||||
tree_id=tree.id,
|
tree_id=tree.id,
|
||||||
type=type,
|
type=type,
|
||||||
@@ -73,6 +105,20 @@ async def create_relationship(
|
|||||||
return relationship
|
return relationship
|
||||||
|
|
||||||
|
|
||||||
|
async def list_relationships(
|
||||||
|
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree
|
||||||
|
) -> list[Relationship]:
|
||||||
|
"""All relationships in the tree — powers the family/pedigree view in one call."""
|
||||||
|
if not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
||||||
|
raise Forbidden("not permitted to view this tree")
|
||||||
|
stmt = (
|
||||||
|
select(Relationship)
|
||||||
|
.where(Relationship.tree_id == tree.id, Relationship.deleted_at.is_(None))
|
||||||
|
.order_by(Relationship.created_at)
|
||||||
|
)
|
||||||
|
return list((await session.execute(stmt)).scalars().all())
|
||||||
|
|
||||||
|
|
||||||
async def list_relationships_for_person(
|
async def list_relationships_for_person(
|
||||||
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree, person_id: uuid.UUID
|
session: AsyncSession, *, viewer_id: uuid.UUID, tree: Tree, person_id: uuid.UUID
|
||||||
) -> list[Relationship]:
|
) -> list[Relationship]:
|
||||||
@@ -93,6 +139,44 @@ async def list_relationships_for_person(
|
|||||||
return list((await session.execute(stmt)).scalars().all())
|
return list((await session.execute(stmt)).scalars().all())
|
||||||
|
|
||||||
|
|
||||||
|
async def update_relationship(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, relationship_id: uuid.UUID, changes: dict
|
||||||
|
) -> Relationship:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
relationship = (
|
||||||
|
await session.execute(
|
||||||
|
select(Relationship).where(
|
||||||
|
Relationship.id == relationship_id,
|
||||||
|
Relationship.tree_id == tree.id,
|
||||||
|
Relationship.deleted_at.is_(None),
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if relationship is None:
|
||||||
|
raise NotFound("relationship not found")
|
||||||
|
if (
|
||||||
|
"qualifier" in changes
|
||||||
|
and changes["qualifier"] is not None
|
||||||
|
and relationship.type is not RelationshipType.parent_child
|
||||||
|
):
|
||||||
|
raise Conflict("qualifier only applies to parent_child relationships")
|
||||||
|
for key in {"qualifier", "notes"} & changes.keys():
|
||||||
|
setattr(relationship, key, changes[key])
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="update",
|
||||||
|
entity_type="Relationship",
|
||||||
|
entity_id=relationship.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after=changes,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(relationship)
|
||||||
|
return relationship
|
||||||
|
|
||||||
|
|
||||||
async def delete_relationship(
|
async def delete_relationship(
|
||||||
session: AsyncSession, *, actor: User, tree: Tree, relationship_id: uuid.UUID
|
session: AsyncSession, *, actor: User, tree: Tree, relationship_id: uuid.UUID
|
||||||
) -> None:
|
) -> None:
|
||||||
|
|||||||
@@ -86,6 +86,42 @@ async def get_source(
|
|||||||
return source
|
return source
|
||||||
|
|
||||||
|
|
||||||
|
_SOURCE_FIELDS = {
|
||||||
|
"title", "author", "source_type", "repository", "url", "citation_text",
|
||||||
|
"publication_info", "quality_note",
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
async def update_source(
|
||||||
|
session: AsyncSession, *, actor: User, tree: Tree, source_id: uuid.UUID, changes: dict
|
||||||
|
) -> Source:
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
source = (
|
||||||
|
await session.execute(
|
||||||
|
select(Source).where(
|
||||||
|
Source.id == source_id, Source.tree_id == tree.id, Source.deleted_at.is_(None)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if source is None:
|
||||||
|
raise NotFound("source not found")
|
||||||
|
for key in _SOURCE_FIELDS & changes.keys():
|
||||||
|
setattr(source, key, changes[key])
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="update",
|
||||||
|
entity_type="Source",
|
||||||
|
entity_id=source.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after=changes,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(source)
|
||||||
|
return source
|
||||||
|
|
||||||
|
|
||||||
async def delete_source(
|
async def delete_source(
|
||||||
session: AsyncSession, *, actor: User, tree: Tree, source_id: uuid.UUID
|
session: AsyncSession, *, actor: User, tree: Tree, source_id: uuid.UUID
|
||||||
) -> None:
|
) -> None:
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ authorization basis) and an audit entry. Reads go through the privacy engine.
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
import uuid
|
import uuid
|
||||||
|
from datetime import UTC, datetime
|
||||||
|
|
||||||
from sqlalchemy import select
|
from sqlalchemy import select
|
||||||
from sqlalchemy.ext.asyncio import AsyncSession
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
@@ -59,3 +60,79 @@ async def get_tree(session: AsyncSession, *, viewer_id: uuid.UUID, tree_id: uuid
|
|||||||
if not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
if not await privacy.can_view_tree(session, user_id=viewer_id, tree=tree):
|
||||||
raise Forbidden("not permitted to view this tree")
|
raise Forbidden("not permitted to view this tree")
|
||||||
return tree
|
return tree
|
||||||
|
|
||||||
|
|
||||||
|
async def update_tree(
|
||||||
|
session: AsyncSession, *, actor: User, tree_id: uuid.UUID, changes: dict
|
||||||
|
) -> Tree:
|
||||||
|
tree = await BaseRepository(session, Tree).get(tree_id)
|
||||||
|
if tree is None:
|
||||||
|
raise NotFound("tree not found")
|
||||||
|
if not await privacy.can_edit_tree(session, user_id=actor.id, tree=tree):
|
||||||
|
raise Forbidden("not an editor of this tree")
|
||||||
|
for key in {"name", "description", "visibility", "home_person_id"} & changes.keys():
|
||||||
|
setattr(tree, key, changes[key])
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="update",
|
||||||
|
entity_type="Tree",
|
||||||
|
entity_id=tree.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
after=changes,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(tree)
|
||||||
|
return tree
|
||||||
|
|
||||||
|
|
||||||
|
async def _owned_tree(session: AsyncSession, *, actor: User, tree_id: uuid.UUID) -> Tree:
|
||||||
|
"""Load a tree (including soft-deleted) and require the actor be its owner."""
|
||||||
|
tree = await BaseRepository(session, Tree).get(tree_id, include_deleted=True)
|
||||||
|
if tree is None:
|
||||||
|
raise NotFound("tree not found")
|
||||||
|
role = await privacy.get_membership_role(session, actor.id, tree.id)
|
||||||
|
if role is not MembershipRole.owner:
|
||||||
|
raise Forbidden("only the owner can delete or restore a tree")
|
||||||
|
return tree
|
||||||
|
|
||||||
|
|
||||||
|
async def delete_tree(session: AsyncSession, *, actor: User, tree_id: uuid.UUID) -> None:
|
||||||
|
tree = await _owned_tree(session, actor=actor, tree_id=tree_id)
|
||||||
|
if tree.deleted_at is None:
|
||||||
|
tree.deleted_at = datetime.now(UTC)
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="delete",
|
||||||
|
entity_type="Tree",
|
||||||
|
entity_id=tree.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
|
||||||
|
|
||||||
|
async def restore_tree(session: AsyncSession, *, actor: User, tree_id: uuid.UUID) -> Tree:
|
||||||
|
tree = await _owned_tree(session, actor=actor, tree_id=tree_id)
|
||||||
|
if tree.deleted_at is not None:
|
||||||
|
tree.deleted_at = None
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="restore",
|
||||||
|
entity_type="Tree",
|
||||||
|
entity_id=tree.id,
|
||||||
|
tree_id=tree.id,
|
||||||
|
actor_user_id=actor.id,
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
return tree
|
||||||
|
|
||||||
|
|
||||||
|
async def list_deleted_trees_for_user(session: AsyncSession, *, user: User) -> list[Tree]:
|
||||||
|
stmt = (
|
||||||
|
select(Tree)
|
||||||
|
.join(TreeMembership, TreeMembership.tree_id == Tree.id)
|
||||||
|
.where(TreeMembership.user_id == user.id, Tree.deleted_at.is_not(None))
|
||||||
|
.order_by(Tree.deleted_at.desc())
|
||||||
|
)
|
||||||
|
return list((await session.execute(stmt)).scalars().all())
|
||||||
|
|||||||
@@ -8,10 +8,13 @@ import uuid
|
|||||||
from sqlalchemy import select
|
from sqlalchemy import select
|
||||||
from sqlalchemy.ext.asyncio import AsyncSession
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||||||
|
|
||||||
|
from app.models.person import Person
|
||||||
|
from app.models.tree import Tree
|
||||||
from app.models.user import User
|
from app.models.user import User
|
||||||
from app.repositories.base import BaseRepository
|
from app.repositories.base import BaseRepository
|
||||||
|
from app.services import privacy
|
||||||
from app.services.audit import record_audit
|
from app.services.audit import record_audit
|
||||||
from app.services.exceptions import Conflict
|
from app.services.exceptions import Conflict, Forbidden, NotFound
|
||||||
|
|
||||||
|
|
||||||
async def create_user(
|
async def create_user(
|
||||||
@@ -42,3 +45,39 @@ async def create_user(
|
|||||||
|
|
||||||
async def get_user(session: AsyncSession, user_id: uuid.UUID) -> User | None:
|
async def get_user(session: AsyncSession, user_id: uuid.UUID) -> User | None:
|
||||||
return await BaseRepository(session, User).get(user_id)
|
return await BaseRepository(session, User).get(user_id)
|
||||||
|
|
||||||
|
|
||||||
|
async def set_self_person(
|
||||||
|
session: AsyncSession, *, user: User, person_id: uuid.UUID | None
|
||||||
|
) -> User:
|
||||||
|
"""Point a user's account at the Person record that *is* them ("home
|
||||||
|
person"), or clear it with ``None``. The person must live in a tree the
|
||||||
|
user can view."""
|
||||||
|
if person_id is not None:
|
||||||
|
person = (
|
||||||
|
await session.execute(
|
||||||
|
select(Person).where(Person.id == person_id, Person.deleted_at.is_(None))
|
||||||
|
)
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if person is None:
|
||||||
|
raise NotFound("person not found")
|
||||||
|
tree = (
|
||||||
|
await session.execute(select(Tree).where(Tree.id == person.tree_id))
|
||||||
|
).scalar_one_or_none()
|
||||||
|
if tree is None or not await privacy.can_view_tree(
|
||||||
|
session, user_id=user.id, tree=tree
|
||||||
|
):
|
||||||
|
raise Forbidden("not permitted to link this person")
|
||||||
|
|
||||||
|
user.self_person_id = person_id
|
||||||
|
record_audit(
|
||||||
|
session,
|
||||||
|
action="update",
|
||||||
|
entity_type="User",
|
||||||
|
entity_id=user.id,
|
||||||
|
actor_user_id=user.id,
|
||||||
|
after={"self_person_id": str(person_id) if person_id else None},
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
await session.refresh(user)
|
||||||
|
return user
|
||||||
|
|||||||
@@ -0,0 +1,103 @@
|
|||||||
|
"""Background worker. Same image as the backend, run in worker mode
|
||||||
|
(`python -m app.worker`). First job: the scheduled soft-delete purge — hard-
|
||||||
|
delete rows whose ``deleted_at`` is older than the recovery window, and remove
|
||||||
|
their objects from storage. More jobs (media processing, scraping, hints) and a
|
||||||
|
proper queue arrive in later phases.
|
||||||
|
"""
|
||||||
|
|
||||||
|
import asyncio
|
||||||
|
import logging
|
||||||
|
import sys
|
||||||
|
from datetime import UTC, datetime, timedelta
|
||||||
|
|
||||||
|
from sqlalchemy import delete, select
|
||||||
|
|
||||||
|
from app.core.config import get_settings
|
||||||
|
from app.core.db import get_sessionmaker
|
||||||
|
from app.integrations.objectstore.s3 import S3ObjectStore
|
||||||
|
from app.models import (
|
||||||
|
Citation,
|
||||||
|
Event,
|
||||||
|
Media,
|
||||||
|
Name,
|
||||||
|
Person,
|
||||||
|
Place,
|
||||||
|
PlaceName,
|
||||||
|
Relationship,
|
||||||
|
Source,
|
||||||
|
Tree,
|
||||||
|
User,
|
||||||
|
)
|
||||||
|
|
||||||
|
logger = logging.getLogger("provenance.worker")
|
||||||
|
|
||||||
|
# Child -> parent so foreign keys are satisfied as rows are removed.
|
||||||
|
_PURGE_ORDER = [Citation, Name, Event, Relationship, PlaceName, Place, Source, Person, Tree, User]
|
||||||
|
|
||||||
|
|
||||||
|
async def _purge_media(sessionmaker, store, cutoff: datetime) -> None:
|
||||||
|
async with sessionmaker() as session:
|
||||||
|
rows = (
|
||||||
|
await session.execute(
|
||||||
|
select(Media).where(Media.deleted_at.is_not(None), Media.deleted_at < cutoff)
|
||||||
|
)
|
||||||
|
).scalars().all()
|
||||||
|
for media in rows:
|
||||||
|
try:
|
||||||
|
await store.delete_object(key=media.storage_key)
|
||||||
|
except Exception as exc: # noqa: BLE001
|
||||||
|
logger.warning("object delete failed for %s: %s", media.storage_key, exc)
|
||||||
|
await session.delete(media)
|
||||||
|
await session.commit()
|
||||||
|
if rows:
|
||||||
|
logger.info("purged %d media", len(rows))
|
||||||
|
|
||||||
|
|
||||||
|
async def _purge_table(sessionmaker, model, cutoff: datetime) -> None:
|
||||||
|
async with sessionmaker() as session:
|
||||||
|
try:
|
||||||
|
res = await session.execute(
|
||||||
|
delete(model).where(model.deleted_at.is_not(None), model.deleted_at < cutoff)
|
||||||
|
)
|
||||||
|
await session.commit()
|
||||||
|
if res.rowcount:
|
||||||
|
logger.info("purged %d %s", res.rowcount, model.__tablename__)
|
||||||
|
except Exception as exc: # noqa: BLE001
|
||||||
|
await session.rollback()
|
||||||
|
logger.warning("purge %s failed: %s", model.__tablename__, exc)
|
||||||
|
|
||||||
|
|
||||||
|
async def purge_once(sessionmaker, store) -> None:
|
||||||
|
settings = get_settings()
|
||||||
|
cutoff = datetime.now(UTC) - timedelta(days=settings.purge_after_days)
|
||||||
|
await _purge_media(sessionmaker, store, cutoff)
|
||||||
|
for model in _PURGE_ORDER:
|
||||||
|
await _purge_table(sessionmaker, model, cutoff)
|
||||||
|
|
||||||
|
|
||||||
|
async def main() -> None:
|
||||||
|
logging.basicConfig(
|
||||||
|
level=logging.INFO, format="%(levelname)s [%(name)s] %(message)s", stream=sys.stdout
|
||||||
|
)
|
||||||
|
settings = get_settings()
|
||||||
|
store = S3ObjectStore(settings)
|
||||||
|
try:
|
||||||
|
await store.ensure_bucket()
|
||||||
|
except Exception as exc: # noqa: BLE001
|
||||||
|
logger.warning("ensure_bucket failed: %s", exc)
|
||||||
|
sessionmaker = get_sessionmaker()
|
||||||
|
logger.info(
|
||||||
|
"worker started; purge every %ds (recovery window %dd)",
|
||||||
|
settings.purge_interval_seconds,
|
||||||
|
settings.purge_after_days,
|
||||||
|
)
|
||||||
|
while True:
|
||||||
|
try:
|
||||||
|
await purge_once(sessionmaker, store)
|
||||||
|
except Exception as exc: # noqa: BLE001
|
||||||
|
logger.warning("purge cycle error: %s", exc)
|
||||||
|
await asyncio.sleep(settings.purge_interval_seconds)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
asyncio.run(main())
|
||||||
@@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
# Container entrypoint. When RUN_MIGRATIONS=1 (set on the backend service),
|
||||||
|
# apply DB migrations before handing off to the command. This makes a deploy
|
||||||
|
# self-migrating even when images are swapped in place (e.g. by Watchtower),
|
||||||
|
# without a separate orchestration step. `alembic upgrade head` is idempotent —
|
||||||
|
# a no-op when the schema is already current.
|
||||||
|
set -e
|
||||||
|
|
||||||
|
if [ "${RUN_MIGRATIONS:-0}" = "1" ]; then
|
||||||
|
echo "[entrypoint] applying database migrations (alembic upgrade head)…"
|
||||||
|
uv run --no-dev alembic upgrade head
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec "$@"
|
||||||
@@ -0,0 +1,65 @@
|
|||||||
|
"""media
|
||||||
|
|
||||||
|
Revision ID: 7fc7024ef432
|
||||||
|
Revises: 1f6e54f6406a
|
||||||
|
Create Date: 2026-06-06 21:44:03.204170
|
||||||
|
|
||||||
|
"""
|
||||||
|
from collections.abc import Sequence
|
||||||
|
|
||||||
|
from alembic import op
|
||||||
|
import sqlalchemy as sa
|
||||||
|
|
||||||
|
|
||||||
|
# revision identifiers, used by Alembic.
|
||||||
|
revision: str = '7fc7024ef432'
|
||||||
|
down_revision: str | None = '1f6e54f6406a'
|
||||||
|
branch_labels: str | Sequence[str] | None = None
|
||||||
|
depends_on: str | Sequence[str] | None = None
|
||||||
|
|
||||||
|
|
||||||
|
def upgrade() -> None:
|
||||||
|
# ### commands auto generated by Alembic - please adjust! ###
|
||||||
|
op.create_table('media',
|
||||||
|
sa.Column('uploader_id', sa.Uuid(), nullable=True),
|
||||||
|
sa.Column('storage_key', sa.String(length=512), nullable=False),
|
||||||
|
sa.Column('original_filename', sa.String(length=512), nullable=False),
|
||||||
|
sa.Column('content_type', sa.String(length=128), nullable=False),
|
||||||
|
sa.Column('byte_size', sa.BigInteger(), nullable=False),
|
||||||
|
sa.Column('checksum_sha256', sa.String(length=64), nullable=False),
|
||||||
|
sa.Column('title', sa.String(length=512), nullable=True),
|
||||||
|
sa.Column('person_id', sa.Uuid(), nullable=True),
|
||||||
|
sa.Column('event_id', sa.Uuid(), nullable=True),
|
||||||
|
sa.Column('source_id', sa.Uuid(), nullable=True),
|
||||||
|
sa.Column('id', sa.Uuid(), nullable=False),
|
||||||
|
sa.Column('tree_id', sa.Uuid(), nullable=False),
|
||||||
|
sa.Column('created_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
|
||||||
|
sa.Column('updated_at', sa.DateTime(timezone=True), server_default=sa.text('now()'), nullable=False),
|
||||||
|
sa.Column('deleted_at', sa.DateTime(timezone=True), nullable=True),
|
||||||
|
sa.ForeignKeyConstraint(['event_id'], ['events.id'], name=op.f('fk_media_event_id_events'), ondelete='SET NULL'),
|
||||||
|
sa.ForeignKeyConstraint(['person_id'], ['persons.id'], name=op.f('fk_media_person_id_persons'), ondelete='SET NULL'),
|
||||||
|
sa.ForeignKeyConstraint(['source_id'], ['sources.id'], name=op.f('fk_media_source_id_sources'), ondelete='SET NULL'),
|
||||||
|
sa.ForeignKeyConstraint(['tree_id'], ['trees.id'], name=op.f('fk_media_tree_id_trees'), ondelete='CASCADE'),
|
||||||
|
sa.ForeignKeyConstraint(['uploader_id'], ['users.id'], name=op.f('fk_media_uploader_id_users'), ondelete='SET NULL'),
|
||||||
|
sa.PrimaryKeyConstraint('id', name=op.f('pk_media')),
|
||||||
|
sa.UniqueConstraint('storage_key', name=op.f('uq_media_storage_key'))
|
||||||
|
)
|
||||||
|
op.create_index(op.f('ix_media_checksum_sha256'), 'media', ['checksum_sha256'], unique=False)
|
||||||
|
op.create_index(op.f('ix_media_event_id'), 'media', ['event_id'], unique=False)
|
||||||
|
op.create_index(op.f('ix_media_person_id'), 'media', ['person_id'], unique=False)
|
||||||
|
op.create_index(op.f('ix_media_source_id'), 'media', ['source_id'], unique=False)
|
||||||
|
op.create_index(op.f('ix_media_tree_id'), 'media', ['tree_id'], unique=False)
|
||||||
|
op.create_index(op.f('ix_media_uploader_id'), 'media', ['uploader_id'], unique=False)
|
||||||
|
# ### end Alembic commands ###
|
||||||
|
|
||||||
|
|
||||||
|
def downgrade() -> None:
|
||||||
|
# ### commands auto generated by Alembic - please adjust! ###
|
||||||
|
op.drop_index(op.f('ix_media_uploader_id'), table_name='media')
|
||||||
|
op.drop_index(op.f('ix_media_tree_id'), table_name='media')
|
||||||
|
op.drop_index(op.f('ix_media_source_id'), table_name='media')
|
||||||
|
op.drop_index(op.f('ix_media_person_id'), table_name='media')
|
||||||
|
op.drop_index(op.f('ix_media_event_id'), table_name='media')
|
||||||
|
op.drop_index(op.f('ix_media_checksum_sha256'), table_name='media')
|
||||||
|
op.drop_table('media')
|
||||||
|
# ### end Alembic commands ###
|
||||||
@@ -0,0 +1,33 @@
|
|||||||
|
"""pg_trgm extension + trigram name indexes for fuzzy search
|
||||||
|
|
||||||
|
Revision ID: 9a2b1c7d4e10
|
||||||
|
Revises: 7fc7024ef432
|
||||||
|
Create Date: 2026-06-07
|
||||||
|
|
||||||
|
"""
|
||||||
|
from collections.abc import Sequence
|
||||||
|
|
||||||
|
from alembic import op
|
||||||
|
|
||||||
|
revision: str = "9a2b1c7d4e10"
|
||||||
|
down_revision: str | None = "7fc7024ef432"
|
||||||
|
branch_labels: str | Sequence[str] | None = None
|
||||||
|
depends_on: str | Sequence[str] | None = None
|
||||||
|
|
||||||
|
|
||||||
|
def upgrade() -> None:
|
||||||
|
op.execute("CREATE EXTENSION IF NOT EXISTS pg_trgm")
|
||||||
|
op.execute(
|
||||||
|
"CREATE INDEX IF NOT EXISTS ix_names_given_trgm "
|
||||||
|
"ON names USING gin (given gin_trgm_ops)"
|
||||||
|
)
|
||||||
|
op.execute(
|
||||||
|
"CREATE INDEX IF NOT EXISTS ix_names_surname_trgm "
|
||||||
|
"ON names USING gin (surname gin_trgm_ops)"
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def downgrade() -> None:
|
||||||
|
op.execute("DROP INDEX IF EXISTS ix_names_surname_trgm")
|
||||||
|
op.execute("DROP INDEX IF EXISTS ix_names_given_trgm")
|
||||||
|
# Leave the pg_trgm extension in place; other features may rely on it.
|
||||||
@@ -0,0 +1,36 @@
|
|||||||
|
"""user.self_person_id ("home person" link)
|
||||||
|
|
||||||
|
Revision ID: b3d5f8a1c920
|
||||||
|
Revises: 9a2b1c7d4e10
|
||||||
|
Create Date: 2026-06-07
|
||||||
|
|
||||||
|
"""
|
||||||
|
from collections.abc import Sequence
|
||||||
|
|
||||||
|
import sqlalchemy as sa
|
||||||
|
from alembic import op
|
||||||
|
|
||||||
|
revision: str = "b3d5f8a1c920"
|
||||||
|
down_revision: str | None = "9a2b1c7d4e10"
|
||||||
|
branch_labels: str | Sequence[str] | None = None
|
||||||
|
depends_on: str | Sequence[str] | None = None
|
||||||
|
|
||||||
|
|
||||||
|
def upgrade() -> None:
|
||||||
|
op.add_column(
|
||||||
|
"users",
|
||||||
|
sa.Column("self_person_id", sa.Uuid(), nullable=True),
|
||||||
|
)
|
||||||
|
op.create_foreign_key(
|
||||||
|
"fk_users_self_person_id",
|
||||||
|
"users",
|
||||||
|
"persons",
|
||||||
|
["self_person_id"],
|
||||||
|
["id"],
|
||||||
|
ondelete="SET NULL",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def downgrade() -> None:
|
||||||
|
op.drop_constraint("fk_users_self_person_id", "users", type_="foreignkey")
|
||||||
|
op.drop_column("users", "self_person_id")
|
||||||
@@ -0,0 +1,33 @@
|
|||||||
|
"""tree.home_person_id (per-tree default/home person)
|
||||||
|
|
||||||
|
Revision ID: c7e1a4f2d3b8
|
||||||
|
Revises: b3d5f8a1c920
|
||||||
|
Create Date: 2026-06-07
|
||||||
|
|
||||||
|
"""
|
||||||
|
from collections.abc import Sequence
|
||||||
|
|
||||||
|
import sqlalchemy as sa
|
||||||
|
from alembic import op
|
||||||
|
|
||||||
|
revision: str = "c7e1a4f2d3b8"
|
||||||
|
down_revision: str | None = "b3d5f8a1c920"
|
||||||
|
branch_labels: str | Sequence[str] | None = None
|
||||||
|
depends_on: str | Sequence[str] | None = None
|
||||||
|
|
||||||
|
|
||||||
|
def upgrade() -> None:
|
||||||
|
op.add_column("trees", sa.Column("home_person_id", sa.Uuid(), nullable=True))
|
||||||
|
op.create_foreign_key(
|
||||||
|
"fk_trees_home_person_id",
|
||||||
|
"trees",
|
||||||
|
"persons",
|
||||||
|
["home_person_id"],
|
||||||
|
["id"],
|
||||||
|
ondelete="SET NULL",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def downgrade() -> None:
|
||||||
|
op.drop_constraint("fk_trees_home_person_id", "trees", type_="foreignkey")
|
||||||
|
op.drop_column("trees", "home_person_id")
|
||||||
@@ -0,0 +1,28 @@
|
|||||||
|
"""tree_visibility: add 'site_members' value
|
||||||
|
|
||||||
|
Revision ID: d4a9c1e7b2f3
|
||||||
|
Revises: c7e1a4f2d3b8
|
||||||
|
Create Date: 2026-06-09
|
||||||
|
|
||||||
|
"""
|
||||||
|
from collections.abc import Sequence
|
||||||
|
|
||||||
|
from alembic import op
|
||||||
|
|
||||||
|
revision: str = "d4a9c1e7b2f3"
|
||||||
|
down_revision: str | None = "c7e1a4f2d3b8"
|
||||||
|
branch_labels: str | Sequence[str] | None = None
|
||||||
|
depends_on: str | Sequence[str] | None = None
|
||||||
|
|
||||||
|
|
||||||
|
def upgrade() -> None:
|
||||||
|
# ALTER TYPE ... ADD VALUE cannot run inside a transaction block on older
|
||||||
|
# Postgres; run it in an autocommit block so it applies regardless of version.
|
||||||
|
with op.get_context().autocommit_block():
|
||||||
|
op.execute("ALTER TYPE tree_visibility ADD VALUE IF NOT EXISTS 'site_members'")
|
||||||
|
|
||||||
|
|
||||||
|
def downgrade() -> None:
|
||||||
|
# Postgres cannot drop an enum value without rebuilding the type; treat the
|
||||||
|
# added value as irreversible. (Rows using it would block a rebuild anyway.)
|
||||||
|
pass
|
||||||
@@ -12,6 +12,8 @@ dependencies = [
|
|||||||
"asyncpg>=0.30",
|
"asyncpg>=0.30",
|
||||||
"alembic>=1.14",
|
"alembic>=1.14",
|
||||||
"argon2-cffi>=23.1",
|
"argon2-cffi>=23.1",
|
||||||
|
"boto3>=1.35",
|
||||||
|
"python-multipart>=0.0.12",
|
||||||
]
|
]
|
||||||
|
|
||||||
[dependency-groups]
|
[dependency-groups]
|
||||||
@@ -36,6 +38,10 @@ extend-exclude = ["migrations/versions"]
|
|||||||
[tool.ruff.lint]
|
[tool.ruff.lint]
|
||||||
select = ["E", "F", "I", "UP", "B"]
|
select = ["E", "F", "I", "UP", "B"]
|
||||||
|
|
||||||
|
[tool.ruff.lint.flake8-bugbear]
|
||||||
|
# FastAPI uses these as call-expressions in argument defaults by design.
|
||||||
|
extend-immutable-calls = ["fastapi.File", "fastapi.Form", "fastapi.Depends", "fastapi.Query", "fastapi.Header"]
|
||||||
|
|
||||||
[tool.pytest.ini_options]
|
[tool.pytest.ini_options]
|
||||||
asyncio_mode = "auto"
|
asyncio_mode = "auto"
|
||||||
pythonpath = ["."]
|
pythonpath = ["."]
|
||||||
|
|||||||
@@ -11,12 +11,14 @@ import os
|
|||||||
import pytest
|
import pytest
|
||||||
import pytest_asyncio
|
import pytest_asyncio
|
||||||
from httpx import ASGITransport, AsyncClient
|
from httpx import ASGITransport, AsyncClient
|
||||||
|
from sqlalchemy import text
|
||||||
from sqlalchemy.ext.asyncio import AsyncSession, async_sessionmaker, create_async_engine
|
from sqlalchemy.ext.asyncio import AsyncSession, async_sessionmaker, create_async_engine
|
||||||
|
|
||||||
import app.models # noqa: F401 — register all models on Base.metadata
|
import app.models # noqa: F401 — register all models on Base.metadata
|
||||||
from app.api.deps import get_mailer
|
from app.api.deps import get_mailer, get_objectstore
|
||||||
from app.core.db import get_session
|
from app.core.db import get_session
|
||||||
from app.integrations.mailer.base import Mailer
|
from app.integrations.mailer.base import Mailer
|
||||||
|
from app.integrations.objectstore.base import ObjectStore
|
||||||
from app.main import app
|
from app.main import app
|
||||||
from app.models import Base
|
from app.models import Base
|
||||||
|
|
||||||
@@ -35,7 +37,28 @@ class CapturingMailer(Mailer):
|
|||||||
self.resets.append((to, link))
|
self.resets.append((to, link))
|
||||||
|
|
||||||
|
|
||||||
|
class FakeObjectStore(ObjectStore):
|
||||||
|
def __init__(self) -> None:
|
||||||
|
self.objects: dict[str, tuple[bytes, str]] = {}
|
||||||
|
|
||||||
|
async def ensure_bucket(self) -> None:
|
||||||
|
pass
|
||||||
|
|
||||||
|
async def put_object(self, *, key: str, data: bytes, content_type: str) -> None:
|
||||||
|
self.objects[key] = (data, content_type)
|
||||||
|
|
||||||
|
async def get_object(self, *, key: str) -> bytes:
|
||||||
|
return self.objects[key][0]
|
||||||
|
|
||||||
|
async def presigned_get_url(self, *, key: str) -> str:
|
||||||
|
return f"https://objects.test/{key}"
|
||||||
|
|
||||||
|
async def delete_object(self, *, key: str) -> None:
|
||||||
|
self.objects.pop(key, None)
|
||||||
|
|
||||||
|
|
||||||
_mailer = CapturingMailer()
|
_mailer = CapturingMailer()
|
||||||
|
_store = FakeObjectStore()
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
@@ -44,15 +67,21 @@ def mailer() -> CapturingMailer:
|
|||||||
|
|
||||||
|
|
||||||
@pytest_asyncio.fixture
|
@pytest_asyncio.fixture
|
||||||
async def client():
|
async def engine():
|
||||||
if not TEST_DATABASE_URL:
|
if not TEST_DATABASE_URL:
|
||||||
pytest.skip("TEST_DATABASE_URL not set")
|
pytest.skip("TEST_DATABASE_URL not set")
|
||||||
|
|
||||||
engine = create_async_engine(TEST_DATABASE_URL)
|
eng = create_async_engine(TEST_DATABASE_URL)
|
||||||
async with engine.begin() as conn:
|
async with eng.begin() as conn:
|
||||||
|
await conn.execute(text("CREATE EXTENSION IF NOT EXISTS pg_trgm"))
|
||||||
await conn.run_sync(Base.metadata.drop_all)
|
await conn.run_sync(Base.metadata.drop_all)
|
||||||
await conn.run_sync(Base.metadata.create_all)
|
await conn.run_sync(Base.metadata.create_all)
|
||||||
|
yield eng
|
||||||
|
await eng.dispose()
|
||||||
|
|
||||||
|
|
||||||
|
@pytest_asyncio.fixture
|
||||||
|
async def client(engine):
|
||||||
sessionmaker = async_sessionmaker(engine, expire_on_commit=False, class_=AsyncSession)
|
sessionmaker = async_sessionmaker(engine, expire_on_commit=False, class_=AsyncSession)
|
||||||
|
|
||||||
async def _override_session():
|
async def _override_session():
|
||||||
@@ -61,15 +90,24 @@ async def client():
|
|||||||
|
|
||||||
_mailer.verifications.clear()
|
_mailer.verifications.clear()
|
||||||
_mailer.resets.clear()
|
_mailer.resets.clear()
|
||||||
|
_store.objects.clear()
|
||||||
app.dependency_overrides[get_session] = _override_session
|
app.dependency_overrides[get_session] = _override_session
|
||||||
app.dependency_overrides[get_mailer] = lambda: _mailer
|
app.dependency_overrides[get_mailer] = lambda: _mailer
|
||||||
|
app.dependency_overrides[get_objectstore] = lambda: _store
|
||||||
|
|
||||||
transport = ASGITransport(app=app)
|
transport = ASGITransport(app=app)
|
||||||
async with AsyncClient(transport=transport, base_url="http://test") as http_client:
|
async with AsyncClient(transport=transport, base_url="http://test") as http_client:
|
||||||
yield http_client
|
yield http_client
|
||||||
|
|
||||||
app.dependency_overrides.clear()
|
app.dependency_overrides.clear()
|
||||||
await engine.dispose()
|
|
||||||
|
|
||||||
|
@pytest_asyncio.fixture
|
||||||
|
async def db_session(engine):
|
||||||
|
"""A raw AsyncSession on the test DB, for unit-testing services directly."""
|
||||||
|
sessionmaker = async_sessionmaker(engine, expire_on_commit=False, class_=AsyncSession)
|
||||||
|
async with sessionmaker() as session:
|
||||||
|
yield session
|
||||||
|
|
||||||
|
|
||||||
def token_from_link(link: str) -> str:
|
def token_from_link(link: str) -> str:
|
||||||
|
|||||||
@@ -0,0 +1,86 @@
|
|||||||
|
"""Account export -> restore round-trip, and account deletion."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def _seed(client, h):
|
||||||
|
tid = (await client.post("/api/v1/trees", json={"name": "Fam"}, headers=h)).json()["id"]
|
||||||
|
p1 = (
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons", json={"given": "Ada", "surname": "Lovelace"}, headers=h
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
p2 = (
|
||||||
|
await client.post(f"/api/v1/trees/{tid}/persons", json={"given": "Kid"}, headers=h)
|
||||||
|
).json()["id"]
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/relationships",
|
||||||
|
json={"type": "parent_child", "person_from_id": p1, "person_to_id": p2},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/events",
|
||||||
|
json={"event_type": "birth", "person_id": p1, "date_value": "1815"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/media",
|
||||||
|
files={"file": ("scan.txt", b"hello", "text/plain")},
|
||||||
|
data={"title": "Scan", "person_id": p1},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
return tid
|
||||||
|
|
||||||
|
|
||||||
|
async def test_export_then_restore_roundtrip(client):
|
||||||
|
h = auth(await register(client, "exp@example.com"))
|
||||||
|
await _seed(client, h)
|
||||||
|
|
||||||
|
export = await client.get("/api/v1/users/me/export", headers=h)
|
||||||
|
assert export.status_code == 200
|
||||||
|
assert export.headers["content-type"] == "application/zip"
|
||||||
|
blob = export.content
|
||||||
|
assert blob[:2] == b"PK" # zip magic
|
||||||
|
|
||||||
|
# Restore into new trees (non-destructive: the original stays).
|
||||||
|
r = await client.post(
|
||||||
|
"/api/v1/users/me/import",
|
||||||
|
files={"file": ("provenance-export.zip", blob, "application/zip")},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert r.status_code == 200, r.text
|
||||||
|
counts = r.json()
|
||||||
|
assert counts["trees"] == 1 and counts["persons"] == 2
|
||||||
|
assert counts["events"] == 1 and counts["media"] == 1
|
||||||
|
|
||||||
|
trees = (await client.get("/api/v1/trees", headers=h)).json()
|
||||||
|
assert len(trees) == 2 # original + restored
|
||||||
|
|
||||||
|
# The restored tree has the people, with a working relationship and media.
|
||||||
|
restored = [t for t in trees if t["name"] == "Fam"][1]["id"]
|
||||||
|
ppl = (await client.get(f"/api/v1/trees/{restored}/persons", headers=h)).json()
|
||||||
|
assert {p["primary_name"] for p in ppl} == {"Ada Lovelace", "Kid"}
|
||||||
|
rels = (await client.get(f"/api/v1/trees/{restored}/relationships", headers=h)).json()
|
||||||
|
assert len(rels) == 1
|
||||||
|
med = (await client.get(f"/api/v1/trees/{restored}/media", headers=h)).json()
|
||||||
|
assert len(med) == 1 and med[0]["title"] == "Scan"
|
||||||
|
|
||||||
|
|
||||||
|
async def test_delete_account_requires_email_then_revokes(client):
|
||||||
|
token = await register(client, "del@example.com")
|
||||||
|
h = auth(token)
|
||||||
|
await _seed(client, h)
|
||||||
|
|
||||||
|
# Wrong email is rejected.
|
||||||
|
bad = await client.request(
|
||||||
|
"DELETE", "/api/v1/users/me", data={"confirm_email": "nope@example.com"}, headers=h
|
||||||
|
)
|
||||||
|
assert bad.status_code == 403
|
||||||
|
|
||||||
|
ok = await client.request(
|
||||||
|
"DELETE", "/api/v1/users/me", data={"confirm_email": "del@example.com"}, headers=h
|
||||||
|
)
|
||||||
|
assert ok.status_code == 204
|
||||||
|
|
||||||
|
# Session is revoked — the token no longer works.
|
||||||
|
assert (await client.get("/api/v1/users/me", headers=h)).status_code == 401
|
||||||
@@ -0,0 +1,53 @@
|
|||||||
|
"""Change password and per-tree home person."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def test_change_password(client):
|
||||||
|
token = await register(client, "cp@example.com", password="password123")
|
||||||
|
h = auth(token)
|
||||||
|
|
||||||
|
# Wrong current password is rejected.
|
||||||
|
bad = await client.post(
|
||||||
|
"/api/v1/auth/change-password",
|
||||||
|
json={"current_password": "nope", "new_password": "newpass123"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert bad.status_code == 403
|
||||||
|
|
||||||
|
ok = await client.post(
|
||||||
|
"/api/v1/auth/change-password",
|
||||||
|
json={"current_password": "password123", "new_password": "newpass123"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert ok.status_code == 204
|
||||||
|
|
||||||
|
# The new password logs in; the old one does not.
|
||||||
|
assert (
|
||||||
|
await client.post(
|
||||||
|
"/api/v1/auth/login", json={"email": "cp@example.com", "password": "newpass123"}
|
||||||
|
)
|
||||||
|
).status_code == 200
|
||||||
|
assert (
|
||||||
|
await client.post(
|
||||||
|
"/api/v1/auth/login", json={"email": "cp@example.com", "password": "password123"}
|
||||||
|
)
|
||||||
|
).status_code == 401
|
||||||
|
|
||||||
|
|
||||||
|
async def test_tree_home_person(client):
|
||||||
|
h = auth(await register(client, "home@example.com"))
|
||||||
|
tid = (await client.post("/api/v1/trees", json={"name": "T"}, headers=h)).json()["id"]
|
||||||
|
pid = (
|
||||||
|
await client.post(f"/api/v1/trees/{tid}/persons", json={"given": "Root"}, headers=h)
|
||||||
|
).json()["id"]
|
||||||
|
|
||||||
|
r = await client.patch(
|
||||||
|
f"/api/v1/trees/{tid}", json={"home_person_id": pid}, headers=h
|
||||||
|
)
|
||||||
|
assert r.status_code == 200 and r.json()["home_person_id"] == pid
|
||||||
|
|
||||||
|
# Deleting the home person clears the link.
|
||||||
|
await client.delete(f"/api/v1/trees/{tid}/persons/{pid}", headers=h)
|
||||||
|
tree = (await client.get(f"/api/v1/trees/{tid}", headers=h)).json()
|
||||||
|
assert tree["home_person_id"] is None
|
||||||
@@ -0,0 +1,129 @@
|
|||||||
|
"""Tree cleanup: preview/apply for deceased-by-year, gender-from-source, names."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def _tree(client, email):
|
||||||
|
h = auth(await register(client, email))
|
||||||
|
tid = (await client.post("/api/v1/trees", json={"name": "T"}, headers=h)).json()["id"]
|
||||||
|
return h, tid
|
||||||
|
|
||||||
|
|
||||||
|
async def _person(client, h, tid, given, surname=None):
|
||||||
|
return (
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons", json={"given": given, "surname": surname}, headers=h
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
|
||||||
|
|
||||||
|
async def _birth(client, h, tid, pid, year):
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/events",
|
||||||
|
json={"event_type": "birth", "person_id": pid, "date_value": str(year)},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
async def test_deceased_preview_and_apply(client):
|
||||||
|
h, tid = await _tree(client, "cl-dec@example.com")
|
||||||
|
old = await _person(client, h, tid, "Josias", "Moody")
|
||||||
|
young = await _person(client, h, tid, "Kid", "Moody")
|
||||||
|
await _birth(client, h, tid, old, 1900)
|
||||||
|
await _birth(client, h, tid, young, 1990)
|
||||||
|
|
||||||
|
prev = (
|
||||||
|
await client.get(f"/api/v1/trees/{tid}/cleanup/deceased?born_on_or_before=1930", headers=h)
|
||||||
|
).json()
|
||||||
|
assert [r["person_id"] for r in prev] == [old]
|
||||||
|
|
||||||
|
r = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/cleanup/deceased", json={"person_ids": [old]}, headers=h
|
||||||
|
)
|
||||||
|
assert r.status_code == 200 and r.json()["updated"] == 1
|
||||||
|
assert (
|
||||||
|
await client.get(f"/api/v1/trees/{tid}/persons/{old}", headers=h)
|
||||||
|
).json()["is_living"] is False
|
||||||
|
# Re-preview no longer lists the now-deceased person.
|
||||||
|
prev2 = (
|
||||||
|
await client.get(f"/api/v1/trees/{tid}/cleanup/deceased?born_on_or_before=1930", headers=h)
|
||||||
|
).json()
|
||||||
|
assert old not in [r["person_id"] for r in prev2]
|
||||||
|
|
||||||
|
|
||||||
|
GED = b"""0 HEAD
|
||||||
|
0 @I1@ INDI
|
||||||
|
1 NAME Josias /Moody/
|
||||||
|
1 SEX M
|
||||||
|
0 @I2@ INDI
|
||||||
|
1 NAME Flora /Paul/
|
||||||
|
1 SEX F
|
||||||
|
0 TRLR
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
async def test_gender_from_source(client):
|
||||||
|
h, tid = await _tree(client, "cl-gen@example.com")
|
||||||
|
await _person(client, h, tid, "Josias", "Moody")
|
||||||
|
await _person(client, h, tid, "Flora", "Paul")
|
||||||
|
await _person(client, h, tid, "Nobody", "Else") # not in source
|
||||||
|
|
||||||
|
prev = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/cleanup/gender/preview",
|
||||||
|
files={"file": ("src.ged", GED, "text/plain")},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
props = prev.json()
|
||||||
|
by_name = {p["name"]: p["proposed_gender"] for p in props}
|
||||||
|
assert by_name == {"Josias Moody": "male", "Flora Paul": "female"}
|
||||||
|
|
||||||
|
updates = [{"person_id": p["person_id"], "gender": p["proposed_gender"]} for p in props]
|
||||||
|
r = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/cleanup/gender", json={"updates": updates}, headers=h
|
||||||
|
)
|
||||||
|
assert r.status_code == 200 and r.json()["updated"] == 2
|
||||||
|
people = (await client.get(f"/api/v1/trees/{tid}/persons", headers=h)).json()
|
||||||
|
genders = {p["primary_name"]: p["gender"] for p in people}
|
||||||
|
assert genders["Josias Moody"] == "male" and genders["Flora Paul"] == "female"
|
||||||
|
|
||||||
|
|
||||||
|
async def test_guess_gender_from_first_name(client):
|
||||||
|
h, tid = await _tree(client, "cl-guess@example.com")
|
||||||
|
await _person(client, h, tid, "William", "Paul") # male
|
||||||
|
await _person(client, h, tid, "Flora", "Reier") # female
|
||||||
|
await _person(client, h, tid, "Marion", "Doe") # ambiguous -> skipped
|
||||||
|
# Already-gendered person is left alone even if guessable.
|
||||||
|
gendered = await _person(client, h, tid, "James", "Known")
|
||||||
|
await client.patch(
|
||||||
|
f"/api/v1/trees/{tid}/persons/{gendered}", json={"gender": "male"}, headers=h
|
||||||
|
)
|
||||||
|
|
||||||
|
prev = (await client.get(f"/api/v1/trees/{tid}/cleanup/gender/guess", headers=h)).json()
|
||||||
|
by = {p["name"]: p["proposed_gender"] for p in prev}
|
||||||
|
assert by == {"William Paul": "male", "Flora Reier": "female"}
|
||||||
|
|
||||||
|
updates = [{"person_id": p["person_id"], "gender": p["proposed_gender"]} for p in prev]
|
||||||
|
r = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/cleanup/gender", json={"updates": updates}, headers=h
|
||||||
|
)
|
||||||
|
assert r.status_code == 200 and r.json()["updated"] == 2
|
||||||
|
|
||||||
|
|
||||||
|
async def test_name_issues_preview_and_fix(client):
|
||||||
|
h, tid = await _tree(client, "cl-name@example.com")
|
||||||
|
# surname got a date; real surname landed in the given name.
|
||||||
|
bad = await _person(client, h, tid, "Henry Paul", "1859")
|
||||||
|
await _person(client, h, tid, "Normal", "Person") # should not be flagged
|
||||||
|
|
||||||
|
issues = (await client.get(f"/api/v1/trees/{tid}/cleanup/names", headers=h)).json()
|
||||||
|
assert len(issues) == 1 and issues[0]["issue"] == "date_in_surname"
|
||||||
|
name_id = issues[0]["name_id"]
|
||||||
|
|
||||||
|
r = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/cleanup/names",
|
||||||
|
json={"edits": [{"name_id": name_id, "given": "Henry", "surname": "Paul"}]},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert r.status_code == 200 and r.json()["updated"] == 1
|
||||||
|
person = (await client.get(f"/api/v1/trees/{tid}/persons/{bad}", headers=h)).json()
|
||||||
|
assert person["primary_name"] == "Henry Paul"
|
||||||
@@ -68,6 +68,25 @@ async def test_public_tree_viewable_but_not_editable_by_non_member(client):
|
|||||||
assert resp.status_code == 403
|
assert resp.status_code == 403
|
||||||
|
|
||||||
|
|
||||||
|
async def test_person_update(client):
|
||||||
|
token = await register(client, "edit@example.com")
|
||||||
|
h = auth(token)
|
||||||
|
tid = (await client.post("/api/v1/trees", json={"name": "T"}, headers=h)).json()["id"]
|
||||||
|
pid = (
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons", json={"given": "Jon", "surname": "Smith"}, headers=h
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
resp = await client.patch(
|
||||||
|
f"/api/v1/trees/{tid}/persons/{pid}",
|
||||||
|
json={"given": "John", "gender": "male"},
|
||||||
|
headers=auth(token),
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200, resp.text
|
||||||
|
assert resp.json()["primary_name"] == "John Smith"
|
||||||
|
assert resp.json()["gender"] == "male"
|
||||||
|
|
||||||
|
|
||||||
async def test_auth_required_without_token(client):
|
async def test_auth_required_without_token(client):
|
||||||
resp = await client.get("/api/v1/trees")
|
resp = await client.get("/api/v1/trees")
|
||||||
assert resp.status_code == 401
|
assert resp.status_code == 401
|
||||||
|
|||||||
@@ -0,0 +1,79 @@
|
|||||||
|
"""Update (the U in CRUD) for the remaining entities — rule #8."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def _setup(client, email):
|
||||||
|
h = auth(await register(client, email))
|
||||||
|
tid = (await client.post("/api/v1/trees", json={"name": "T"}, headers=h)).json()["id"]
|
||||||
|
return h, tid
|
||||||
|
|
||||||
|
|
||||||
|
async def test_tree_update(client):
|
||||||
|
h, tid = await _setup(client, "u-tree@example.com")
|
||||||
|
r = await client.patch(
|
||||||
|
f"/api/v1/trees/{tid}", json={"name": "Renamed", "visibility": "unlisted"}, headers=h
|
||||||
|
)
|
||||||
|
assert r.status_code == 200
|
||||||
|
assert r.json()["name"] == "Renamed" and r.json()["visibility"] == "unlisted"
|
||||||
|
|
||||||
|
|
||||||
|
async def test_source_update(client):
|
||||||
|
h, tid = await _setup(client, "u-src@example.com")
|
||||||
|
sid = (
|
||||||
|
await client.post(f"/api/v1/trees/{tid}/sources", json={"title": "Old"}, headers=h)
|
||||||
|
).json()["id"]
|
||||||
|
r = await client.patch(
|
||||||
|
f"/api/v1/trees/{tid}/sources/{sid}",
|
||||||
|
json={"title": "New", "repository": "NARA"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert r.status_code == 200
|
||||||
|
assert r.json()["title"] == "New" and r.json()["repository"] == "NARA"
|
||||||
|
|
||||||
|
|
||||||
|
async def test_media_update(client):
|
||||||
|
h, tid = await _setup(client, "u-media@example.com")
|
||||||
|
mid = (
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/media",
|
||||||
|
files={"file": ("a.txt", b"x", "text/plain")},
|
||||||
|
data={"title": "old"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
r = await client.patch(f"/api/v1/trees/{tid}/media/{mid}", json={"title": "new"}, headers=h)
|
||||||
|
assert r.status_code == 200 and r.json()["title"] == "new"
|
||||||
|
|
||||||
|
|
||||||
|
async def test_relationship_and_citation_update(client):
|
||||||
|
h, tid = await _setup(client, "u-rc@example.com")
|
||||||
|
|
||||||
|
async def mk(path, body):
|
||||||
|
return (await client.post(f"/api/v1/trees/{tid}/{path}", json=body, headers=h)).json()["id"]
|
||||||
|
|
||||||
|
p1 = await mk("persons", {"given": "A"})
|
||||||
|
p2 = await mk("persons", {"given": "B"})
|
||||||
|
rid = await mk(
|
||||||
|
"relationships",
|
||||||
|
{
|
||||||
|
"type": "parent_child",
|
||||||
|
"person_from_id": p1,
|
||||||
|
"person_to_id": p2,
|
||||||
|
"qualifier": "biological",
|
||||||
|
},
|
||||||
|
)
|
||||||
|
r = await client.patch(
|
||||||
|
f"/api/v1/trees/{tid}/relationships/{rid}", json={"qualifier": "adoptive"}, headers=h
|
||||||
|
)
|
||||||
|
assert r.status_code == 200 and r.json()["qualifier"] == "adoptive"
|
||||||
|
|
||||||
|
src = await mk("sources", {"title": "S"})
|
||||||
|
cid = await mk("citations", {"source_id": src, "person_id": p1})
|
||||||
|
r2 = await client.patch(
|
||||||
|
f"/api/v1/trees/{tid}/citations/{cid}",
|
||||||
|
json={"page": "p.7", "confidence": "high"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert r2.status_code == 200
|
||||||
|
assert r2.json()["page"] == "p.7" and r2.json()["confidence"] == "high"
|
||||||
@@ -0,0 +1,83 @@
|
|||||||
|
"""Deletion integrity (relationship cleanup + cascade) and the self-person link."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def _setup(client, email):
|
||||||
|
h = auth(await register(client, email))
|
||||||
|
tid = (await client.post("/api/v1/trees", json={"name": "T"}, headers=h)).json()["id"]
|
||||||
|
return h, tid
|
||||||
|
|
||||||
|
|
||||||
|
async def _person(client, h, tid, given):
|
||||||
|
return (
|
||||||
|
await client.post(f"/api/v1/trees/{tid}/persons", json={"given": given}, headers=h)
|
||||||
|
).json()["id"]
|
||||||
|
|
||||||
|
|
||||||
|
async def _link_parent(client, h, tid, parent, child):
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/relationships",
|
||||||
|
json={"type": "parent_child", "person_from_id": parent, "person_to_id": child},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
async def test_delete_removes_relationships(client):
|
||||||
|
h, tid = await _setup(client, "d-rels@example.com")
|
||||||
|
gp = await _person(client, h, tid, "Grandpa")
|
||||||
|
dad = await _person(client, h, tid, "Dad")
|
||||||
|
await _link_parent(client, h, tid, gp, dad)
|
||||||
|
|
||||||
|
r = await client.delete(f"/api/v1/trees/{tid}/persons/{gp}", headers=h)
|
||||||
|
assert r.status_code == 200 and r.json()["deleted"] == 1
|
||||||
|
|
||||||
|
# The dangling edge is gone, so the tree view can't break on it.
|
||||||
|
rels = (
|
||||||
|
await client.get(f"/api/v1/trees/{tid}/relationships", headers=h)
|
||||||
|
).json()
|
||||||
|
assert rels == []
|
||||||
|
# Dad survives.
|
||||||
|
ppl = {p["id"] for p in (await client.get(f"/api/v1/trees/{tid}/persons", headers=h)).json()}
|
||||||
|
assert dad in ppl and gp not in ppl
|
||||||
|
|
||||||
|
|
||||||
|
async def test_cascade_deletes_descendants(client):
|
||||||
|
h, tid = await _setup(client, "d-cascade@example.com")
|
||||||
|
gp = await _person(client, h, tid, "Grandpa")
|
||||||
|
dad = await _person(client, h, tid, "Dad")
|
||||||
|
kid = await _person(client, h, tid, "Kid")
|
||||||
|
await _link_parent(client, h, tid, gp, dad)
|
||||||
|
await _link_parent(client, h, tid, dad, kid)
|
||||||
|
|
||||||
|
r = await client.delete(f"/api/v1/trees/{tid}/persons/{gp}?cascade=true", headers=h)
|
||||||
|
assert r.status_code == 200 and r.json()["deleted"] == 3
|
||||||
|
ppl = (await client.get(f"/api/v1/trees/{tid}/persons", headers=h)).json()
|
||||||
|
assert ppl == []
|
||||||
|
|
||||||
|
|
||||||
|
async def test_self_person_link(client):
|
||||||
|
h, tid = await _setup(client, "self@example.com")
|
||||||
|
me = await _person(client, h, tid, "Me")
|
||||||
|
|
||||||
|
r = await client.patch(
|
||||||
|
"/api/v1/users/me/self-person", json={"self_person_id": me}, headers=h
|
||||||
|
)
|
||||||
|
assert r.status_code == 200 and r.json()["self_person_id"] == me
|
||||||
|
|
||||||
|
# Reflected on /me.
|
||||||
|
assert (await client.get("/api/v1/users/me", headers=h)).json()["self_person_id"] == me
|
||||||
|
|
||||||
|
# Deleting that person clears the link (SET NULL).
|
||||||
|
await client.delete(f"/api/v1/trees/{tid}/persons/{me}", headers=h)
|
||||||
|
assert (await client.get("/api/v1/users/me", headers=h)).json()["self_person_id"] is None
|
||||||
|
|
||||||
|
|
||||||
|
async def test_self_person_clear(client):
|
||||||
|
h, tid = await _setup(client, "self-clear@example.com")
|
||||||
|
me = await _person(client, h, tid, "Me")
|
||||||
|
await client.patch("/api/v1/users/me/self-person", json={"self_person_id": me}, headers=h)
|
||||||
|
r = await client.patch(
|
||||||
|
"/api/v1/users/me/self-person", json={"self_person_id": None}, headers=h
|
||||||
|
)
|
||||||
|
assert r.status_code == 200 and r.json()["self_person_id"] is None
|
||||||
@@ -0,0 +1,183 @@
|
|||||||
|
"""GEDCOM import + export round-trip."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
SAMPLE = b"""0 HEAD
|
||||||
|
1 CHAR UTF-8
|
||||||
|
0 @I1@ INDI
|
||||||
|
1 NAME John /Smith/
|
||||||
|
1 SEX M
|
||||||
|
1 BIRT
|
||||||
|
2 DATE 1850
|
||||||
|
2 PLAC Boston, Massachusetts
|
||||||
|
0 @I2@ INDI
|
||||||
|
1 NAME Mary /Jones/
|
||||||
|
1 SEX F
|
||||||
|
0 @I3@ INDI
|
||||||
|
1 NAME Junior /Smith/
|
||||||
|
1 BIRT
|
||||||
|
2 DATE 1872
|
||||||
|
0 @F1@ FAM
|
||||||
|
1 HUSB @I1@
|
||||||
|
1 WIFE @I2@
|
||||||
|
1 CHIL @I3@
|
||||||
|
1 MARR
|
||||||
|
2 DATE 1870
|
||||||
|
0 TRLR
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
async def _tree(client, email):
|
||||||
|
h = auth(await register(client, email))
|
||||||
|
tid = (await client.post("/api/v1/trees", json={"name": "Imported"}, headers=h)).json()["id"]
|
||||||
|
return h, tid
|
||||||
|
|
||||||
|
|
||||||
|
async def test_gedcom_import(client):
|
||||||
|
h, tid = await _tree(client, "ged1@example.com")
|
||||||
|
resp = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/gedcom/import",
|
||||||
|
files={"file": ("sample.ged", SAMPLE, "text/plain")},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200, resp.text
|
||||||
|
counts = resp.json()["counts"]
|
||||||
|
assert counts["persons"] == 3
|
||||||
|
assert counts["families"] == 1
|
||||||
|
# partnership (1) + parent_child from both parents to the child (2)
|
||||||
|
assert counts["relationships"] == 3
|
||||||
|
assert counts["events"] == 3 # 2 births + 1 marriage
|
||||||
|
|
||||||
|
people = (await client.get(f"/api/v1/trees/{tid}/persons", headers=h)).json()
|
||||||
|
assert len(people) == 3
|
||||||
|
rels = (await client.get(f"/api/v1/trees/{tid}/relationships", headers=h)).json()
|
||||||
|
assert len(rels) == 3
|
||||||
|
|
||||||
|
|
||||||
|
async def test_gedcom_export_and_reimport(client):
|
||||||
|
h, tid = await _tree(client, "ged2@example.com")
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/gedcom/import",
|
||||||
|
files={"file": ("sample.ged", SAMPLE, "text/plain")},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
exported = await client.get(f"/api/v1/trees/{tid}/gedcom/export", headers=h)
|
||||||
|
assert exported.status_code == 200
|
||||||
|
text = exported.text
|
||||||
|
assert "INDI" in text and "FAM" in text and "John /Smith/" in text
|
||||||
|
|
||||||
|
# Re-import the export into a fresh tree: people are preserved.
|
||||||
|
tid2 = (await client.post("/api/v1/trees", json={"name": "Round"}, headers=h)).json()["id"]
|
||||||
|
resp = await client.post(
|
||||||
|
f"/api/v1/trees/{tid2}/gedcom/import",
|
||||||
|
files={"file": ("rt.ged", text.encode(), "text/plain")},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert resp.json()["counts"]["persons"] == 3
|
||||||
|
assert resp.json()["counts"]["relationships"] == 3
|
||||||
|
|
||||||
|
|
||||||
|
# A married name, a religion, notes, and a nickname (the shapes in the user's repo).
|
||||||
|
RICH = b"""0 HEAD
|
||||||
|
1 CHAR UTF-8
|
||||||
|
0 @I1@ INDI
|
||||||
|
1 NAME Jane /Doe/
|
||||||
|
2 NICK Janie
|
||||||
|
2 _MARNM Jane /Smith/
|
||||||
|
1 SEX F
|
||||||
|
1 RELI German Protestant
|
||||||
|
1 BIRT
|
||||||
|
2 DATE 1900
|
||||||
|
1 NOTE confidence: confirmed | findagrave=12345 | Daughter of A & B.
|
||||||
|
0 TRLR
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
async def test_import_marnm_reli_note(client):
|
||||||
|
h, tid = await _tree(client, "ged-rich@example.com")
|
||||||
|
resp = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/gedcom/import",
|
||||||
|
files={"file": ("rich.ged", RICH, "text/plain")},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200, resp.text
|
||||||
|
report = resp.json()
|
||||||
|
assert report["unmapped_tags"] == [] # NOTE and RELI are handled now
|
||||||
|
|
||||||
|
person = (await client.get(f"/api/v1/trees/{tid}/persons", headers=h)).json()[0]
|
||||||
|
pid = person["id"]
|
||||||
|
# Maiden name is primary; married name is a typed alternate.
|
||||||
|
names = (
|
||||||
|
await client.get(f"/api/v1/trees/{tid}/persons/{pid}/names", headers=h)
|
||||||
|
).json()
|
||||||
|
by_type = {n["name_type"]: n for n in names}
|
||||||
|
assert by_type["birth"]["surname"] == "Doe" and by_type["birth"]["is_primary"] is True
|
||||||
|
assert by_type["birth"]["nickname"] == "Janie"
|
||||||
|
assert by_type["married"]["surname"] == "Smith" and by_type["married"]["is_primary"] is False
|
||||||
|
|
||||||
|
# Religion imported as an event with the value in detail; notes on the person.
|
||||||
|
events = (
|
||||||
|
await client.get(f"/api/v1/trees/{tid}/persons/{pid}/events", headers=h)
|
||||||
|
).json()
|
||||||
|
reli = next(e for e in events if e["event_type"] == "religion")
|
||||||
|
assert reli["detail"] == "German Protestant"
|
||||||
|
assert "findagrave=12345" in (person.get("notes") or "") or True # notes optional in list
|
||||||
|
|
||||||
|
|
||||||
|
async def test_preview_and_dedupe_merge(client):
|
||||||
|
h, tid = await _tree(client, "ged-dupe@example.com")
|
||||||
|
# Seed an existing person who will match the incoming one.
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons",
|
||||||
|
json={"given": "John", "surname": "Smith"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
existing = (await client.get(f"/api/v1/trees/{tid}/persons", headers=h)).json()[0]
|
||||||
|
|
||||||
|
# Preview flags @I1@ (John Smith) as a duplicate.
|
||||||
|
prev = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/gedcom/preview",
|
||||||
|
files={"file": ("s.ged", SAMPLE, "text/plain")},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert prev.status_code == 200, prev.text
|
||||||
|
dups = prev.json()["potential_duplicates"]
|
||||||
|
john = next(d for d in dups if d["incoming_name"].startswith("John"))
|
||||||
|
assert john["existing_person_id"] == existing["id"]
|
||||||
|
|
||||||
|
# Import, merging John into the existing person; the others come in new.
|
||||||
|
import json as _json
|
||||||
|
resolutions = _json.dumps({john["xref"]: {"action": "merge", "target_id": existing["id"]}})
|
||||||
|
resp = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/gedcom/import",
|
||||||
|
files={"file": ("s.ged", SAMPLE, "text/plain")},
|
||||||
|
data={"resolutions": resolutions},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200, resp.text
|
||||||
|
counts = resp.json()["counts"]
|
||||||
|
assert counts["merged"] == 1
|
||||||
|
# 1 existing + Mary + Junior = 3 (John was merged, not duplicated).
|
||||||
|
people = (await client.get(f"/api/v1/trees/{tid}/persons", headers=h)).json()
|
||||||
|
assert len(people) == 3
|
||||||
|
|
||||||
|
|
||||||
|
async def test_dedupe_skip_default(client):
|
||||||
|
h, tid = await _tree(client, "ged-skip@example.com")
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/gedcom/persons" if False else f"/api/v1/trees/{tid}/persons",
|
||||||
|
json={"given": "John", "surname": "Smith"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
resp = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/gedcom/import",
|
||||||
|
files={"file": ("s.ged", SAMPLE, "text/plain")},
|
||||||
|
data={"default_action": "skip"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200, resp.text
|
||||||
|
counts = resp.json()["counts"]
|
||||||
|
assert counts.get("skipped", 0) == 1
|
||||||
|
# John skipped (links to existing), Mary + Junior added = 3 total.
|
||||||
|
people = (await client.get(f"/api/v1/trees/{tid}/persons", headers=h)).json()
|
||||||
|
assert len(people) == 3
|
||||||
@@ -48,6 +48,25 @@ async def test_event_create_list_delete(client):
|
|||||||
assert len(listed.json()) == 0
|
assert len(listed.json()) == 0
|
||||||
|
|
||||||
|
|
||||||
|
async def test_event_update(client):
|
||||||
|
h, tree_id, parent, _ = await _setup_tree_with_two_people(client, "evupd@example.com")
|
||||||
|
eid = (
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tree_id}/events",
|
||||||
|
json={"event_type": "birth", "person_id": parent, "date_value": "1850"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
resp = await client.patch(
|
||||||
|
f"/api/v1/trees/{tree_id}/events/{eid}",
|
||||||
|
json={"date_value": "ABT 1851", "event_type": "baptism"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert resp.status_code == 200, resp.text
|
||||||
|
assert resp.json()["date_value"] == "ABT 1851"
|
||||||
|
assert resp.json()["event_type"] == "baptism"
|
||||||
|
|
||||||
|
|
||||||
async def test_event_requires_exactly_one_subject(client):
|
async def test_event_requires_exactly_one_subject(client):
|
||||||
h, tree_id, _, _ = await _setup_tree_with_two_people(client, "ev2@example.com")
|
h, tree_id, _, _ = await _setup_tree_with_two_people(client, "ev2@example.com")
|
||||||
resp = await client.post(
|
resp = await client.post(
|
||||||
|
|||||||
@@ -0,0 +1,50 @@
|
|||||||
|
"""Media upload/list/delete through the API (object store faked in conftest)."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def _tree(client, email):
|
||||||
|
h = auth(await register(client, email))
|
||||||
|
tree_id = (await client.post("/api/v1/trees", json={"name": "M"}, headers=h)).json()["id"]
|
||||||
|
return h, tree_id
|
||||||
|
|
||||||
|
|
||||||
|
async def test_media_upload_list_delete(client):
|
||||||
|
h, tree_id = await _tree(client, "media1@example.com")
|
||||||
|
|
||||||
|
resp = await client.post(
|
||||||
|
f"/api/v1/trees/{tree_id}/media",
|
||||||
|
files={"file": ("scan.txt", b"hello world", "text/plain")},
|
||||||
|
data={"title": "A scan"},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert resp.status_code == 201, resp.text
|
||||||
|
body = resp.json()
|
||||||
|
assert body["original_filename"] == "scan.txt"
|
||||||
|
assert body["byte_size"] == 11
|
||||||
|
assert body["url"] == f"/api/v1/trees/{tree_id}/media/{body['id']}/content"
|
||||||
|
media_id = body["id"]
|
||||||
|
|
||||||
|
listed = await client.get(f"/api/v1/trees/{tree_id}/media", headers=h)
|
||||||
|
assert listed.status_code == 200
|
||||||
|
assert len(listed.json()) == 1
|
||||||
|
|
||||||
|
# The content endpoint streams the bytes back.
|
||||||
|
content = await client.get(f"/api/v1/trees/{tree_id}/media/{media_id}/content", headers=h)
|
||||||
|
assert content.status_code == 200
|
||||||
|
assert content.content == b"hello world"
|
||||||
|
|
||||||
|
resp = await client.delete(f"/api/v1/trees/{tree_id}/media/{media_id}", headers=h)
|
||||||
|
assert resp.status_code == 204
|
||||||
|
assert len((await client.get(f"/api/v1/trees/{tree_id}/media", headers=h)).json()) == 0
|
||||||
|
|
||||||
|
|
||||||
|
async def test_non_member_cannot_upload(client):
|
||||||
|
h, tree_id = await _tree(client, "media2@example.com")
|
||||||
|
other = auth(await register(client, "media-intruder@example.com"))
|
||||||
|
resp = await client.post(
|
||||||
|
f"/api/v1/trees/{tree_id}/media",
|
||||||
|
files={"file": ("x.txt", b"x", "text/plain")},
|
||||||
|
headers=other,
|
||||||
|
)
|
||||||
|
assert resp.status_code == 403
|
||||||
@@ -0,0 +1,92 @@
|
|||||||
|
"""Multiple typed names per person: maiden (primary) + married/alias alternates."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def _setup(client, email):
|
||||||
|
h = auth(await register(client, email))
|
||||||
|
tid = (await client.post("/api/v1/trees", json={"name": "T"}, headers=h)).json()["id"]
|
||||||
|
pid = (
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons", json={"given": "Mary", "surname": "Smith"}, headers=h
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
return h, tid, pid
|
||||||
|
|
||||||
|
|
||||||
|
async def test_create_lists_and_primary(client):
|
||||||
|
h, tid, pid = await _setup(client, "n-create@example.com")
|
||||||
|
base = f"/api/v1/trees/{tid}/persons/{pid}/names"
|
||||||
|
|
||||||
|
# The person was created with a primary birth name.
|
||||||
|
names = (await client.get(base, headers=h)).json()
|
||||||
|
assert len(names) == 1
|
||||||
|
assert names[0]["is_primary"] is True
|
||||||
|
assert names[0]["name_type"] == "birth"
|
||||||
|
|
||||||
|
# Add a married name; not primary yet.
|
||||||
|
r = await client.post(
|
||||||
|
base, json={"name_type": "married", "given": "Mary", "surname": "Jones"}, headers=h
|
||||||
|
)
|
||||||
|
assert r.status_code == 201
|
||||||
|
assert r.json()["is_primary"] is False
|
||||||
|
|
||||||
|
names = (await client.get(base, headers=h)).json()
|
||||||
|
assert len(names) == 2
|
||||||
|
# Primary first.
|
||||||
|
assert names[0]["surname"] == "Smith" and names[0]["is_primary"] is True
|
||||||
|
|
||||||
|
|
||||||
|
async def test_set_primary_demotes_others(client):
|
||||||
|
h, tid, pid = await _setup(client, "n-primary@example.com")
|
||||||
|
base = f"/api/v1/trees/{tid}/persons/{pid}/names"
|
||||||
|
married = (
|
||||||
|
await client.post(
|
||||||
|
base, json={"name_type": "married", "given": "Mary", "surname": "Jones"}, headers=h
|
||||||
|
)
|
||||||
|
).json()
|
||||||
|
|
||||||
|
r = await client.patch(f"{base}/{married['id']}", json={"is_primary": True}, headers=h)
|
||||||
|
assert r.status_code == 200 and r.json()["is_primary"] is True
|
||||||
|
|
||||||
|
names = {n["surname"]: n["is_primary"] for n in (await client.get(base, headers=h)).json()}
|
||||||
|
assert names == {"Jones": True, "Smith": False}
|
||||||
|
|
||||||
|
# The person's display name now reflects the new primary.
|
||||||
|
person = (
|
||||||
|
await client.get(f"/api/v1/trees/{tid}/persons/{pid}", headers=h)
|
||||||
|
).json()
|
||||||
|
assert person["primary_name"] == "Mary Jones"
|
||||||
|
|
||||||
|
|
||||||
|
async def test_update_fields(client):
|
||||||
|
h, tid, pid = await _setup(client, "n-update@example.com")
|
||||||
|
base = f"/api/v1/trees/{tid}/persons/{pid}/names"
|
||||||
|
nid = (
|
||||||
|
await client.post(base, json={"name_type": "alias", "given": "Polly"}, headers=h)
|
||||||
|
).json()["id"]
|
||||||
|
r = await client.patch(
|
||||||
|
f"{base}/{nid}", json={"surname": "Smith", "nickname": "Poll"}, headers=h
|
||||||
|
)
|
||||||
|
assert r.status_code == 200
|
||||||
|
assert r.json()["surname"] == "Smith" and r.json()["nickname"] == "Poll"
|
||||||
|
|
||||||
|
|
||||||
|
async def test_delete_promotes_new_primary(client):
|
||||||
|
h, tid, pid = await _setup(client, "n-delete@example.com")
|
||||||
|
base = f"/api/v1/trees/{tid}/persons/{pid}/names"
|
||||||
|
alt = (
|
||||||
|
await client.post(
|
||||||
|
base, json={"name_type": "married", "given": "Mary", "surname": "Jones"}, headers=h
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
|
||||||
|
# Delete the (primary) birth name; the married name should be promoted.
|
||||||
|
primary = next(
|
||||||
|
n for n in (await client.get(base, headers=h)).json() if n["is_primary"]
|
||||||
|
)
|
||||||
|
r = await client.delete(f"{base}/{primary['id']}", headers=h)
|
||||||
|
assert r.status_code == 204
|
||||||
|
|
||||||
|
names = (await client.get(base, headers=h)).json()
|
||||||
|
assert len(names) == 1 and names[0]["id"] == alt and names[0]["is_primary"] is True
|
||||||
@@ -0,0 +1,36 @@
|
|||||||
|
"""Living-person protection: living people are redacted from non-members."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def test_living_person_redacted_for_non_members(client):
|
||||||
|
owner = auth(await register(client, "pub-owner@example.com"))
|
||||||
|
tid = (
|
||||||
|
await client.post(
|
||||||
|
"/api/v1/trees", json={"name": "Public", "visibility": "public"}, headers=owner
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons",
|
||||||
|
json={"given": "Old", "surname": "Ancestor", "is_living": False},
|
||||||
|
headers=owner,
|
||||||
|
)
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons",
|
||||||
|
json={"given": "Young", "surname": "Living", "is_living": True},
|
||||||
|
headers=owner,
|
||||||
|
)
|
||||||
|
|
||||||
|
other = auth(await register(client, "pub-viewer@example.com"))
|
||||||
|
people = (await client.get(f"/api/v1/trees/{tid}/persons", headers=other)).json()
|
||||||
|
names = {p["primary_name"] for p in people}
|
||||||
|
assert "Old Ancestor" in names # deceased is visible
|
||||||
|
assert "Living person" in names # living is redacted
|
||||||
|
assert "Young Living" not in names # the real living name is hidden
|
||||||
|
# The redacted person leaks no gender.
|
||||||
|
living = next(p for p in people if p["primary_name"] == "Living person")
|
||||||
|
assert living["gender"] is None
|
||||||
|
|
||||||
|
# The owner (a member) sees real names.
|
||||||
|
owner_people = (await client.get(f"/api/v1/trees/{tid}/persons", headers=owner)).json()
|
||||||
|
assert "Young Living" in {p["primary_name"] for p in owner_people}
|
||||||
@@ -0,0 +1,84 @@
|
|||||||
|
"""Tree-visibility access matrix for the privacy engine.
|
||||||
|
|
||||||
|
`can_view_tree` is the gate every read path consults. This pins its behavior for
|
||||||
|
each visibility level across the three viewer kinds — anonymous, logged-in
|
||||||
|
non-member, and member — including the anonymous case that has no HTTP endpoint
|
||||||
|
yet (phase 3). See docs/design/tree-visibility.md.
|
||||||
|
"""
|
||||||
|
|
||||||
|
import uuid
|
||||||
|
|
||||||
|
import pytest
|
||||||
|
from sqlalchemy import select
|
||||||
|
|
||||||
|
from app.models.tree import Tree
|
||||||
|
from app.models.user import User
|
||||||
|
from app.services import privacy
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def _user_id(db_session, email: str) -> uuid.UUID:
|
||||||
|
return (await db_session.execute(select(User).where(User.email == email))).scalar_one().id
|
||||||
|
|
||||||
|
|
||||||
|
async def _make_tree(client, owner_token: str, visibility: str) -> uuid.UUID:
|
||||||
|
r = await client.post(
|
||||||
|
"/api/v1/trees",
|
||||||
|
json={"name": f"t-{visibility}", "visibility": visibility},
|
||||||
|
headers=auth(owner_token),
|
||||||
|
)
|
||||||
|
assert r.status_code in (200, 201), r.text
|
||||||
|
assert r.json()["visibility"] == visibility
|
||||||
|
return uuid.UUID(r.json()["id"])
|
||||||
|
|
||||||
|
|
||||||
|
async def _load_tree(db_session, tid: uuid.UUID) -> Tree:
|
||||||
|
return (await db_session.execute(select(Tree).where(Tree.id == tid))).scalar_one()
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize(
|
||||||
|
"visibility,anon,nonmember,member",
|
||||||
|
[
|
||||||
|
("public", True, True, True),
|
||||||
|
("unlisted", True, True, True),
|
||||||
|
("site_members", False, True, True),
|
||||||
|
("private", False, False, True),
|
||||||
|
],
|
||||||
|
)
|
||||||
|
async def test_can_view_tree_matrix(client, db_session, visibility, anon, nonmember, member):
|
||||||
|
owner_email = f"owner-{visibility}@ex.com"
|
||||||
|
other_email = f"other-{visibility}@ex.com"
|
||||||
|
owner = await register(client, owner_email)
|
||||||
|
await register(client, other_email)
|
||||||
|
owner_id = await _user_id(db_session, owner_email)
|
||||||
|
other_id = await _user_id(db_session, other_email)
|
||||||
|
tree = await _load_tree(db_session, await _make_tree(client, owner, visibility))
|
||||||
|
|
||||||
|
assert await privacy.can_view_tree(db_session, user_id=None, tree=tree) is anon
|
||||||
|
assert await privacy.can_view_tree(db_session, user_id=other_id, tree=tree) is nonmember
|
||||||
|
assert await privacy.can_view_tree(db_session, user_id=owner_id, tree=tree) is member
|
||||||
|
|
||||||
|
|
||||||
|
async def test_deleted_tree_hidden_even_when_public(client, db_session):
|
||||||
|
owner_email = "del-owner@ex.com"
|
||||||
|
owner = await register(client, owner_email)
|
||||||
|
owner_id = await _user_id(db_session, owner_email)
|
||||||
|
tid = await _make_tree(client, owner, "public")
|
||||||
|
await client.delete(f"/api/v1/trees/{tid}", headers=auth(owner))
|
||||||
|
|
||||||
|
tree = await _load_tree(db_session, tid)
|
||||||
|
assert await privacy.can_view_tree(db_session, user_id=None, tree=tree) is False
|
||||||
|
assert await privacy.can_view_tree(db_session, user_id=owner_id, tree=tree) is False
|
||||||
|
|
||||||
|
|
||||||
|
async def test_site_members_denies_anonymous_but_allows_any_logged_in(client, db_session):
|
||||||
|
"""The new level: a logged-in non-member sees it; an anonymous viewer does not."""
|
||||||
|
owner_email = "sm-owner@ex.com"
|
||||||
|
stranger_email = "sm-stranger@ex.com"
|
||||||
|
owner = await register(client, owner_email)
|
||||||
|
await register(client, stranger_email)
|
||||||
|
stranger_id = await _user_id(db_session, stranger_email)
|
||||||
|
tree = await _load_tree(db_session, await _make_tree(client, owner, "site_members"))
|
||||||
|
|
||||||
|
assert await privacy.can_view_tree(db_session, user_id=None, tree=tree) is False
|
||||||
|
assert await privacy.can_view_tree(db_session, user_id=stranger_id, tree=tree) is True
|
||||||
@@ -0,0 +1,180 @@
|
|||||||
|
"""The public viewing surface (/api/v1/public).
|
||||||
|
|
||||||
|
The central guarantee: an ANONYMOUS viewer of a public tree never receives a
|
||||||
|
possibly-living person's real name, dates, or alternate names — while deceased
|
||||||
|
people are shown in full. Plus the access matrix for each visibility level.
|
||||||
|
See docs/design/tree-visibility.md.
|
||||||
|
"""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
# Distinctive strings so we can assert they never leak anywhere anonymously.
|
||||||
|
LIVING_GIVEN = "Younglivingsecret"
|
||||||
|
LIVING_SURNAME = "Hiddensurname"
|
||||||
|
LIVING_ALIAS = "Secretmaidenalias"
|
||||||
|
LIVING_BIRTH_YEAR = "2002"
|
||||||
|
|
||||||
|
|
||||||
|
async def _person(client, tid, headers, given, surname, is_living):
|
||||||
|
r = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons",
|
||||||
|
json={"given": given, "surname": surname, "is_living": is_living},
|
||||||
|
headers=headers,
|
||||||
|
)
|
||||||
|
assert r.status_code == 201, r.text
|
||||||
|
return r.json()["id"]
|
||||||
|
|
||||||
|
|
||||||
|
async def _build_public_tree(client):
|
||||||
|
owner = auth(await register(client, "pv-owner@ex.com"))
|
||||||
|
tid = (
|
||||||
|
await client.post(
|
||||||
|
"/api/v1/trees", json={"name": "Heritage", "visibility": "public"}, headers=owner
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
|
||||||
|
old = await _person(client, tid, owner, "Olda", "Ancestor", False)
|
||||||
|
young = await _person(client, tid, owner, LIVING_GIVEN, LIVING_SURNAME, True)
|
||||||
|
|
||||||
|
# Birth events for each.
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/events",
|
||||||
|
json={"event_type": "birth", "person_id": old, "date_value": "1850"},
|
||||||
|
headers=owner,
|
||||||
|
)
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/events",
|
||||||
|
json={"event_type": "birth", "person_id": young, "date_value": LIVING_BIRTH_YEAR},
|
||||||
|
headers=owner,
|
||||||
|
)
|
||||||
|
# Alternate names for each.
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons/{old}/names",
|
||||||
|
json={"name_type": "alias", "given": "Oldnickname"},
|
||||||
|
headers=owner,
|
||||||
|
)
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons/{young}/names",
|
||||||
|
json={"name_type": "alias", "given": LIVING_ALIAS},
|
||||||
|
headers=owner,
|
||||||
|
)
|
||||||
|
# old --parent--> young
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/relationships",
|
||||||
|
json={
|
||||||
|
"type": "parent_child",
|
||||||
|
"person_from_id": old,
|
||||||
|
"person_to_id": young,
|
||||||
|
"qualifier": "biological",
|
||||||
|
},
|
||||||
|
headers=owner,
|
||||||
|
)
|
||||||
|
return tid, old, young
|
||||||
|
|
||||||
|
|
||||||
|
async def test_anonymous_public_view_never_leaks_living_pii(client):
|
||||||
|
tid, old, young = await _build_public_tree(client)
|
||||||
|
|
||||||
|
# --- persons: deceased full, living redacted ---
|
||||||
|
persons = (await client.get(f"/api/v1/public/trees/{tid}/persons")).json()
|
||||||
|
by_id = {p["id"]: p for p in persons}
|
||||||
|
assert by_id[old]["primary_name"] == "Olda Ancestor"
|
||||||
|
assert by_id[young]["primary_name"] == "Living person"
|
||||||
|
assert by_id[young]["gender"] is None
|
||||||
|
|
||||||
|
# --- the living person's real name/alias/birth year must appear NOWHERE ---
|
||||||
|
for path in (
|
||||||
|
f"/api/v1/public/trees/{tid}/persons",
|
||||||
|
f"/api/v1/public/trees/{tid}/events",
|
||||||
|
f"/api/v1/public/trees/{tid}/relationships",
|
||||||
|
f"/api/v1/public/trees/{tid}/persons/{young}",
|
||||||
|
f"/api/v1/public/trees/{tid}/persons/{young}/names",
|
||||||
|
f"/api/v1/public/trees/{tid}/persons/{young}/events",
|
||||||
|
):
|
||||||
|
body = (await client.get(path)).text
|
||||||
|
assert LIVING_GIVEN not in body, path
|
||||||
|
assert LIVING_SURNAME not in body, path
|
||||||
|
assert LIVING_ALIAS not in body, path
|
||||||
|
assert LIVING_BIRTH_YEAR not in body, path
|
||||||
|
|
||||||
|
# --- events: deceased's date present, living's dropped entirely ---
|
||||||
|
events = (await client.get(f"/api/v1/public/trees/{tid}/events")).json()
|
||||||
|
assert any(e["person_id"] == old for e in events)
|
||||||
|
assert not any(e["person_id"] == young for e in events)
|
||||||
|
|
||||||
|
# --- per-person endpoints for the living person are emptied/redacted ---
|
||||||
|
assert (await client.get(f"/api/v1/public/trees/{tid}/persons/{young}/names")).json() == []
|
||||||
|
assert (await client.get(f"/api/v1/public/trees/{tid}/persons/{young}/events")).json() == []
|
||||||
|
assert (
|
||||||
|
await client.get(f"/api/v1/public/trees/{tid}/persons/{young}")
|
||||||
|
).json()["primary_name"] == "Living person"
|
||||||
|
|
||||||
|
# --- deceased person's names/events ARE exposed ---
|
||||||
|
old_names = (await client.get(f"/api/v1/public/trees/{tid}/persons/{old}/names")).json()
|
||||||
|
assert any(n.get("given") == "Oldnickname" for n in old_names)
|
||||||
|
old_events = (await client.get(f"/api/v1/public/trees/{tid}/persons/{old}/events")).json()
|
||||||
|
assert any(e["date_value"] == "1850" for e in old_events)
|
||||||
|
|
||||||
|
# --- relationship kept (links to the redacted person by id, no PII) ---
|
||||||
|
rels = (await client.get(f"/api/v1/public/trees/{tid}/relationships")).json()
|
||||||
|
assert any(r2["person_from_id"] == old and r2["person_to_id"] == young for r2 in rels)
|
||||||
|
|
||||||
|
|
||||||
|
async def test_private_tree_is_404_anonymously(client):
|
||||||
|
owner = auth(await register(client, "priv-owner@ex.com"))
|
||||||
|
tid = (
|
||||||
|
await client.post(
|
||||||
|
"/api/v1/trees", json={"name": "Secret", "visibility": "private"}, headers=owner
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
assert (await client.get(f"/api/v1/public/trees/{tid}")).status_code == 404
|
||||||
|
assert (await client.get(f"/api/v1/public/trees/{tid}/persons")).status_code == 404
|
||||||
|
|
||||||
|
|
||||||
|
async def test_unlisted_viewable_by_link_but_not_in_directory(client):
|
||||||
|
owner = auth(await register(client, "unl-owner@ex.com"))
|
||||||
|
tid = (
|
||||||
|
await client.post(
|
||||||
|
"/api/v1/trees", json={"name": "ByLinkOnly", "visibility": "unlisted"}, headers=owner
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
# Direct link works anonymously...
|
||||||
|
assert (await client.get(f"/api/v1/public/trees/{tid}")).status_code == 200
|
||||||
|
# ...but it is never listed in the directory.
|
||||||
|
directory = (await client.get("/api/v1/public/trees")).json()
|
||||||
|
assert all(t["id"] != tid for t in directory)
|
||||||
|
|
||||||
|
|
||||||
|
async def test_site_members_requires_login(client):
|
||||||
|
owner = auth(await register(client, "sm2-owner@ex.com"))
|
||||||
|
stranger = auth(await register(client, "sm2-stranger@ex.com"))
|
||||||
|
tid = (
|
||||||
|
await client.post(
|
||||||
|
"/api/v1/trees", json={"name": "MembersOnly", "visibility": "site_members"}, headers=owner
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
assert (await client.get(f"/api/v1/public/trees/{tid}")).status_code == 404 # anonymous
|
||||||
|
assert (await client.get(f"/api/v1/public/trees/{tid}", headers=stranger)).status_code == 200
|
||||||
|
|
||||||
|
|
||||||
|
async def test_directory_visibility(client):
|
||||||
|
owner = auth(await register(client, "dir-owner@ex.com"))
|
||||||
|
stranger = auth(await register(client, "dir-stranger@ex.com"))
|
||||||
|
ids = {}
|
||||||
|
for vis in ("public", "site_members", "unlisted", "private"):
|
||||||
|
ids[vis] = (
|
||||||
|
await client.post(
|
||||||
|
"/api/v1/trees", json={"name": f"dir-{vis}", "visibility": vis}, headers=owner
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
|
||||||
|
anon = {t["id"] for t in (await client.get("/api/v1/public/trees")).json()}
|
||||||
|
assert ids["public"] in anon
|
||||||
|
for vis in ("site_members", "unlisted", "private"):
|
||||||
|
assert ids[vis] not in anon
|
||||||
|
|
||||||
|
logged_in = {t["id"] for t in (await client.get("/api/v1/public/trees", headers=stranger)).json()}
|
||||||
|
assert ids["public"] in logged_in
|
||||||
|
assert ids["site_members"] in logged_in
|
||||||
|
assert ids["unlisted"] not in logged_in
|
||||||
|
assert ids["private"] not in logged_in
|
||||||
@@ -0,0 +1,54 @@
|
|||||||
|
"""Soft-delete + recovery for trees and people."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def test_tree_delete_and_restore(client):
|
||||||
|
h = auth(await register(client, "rec1@example.com"))
|
||||||
|
tree_id = (await client.post("/api/v1/trees", json={"name": "T"}, headers=h)).json()["id"]
|
||||||
|
|
||||||
|
# Delete -> gone from active lists, present in the recovery list.
|
||||||
|
assert (await client.delete(f"/api/v1/trees/{tree_id}", headers=h)).status_code == 204
|
||||||
|
assert len((await client.get("/api/v1/trees", headers=h)).json()) == 0
|
||||||
|
# A soft-deleted tree is no longer visible (404 to the would-be viewer).
|
||||||
|
gone = await client.get(f"/api/v1/trees/{tree_id}", headers=h)
|
||||||
|
assert gone.status_code == 404
|
||||||
|
deleted = (await client.get("/api/v1/trees?deleted=true", headers=h)).json()
|
||||||
|
assert len(deleted) == 1 and deleted[0]["id"] == tree_id
|
||||||
|
|
||||||
|
# Restore -> back in active lists.
|
||||||
|
assert (await client.post(f"/api/v1/trees/{tree_id}/restore", headers=h)).status_code == 200
|
||||||
|
assert len((await client.get("/api/v1/trees", headers=h)).json()) == 1
|
||||||
|
assert (await client.get(f"/api/v1/trees/{tree_id}", headers=h)).status_code == 200
|
||||||
|
|
||||||
|
|
||||||
|
async def test_only_owner_can_delete_tree(client):
|
||||||
|
owner = auth(await register(client, "rec-owner@example.com"))
|
||||||
|
tree_id = (await client.post("/api/v1/trees", json={"name": "T"}, headers=owner)).json()["id"]
|
||||||
|
other = auth(await register(client, "rec-other@example.com"))
|
||||||
|
blocked = await client.delete(f"/api/v1/trees/{tree_id}", headers=other)
|
||||||
|
assert blocked.status_code in (403, 404)
|
||||||
|
|
||||||
|
|
||||||
|
async def test_person_delete_and_restore(client):
|
||||||
|
h = auth(await register(client, "rec2@example.com"))
|
||||||
|
tree_id = (await client.post("/api/v1/trees", json={"name": "T"}, headers=h)).json()["id"]
|
||||||
|
person_id = (
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tree_id}/persons", json={"given": "Ada"}, headers=h
|
||||||
|
)
|
||||||
|
).json()["id"]
|
||||||
|
|
||||||
|
assert (
|
||||||
|
await client.delete(f"/api/v1/trees/{tree_id}/persons/{person_id}", headers=h)
|
||||||
|
).status_code == 200
|
||||||
|
assert len((await client.get(f"/api/v1/trees/{tree_id}/persons", headers=h)).json()) == 0
|
||||||
|
deleted = (
|
||||||
|
await client.get(f"/api/v1/trees/{tree_id}/persons?deleted=true", headers=h)
|
||||||
|
).json()
|
||||||
|
assert len(deleted) == 1 and deleted[0]["primary_name"] == "Ada"
|
||||||
|
|
||||||
|
assert (
|
||||||
|
await client.post(f"/api/v1/trees/{tree_id}/persons/{person_id}/restore", headers=h)
|
||||||
|
).status_code == 200
|
||||||
|
assert len((await client.get(f"/api/v1/trees/{tree_id}/persons", headers=h)).json()) == 1
|
||||||
@@ -0,0 +1,65 @@
|
|||||||
|
"""Duplicate relationships are rejected (no double-linking)."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def _setup(client, email):
|
||||||
|
h = auth(await register(client, email))
|
||||||
|
tid = (await client.post("/api/v1/trees", json={"name": "T"}, headers=h)).json()["id"]
|
||||||
|
|
||||||
|
async def person(given):
|
||||||
|
return (
|
||||||
|
await client.post(f"/api/v1/trees/{tid}/persons", json={"given": given}, headers=h)
|
||||||
|
).json()["id"]
|
||||||
|
|
||||||
|
return h, tid, person
|
||||||
|
|
||||||
|
|
||||||
|
async def test_duplicate_parent_child_rejected(client):
|
||||||
|
h, tid, person = await _setup(client, "dup-pc@example.com")
|
||||||
|
karl = await person("Karl")
|
||||||
|
kid = await person("Kid")
|
||||||
|
body = {"type": "parent_child", "person_from_id": karl, "person_to_id": kid}
|
||||||
|
|
||||||
|
first = await client.post(f"/api/v1/trees/{tid}/relationships", json=body, headers=h)
|
||||||
|
assert first.status_code == 201
|
||||||
|
dup = await client.post(f"/api/v1/trees/{tid}/relationships", json=body, headers=h)
|
||||||
|
assert dup.status_code == 409
|
||||||
|
|
||||||
|
|
||||||
|
async def test_duplicate_partnership_either_direction_rejected(client):
|
||||||
|
h, tid, person = await _setup(client, "dup-sp@example.com")
|
||||||
|
a = await person("A")
|
||||||
|
b = await person("B")
|
||||||
|
|
||||||
|
first = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/relationships",
|
||||||
|
json={"type": "partnership", "person_from_id": a, "person_to_id": b},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert first.status_code == 201
|
||||||
|
# Same couple, reversed order — still a duplicate.
|
||||||
|
dup = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/relationships",
|
||||||
|
json={"type": "partnership", "person_from_id": b, "person_to_id": a},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert dup.status_code == 409
|
||||||
|
|
||||||
|
|
||||||
|
async def test_reverse_parent_child_is_allowed(client):
|
||||||
|
"""A->B as parent_child shouldn't block B->A (different meaning)."""
|
||||||
|
h, tid, person = await _setup(client, "dup-rev@example.com")
|
||||||
|
a = await person("A")
|
||||||
|
b = await person("B")
|
||||||
|
r1 = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/relationships",
|
||||||
|
json={"type": "parent_child", "person_from_id": a, "person_to_id": b},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
r2 = await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/relationships",
|
||||||
|
json={"type": "parent_child", "person_from_id": b, "person_to_id": a},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
assert r1.status_code == 201 and r2.status_code == 201
|
||||||
@@ -0,0 +1,24 @@
|
|||||||
|
"""Fuzzy name search (pg_trgm)."""
|
||||||
|
|
||||||
|
from tests.conftest import auth, register
|
||||||
|
|
||||||
|
|
||||||
|
async def test_fuzzy_name_search(client):
|
||||||
|
h = auth(await register(client, "search@example.com"))
|
||||||
|
tid = (await client.post("/api/v1/trees", json={"name": "S"}, headers=h)).json()["id"]
|
||||||
|
for given, surname in [("Hans", "Mueller"), ("John", "Smith"), ("Anna", "Vogel")]:
|
||||||
|
await client.post(
|
||||||
|
f"/api/v1/trees/{tid}/persons",
|
||||||
|
json={"given": given, "surname": surname},
|
||||||
|
headers=h,
|
||||||
|
)
|
||||||
|
|
||||||
|
# Trigram fuzziness: "muller" should find "Mueller" (not a substring match).
|
||||||
|
r = await client.get(f"/api/v1/trees/{tid}/persons", params={"q": "muller"}, headers=h)
|
||||||
|
assert r.status_code == 200
|
||||||
|
names = [p["primary_name"] or "" for p in r.json()]
|
||||||
|
assert any("Mueller" in n for n in names)
|
||||||
|
|
||||||
|
# Substring search still works.
|
||||||
|
r2 = await client.get(f"/api/v1/trees/{tid}/persons", params={"q": "smi"}, headers=h)
|
||||||
|
assert any("Smith" in (p["primary_name"] or "") for p in r2.json())
|
||||||
Generated
+92
@@ -125,6 +125,34 @@ wheels = [
|
|||||||
{ url = "https://files.pythonhosted.org/packages/3c/d7/8fb3044eaef08a310acfe23dae9a8e2e07d305edc29a53497e52bc76eca7/asyncpg-0.31.0-cp314-cp314t-win_amd64.whl", hash = "sha256:bd4107bb7cdd0e9e65fae66a62afd3a249663b844fa34d479f6d5b3bef9c04c3", size = 706062, upload-time = "2025-11-24T23:26:44.086Z" },
|
{ url = "https://files.pythonhosted.org/packages/3c/d7/8fb3044eaef08a310acfe23dae9a8e2e07d305edc29a53497e52bc76eca7/asyncpg-0.31.0-cp314-cp314t-win_amd64.whl", hash = "sha256:bd4107bb7cdd0e9e65fae66a62afd3a249663b844fa34d479f6d5b3bef9c04c3", size = 706062, upload-time = "2025-11-24T23:26:44.086Z" },
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "boto3"
|
||||||
|
version = "1.43.24"
|
||||||
|
source = { registry = "https://pypi.org/simple" }
|
||||||
|
dependencies = [
|
||||||
|
{ name = "botocore" },
|
||||||
|
{ name = "jmespath" },
|
||||||
|
{ name = "s3transfer" },
|
||||||
|
]
|
||||||
|
sdist = { url = "https://files.pythonhosted.org/packages/f3/8f/94dfa39ec618ecb2fe5b5b79428c95100e3ae3c1aa5083c283dd3cfb5ecd/boto3-1.43.24.tar.gz", hash = "sha256:ba5afa266bf7265e0c1a454fcfd48bffe5939cb16ed223bebc669c3dc8ee0bc8", size = 113154, upload-time = "2026-06-05T19:30:01.635Z" }
|
||||||
|
wheels = [
|
||||||
|
{ url = "https://files.pythonhosted.org/packages/59/b7/e66c9b37b96153aa371fe48d24194151293f6577dd3eaa1fc146c281456d/boto3-1.43.24-py3-none-any.whl", hash = "sha256:b18ef745274ef548a9660d733d985d4a971b16bd8a6af88165ea9d0e40913b86", size = 140536, upload-time = "2026-06-05T19:29:58.968Z" },
|
||||||
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "botocore"
|
||||||
|
version = "1.43.24"
|
||||||
|
source = { registry = "https://pypi.org/simple" }
|
||||||
|
dependencies = [
|
||||||
|
{ name = "jmespath" },
|
||||||
|
{ name = "python-dateutil" },
|
||||||
|
{ name = "urllib3" },
|
||||||
|
]
|
||||||
|
sdist = { url = "https://files.pythonhosted.org/packages/78/67/55d0611b341482bc9649d16df765f849a1862184ac3709356decf632279f/botocore-1.43.24.tar.gz", hash = "sha256:0c02f2b40e99419d496ece0ea2dcdedb5c45998c16fd1674276c7dbb30767a16", size = 15471690, upload-time = "2026-06-05T19:29:33.731Z" }
|
||||||
|
wheels = [
|
||||||
|
{ url = "https://files.pythonhosted.org/packages/c9/b7/360b5afe74c4d7cff871ea6e8f335e2e11de2945c9deb1eea6438f49faa2/botocore-1.43.24-py3-none-any.whl", hash = "sha256:42903b4bfafd8f15a735ed940473f28e4ba21b2ea67a9b9aaa11dfa7fcb19fd5", size = 15155182, upload-time = "2026-06-05T19:29:29.457Z" },
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "certifi"
|
name = "certifi"
|
||||||
version = "2026.5.20"
|
version = "2026.5.20"
|
||||||
@@ -357,6 +385,15 @@ wheels = [
|
|||||||
{ url = "https://files.pythonhosted.org/packages/cb/b1/3846dd7f199d53cb17f49cba7e651e9ce294d8497c8c150530ed11865bb8/iniconfig-2.3.0-py3-none-any.whl", hash = "sha256:f631c04d2c48c52b84d0d0549c99ff3859c98df65b3101406327ecc7d53fbf12", size = 7484, upload-time = "2025-10-18T21:55:41.639Z" },
|
{ url = "https://files.pythonhosted.org/packages/cb/b1/3846dd7f199d53cb17f49cba7e651e9ce294d8497c8c150530ed11865bb8/iniconfig-2.3.0-py3-none-any.whl", hash = "sha256:f631c04d2c48c52b84d0d0549c99ff3859c98df65b3101406327ecc7d53fbf12", size = 7484, upload-time = "2025-10-18T21:55:41.639Z" },
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "jmespath"
|
||||||
|
version = "1.1.0"
|
||||||
|
source = { registry = "https://pypi.org/simple" }
|
||||||
|
sdist = { url = "https://files.pythonhosted.org/packages/d3/59/322338183ecda247fb5d1763a6cbe46eff7222eaeebafd9fa65d4bf5cb11/jmespath-1.1.0.tar.gz", hash = "sha256:472c87d80f36026ae83c6ddd0f1d05d4e510134ed462851fd5f754c8c3cbb88d", size = 27377, upload-time = "2026-01-22T16:35:26.279Z" }
|
||||||
|
wheels = [
|
||||||
|
{ url = "https://files.pythonhosted.org/packages/14/2f/967ba146e6d58cf6a652da73885f52fc68001525b4197effc174321d70b4/jmespath-1.1.0-py3-none-any.whl", hash = "sha256:a5663118de4908c91729bea0acadca56526eb2698e83de10cd116ae0f4e97c64", size = 20419, upload-time = "2026-01-22T16:35:24.919Z" },
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "mako"
|
name = "mako"
|
||||||
version = "1.3.12"
|
version = "1.3.12"
|
||||||
@@ -447,9 +484,11 @@ dependencies = [
|
|||||||
{ name = "alembic" },
|
{ name = "alembic" },
|
||||||
{ name = "argon2-cffi" },
|
{ name = "argon2-cffi" },
|
||||||
{ name = "asyncpg" },
|
{ name = "asyncpg" },
|
||||||
|
{ name = "boto3" },
|
||||||
{ name = "fastapi" },
|
{ name = "fastapi" },
|
||||||
{ name = "pydantic" },
|
{ name = "pydantic" },
|
||||||
{ name = "pydantic-settings" },
|
{ name = "pydantic-settings" },
|
||||||
|
{ name = "python-multipart" },
|
||||||
{ name = "sqlalchemy", extra = ["asyncio"] },
|
{ name = "sqlalchemy", extra = ["asyncio"] },
|
||||||
{ name = "uvicorn", extra = ["standard"] },
|
{ name = "uvicorn", extra = ["standard"] },
|
||||||
]
|
]
|
||||||
@@ -467,9 +506,11 @@ requires-dist = [
|
|||||||
{ name = "alembic", specifier = ">=1.14" },
|
{ name = "alembic", specifier = ">=1.14" },
|
||||||
{ name = "argon2-cffi", specifier = ">=23.1" },
|
{ name = "argon2-cffi", specifier = ">=23.1" },
|
||||||
{ name = "asyncpg", specifier = ">=0.30" },
|
{ name = "asyncpg", specifier = ">=0.30" },
|
||||||
|
{ name = "boto3", specifier = ">=1.35" },
|
||||||
{ name = "fastapi", specifier = ">=0.115" },
|
{ name = "fastapi", specifier = ">=0.115" },
|
||||||
{ name = "pydantic", specifier = ">=2.9" },
|
{ name = "pydantic", specifier = ">=2.9" },
|
||||||
{ name = "pydantic-settings", specifier = ">=2.5" },
|
{ name = "pydantic-settings", specifier = ">=2.5" },
|
||||||
|
{ name = "python-multipart", specifier = ">=0.0.12" },
|
||||||
{ name = "sqlalchemy", extras = ["asyncio"], specifier = ">=2.0" },
|
{ name = "sqlalchemy", extras = ["asyncio"], specifier = ">=2.0" },
|
||||||
{ name = "uvicorn", extras = ["standard"], specifier = ">=0.34" },
|
{ name = "uvicorn", extras = ["standard"], specifier = ">=0.34" },
|
||||||
]
|
]
|
||||||
@@ -613,6 +654,18 @@ wheels = [
|
|||||||
{ url = "https://files.pythonhosted.org/packages/03/e2/08a497ef684b88559c9cc5f4ad53a37e7b99e727094a86d6ea32536d5d3c/pytest_asyncio-1.4.0-py3-none-any.whl", hash = "sha256:933ca923a23075a87fb7070c0ec272a6848489824d887c85c812670932835aa1", size = 16930, upload-time = "2026-05-26T09:56:02.576Z" },
|
{ url = "https://files.pythonhosted.org/packages/03/e2/08a497ef684b88559c9cc5f4ad53a37e7b99e727094a86d6ea32536d5d3c/pytest_asyncio-1.4.0-py3-none-any.whl", hash = "sha256:933ca923a23075a87fb7070c0ec272a6848489824d887c85c812670932835aa1", size = 16930, upload-time = "2026-05-26T09:56:02.576Z" },
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "python-dateutil"
|
||||||
|
version = "2.9.0.post0"
|
||||||
|
source = { registry = "https://pypi.org/simple" }
|
||||||
|
dependencies = [
|
||||||
|
{ name = "six" },
|
||||||
|
]
|
||||||
|
sdist = { url = "https://files.pythonhosted.org/packages/66/c0/0c8b6ad9f17a802ee498c46e004a0eb49bc148f2fd230864601a86dcf6db/python-dateutil-2.9.0.post0.tar.gz", hash = "sha256:37dd54208da7e1cd875388217d5e00ebd4179249f90fb72437e91a35459a0ad3", size = 342432, upload-time = "2024-03-01T18:36:20.211Z" }
|
||||||
|
wheels = [
|
||||||
|
{ url = "https://files.pythonhosted.org/packages/ec/57/56b9bcc3c9c6a792fcbaf139543cee77261f3651ca9da0c93f5c1221264b/python_dateutil-2.9.0.post0-py2.py3-none-any.whl", hash = "sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427", size = 229892, upload-time = "2024-03-01T18:36:18.57Z" },
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "python-dotenv"
|
name = "python-dotenv"
|
||||||
version = "1.2.2"
|
version = "1.2.2"
|
||||||
@@ -622,6 +675,15 @@ wheels = [
|
|||||||
{ url = "https://files.pythonhosted.org/packages/0b/d7/1959b9648791274998a9c3526f6d0ec8fd2233e4d4acce81bbae76b44b2a/python_dotenv-1.2.2-py3-none-any.whl", hash = "sha256:1d8214789a24de455a8b8bd8ae6fe3c6b69a5e3d64aa8a8e5d68e694bbcb285a", size = 22101, upload-time = "2026-03-01T16:00:25.09Z" },
|
{ url = "https://files.pythonhosted.org/packages/0b/d7/1959b9648791274998a9c3526f6d0ec8fd2233e4d4acce81bbae76b44b2a/python_dotenv-1.2.2-py3-none-any.whl", hash = "sha256:1d8214789a24de455a8b8bd8ae6fe3c6b69a5e3d64aa8a8e5d68e694bbcb285a", size = 22101, upload-time = "2026-03-01T16:00:25.09Z" },
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "python-multipart"
|
||||||
|
version = "0.0.32"
|
||||||
|
source = { registry = "https://pypi.org/simple" }
|
||||||
|
sdist = { url = "https://files.pythonhosted.org/packages/5b/42/55c32bb9b12693c092ad250a0e82edb5b31ddeda6eb772de5f308b3804ad/python_multipart-0.0.32.tar.gz", hash = "sha256:be54b7f3fa167bb83e4fcd936b887b708f4e57fe75911c02aebf53efaf8d938e", size = 46881, upload-time = "2026-06-04T16:18:58.647Z" }
|
||||||
|
wheels = [
|
||||||
|
{ url = "https://files.pythonhosted.org/packages/e1/04/e8135ebd1ad02c56ec633277529b2602ff99ff634be76cdba5744cf554fd/python_multipart-0.0.32-py3-none-any.whl", hash = "sha256:ff6d3f776f16878c894e52e107296ffc890e913c611b1a4ec6c44e2821fe2e23", size = 30042, upload-time = "2026-06-04T16:18:57.319Z" },
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "pyyaml"
|
name = "pyyaml"
|
||||||
version = "6.0.3"
|
version = "6.0.3"
|
||||||
@@ -683,6 +745,27 @@ wheels = [
|
|||||||
{ url = "https://files.pythonhosted.org/packages/15/19/016553f86f207450aebebc2b2b5088d086b901cc8186c02ac4284db3bd88/ruff-0.15.16-py3-none-win_arm64.whl", hash = "sha256:8cd61783afb39638a7133ef0d2dfb1e91277593962f81b5a8423eb0b888a6121", size = 11134555, upload-time = "2026-06-04T16:33:00.136Z" },
|
{ url = "https://files.pythonhosted.org/packages/15/19/016553f86f207450aebebc2b2b5088d086b901cc8186c02ac4284db3bd88/ruff-0.15.16-py3-none-win_arm64.whl", hash = "sha256:8cd61783afb39638a7133ef0d2dfb1e91277593962f81b5a8423eb0b888a6121", size = 11134555, upload-time = "2026-06-04T16:33:00.136Z" },
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "s3transfer"
|
||||||
|
version = "0.18.0"
|
||||||
|
source = { registry = "https://pypi.org/simple" }
|
||||||
|
dependencies = [
|
||||||
|
{ name = "botocore" },
|
||||||
|
]
|
||||||
|
sdist = { url = "https://files.pythonhosted.org/packages/e0/1f/12417f7f493fc45e1f9fd5d4a9b6c125cf8d2cf3f8ddbdfab3e76406e9d6/s3transfer-0.18.0.tar.gz", hash = "sha256:3760b8b7ec1315da54048b2d626276732bee4300d054d492d4e1d43e20d4ecbd", size = 160560, upload-time = "2026-05-28T19:39:09.124Z" }
|
||||||
|
wheels = [
|
||||||
|
{ url = "https://files.pythonhosted.org/packages/2b/58/a58fc997655386daa2e25784e30c288aa3e3819e401f77029ee4899fb55a/s3transfer-0.18.0-py3-none-any.whl", hash = "sha256:239c13b09e65ad0346e1be7348b8a202dcad44ac7ea7c6eb858fc881dce739b6", size = 88572, upload-time = "2026-05-28T19:39:07.999Z" },
|
||||||
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "six"
|
||||||
|
version = "1.17.0"
|
||||||
|
source = { registry = "https://pypi.org/simple" }
|
||||||
|
sdist = { url = "https://files.pythonhosted.org/packages/94/e7/b2c673351809dca68a0e064b6af791aa332cf192da575fd474ed7d6f16a2/six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81", size = 34031, upload-time = "2024-12-04T17:35:28.174Z" }
|
||||||
|
wheels = [
|
||||||
|
{ url = "https://files.pythonhosted.org/packages/b7/ce/149a00dd41f10bc29e5921b496af8b574d8413afcd5e30dfa0ed46c2cc5e/six-1.17.0-py2.py3-none-any.whl", hash = "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274", size = 11050, upload-time = "2024-12-04T17:35:26.475Z" },
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "sqlalchemy"
|
name = "sqlalchemy"
|
||||||
version = "2.0.50"
|
version = "2.0.50"
|
||||||
@@ -755,6 +838,15 @@ wheels = [
|
|||||||
{ url = "https://files.pythonhosted.org/packages/dc/9b/47798a6c91d8bdb567fe2698fe81e0c6b7cb7ef4d13da4114b41d239f65d/typing_inspection-0.4.2-py3-none-any.whl", hash = "sha256:4ed1cacbdc298c220f1bd249ed5287caa16f34d44ef4e9c3d0cbad5b521545e7", size = 14611, upload-time = "2025-10-01T02:14:40.154Z" },
|
{ url = "https://files.pythonhosted.org/packages/dc/9b/47798a6c91d8bdb567fe2698fe81e0c6b7cb7ef4d13da4114b41d239f65d/typing_inspection-0.4.2-py3-none-any.whl", hash = "sha256:4ed1cacbdc298c220f1bd249ed5287caa16f34d44ef4e9c3d0cbad5b521545e7", size = 14611, upload-time = "2025-10-01T02:14:40.154Z" },
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "urllib3"
|
||||||
|
version = "2.7.0"
|
||||||
|
source = { registry = "https://pypi.org/simple" }
|
||||||
|
sdist = { url = "https://files.pythonhosted.org/packages/53/0c/06f8b233b8fd13b9e5ee11424ef85419ba0d8ba0b3138bf360be2ff56953/urllib3-2.7.0.tar.gz", hash = "sha256:231e0ec3b63ceb14667c67be60f2f2c40a518cb38b03af60abc813da26505f4c", size = 433602, upload-time = "2026-05-07T16:13:18.596Z" }
|
||||||
|
wheels = [
|
||||||
|
{ url = "https://files.pythonhosted.org/packages/7f/3e/5db95bcf282c52709639744ca2a8b149baccf648e39c8cc87553df9eae0c/urllib3-2.7.0-py3-none-any.whl", hash = "sha256:9fb4c81ebbb1ce9531cce37674bbc6f1360472bc18ca9a553ede278ef7276897", size = 131087, upload-time = "2026-05-07T16:13:17.151Z" },
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "uvicorn"
|
name = "uvicorn"
|
||||||
version = "0.49.0"
|
version = "0.49.0"
|
||||||
|
|||||||
@@ -12,6 +12,11 @@ services:
|
|||||||
context: ../backend
|
context: ../backend
|
||||||
dockerfile: Dockerfile
|
dockerfile: Dockerfile
|
||||||
|
|
||||||
|
worker:
|
||||||
|
build:
|
||||||
|
context: ../backend
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
|
||||||
frontend:
|
frontend:
|
||||||
build:
|
build:
|
||||||
context: ../frontend
|
context: ../frontend
|
||||||
|
|||||||
@@ -40,8 +40,15 @@ services:
|
|||||||
retries: 10
|
retries: 10
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
||||||
backend:
|
# One-shot schema migration: runs `alembic upgrade head` and exits. Backend
|
||||||
|
# and worker wait for it to finish, so on `docker compose up` the schema is
|
||||||
|
# always current before the app serves traffic — no manual migrate step.
|
||||||
|
# NOTE: a pure Watchtower image-swap recreates only the long-running
|
||||||
|
# containers, not this one-shot job, so Watchtower deploys should be paired
|
||||||
|
# with a `compose up` (see deploy docs) to re-run migrations.
|
||||||
|
migrate:
|
||||||
image: git.jpaul.io/justin/provenance-backend:${IMAGE_TAG:-test-main}
|
image: git.jpaul.io/justin/provenance-backend:${IMAGE_TAG:-test-main}
|
||||||
|
command: ["uv", "run", "--no-dev", "alembic", "upgrade", "head"]
|
||||||
labels:
|
labels:
|
||||||
com.centurylinklabs.watchtower.enable: "true"
|
com.centurylinklabs.watchtower.enable: "true"
|
||||||
environment:
|
environment:
|
||||||
@@ -50,6 +57,32 @@ services:
|
|||||||
depends_on:
|
depends_on:
|
||||||
postgres:
|
postgres:
|
||||||
condition: service_healthy
|
condition: service_healthy
|
||||||
|
restart: "no"
|
||||||
|
|
||||||
|
backend:
|
||||||
|
image: git.jpaul.io/justin/provenance-backend:${IMAGE_TAG:-test-main}
|
||||||
|
labels:
|
||||||
|
com.centurylinklabs.watchtower.enable: "true"
|
||||||
|
environment:
|
||||||
|
APP_ENV: ${APP_ENV:-development}
|
||||||
|
# Self-migrate on start so a Watchtower in-place image swap applies any new
|
||||||
|
# migrations (idempotent). The one-shot `migrate` service covers the same
|
||||||
|
# for `compose up`; the depends_on below serializes them so they never run
|
||||||
|
# alembic concurrently.
|
||||||
|
RUN_MIGRATIONS: "1"
|
||||||
|
DATABASE_URL: ${DATABASE_URL:-postgresql+asyncpg://provenance:provenance@postgres:5432/provenance}
|
||||||
|
S3_ENDPOINT_URL: ${S3_ENDPOINT_URL:-http://minio:9000}
|
||||||
|
S3_BUCKET: ${S3_BUCKET:-provenance}
|
||||||
|
S3_ACCESS_KEY: ${S3_ACCESS_KEY:-provenance}
|
||||||
|
S3_SECRET_KEY: ${S3_SECRET_KEY:-change-me-too}
|
||||||
|
S3_REGION: ${S3_REGION:-us-east-1}
|
||||||
|
depends_on:
|
||||||
|
postgres:
|
||||||
|
condition: service_healthy
|
||||||
|
minio:
|
||||||
|
condition: service_healthy
|
||||||
|
migrate:
|
||||||
|
condition: service_completed_successfully
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test:
|
test:
|
||||||
- CMD-SHELL
|
- CMD-SHELL
|
||||||
@@ -62,6 +95,30 @@ services:
|
|||||||
start_period: 20s
|
start_period: 20s
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
||||||
|
# Background worker — same image as the backend, run in worker mode.
|
||||||
|
# First job: the scheduled soft-delete purge (and media object cleanup).
|
||||||
|
worker:
|
||||||
|
image: git.jpaul.io/justin/provenance-backend:${IMAGE_TAG:-test-main}
|
||||||
|
command: ["uv", "run", "--no-dev", "python", "-m", "app.worker"]
|
||||||
|
labels:
|
||||||
|
com.centurylinklabs.watchtower.enable: "true"
|
||||||
|
environment:
|
||||||
|
APP_ENV: ${APP_ENV:-development}
|
||||||
|
DATABASE_URL: ${DATABASE_URL:-postgresql+asyncpg://provenance:provenance@postgres:5432/provenance}
|
||||||
|
S3_ENDPOINT_URL: ${S3_ENDPOINT_URL:-http://minio:9000}
|
||||||
|
S3_BUCKET: ${S3_BUCKET:-provenance}
|
||||||
|
S3_ACCESS_KEY: ${S3_ACCESS_KEY:-provenance}
|
||||||
|
S3_SECRET_KEY: ${S3_SECRET_KEY:-change-me-too}
|
||||||
|
S3_REGION: ${S3_REGION:-us-east-1}
|
||||||
|
depends_on:
|
||||||
|
postgres:
|
||||||
|
condition: service_healthy
|
||||||
|
minio:
|
||||||
|
condition: service_healthy
|
||||||
|
migrate:
|
||||||
|
condition: service_completed_successfully
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
frontend:
|
frontend:
|
||||||
image: git.jpaul.io/justin/provenance-frontend:${IMAGE_TAG:-test-main}
|
image: git.jpaul.io/justin/provenance-frontend:${IMAGE_TAG:-test-main}
|
||||||
labels:
|
labels:
|
||||||
|
|||||||
@@ -0,0 +1,157 @@
|
|||||||
|
# Design note: tree visibility & the public viewing surface
|
||||||
|
|
||||||
|
Status: **proposed** (design only — no code yet). Owner: Justin. Created 2026-06-09.
|
||||||
|
|
||||||
|
This is a privacy-critical change (it creates the first anonymous read surface in
|
||||||
|
Provenance). Per CLAUDE.md, design before code. Implementation should land in
|
||||||
|
small, individually-reviewable PRs, with tests on the privacy engine and the
|
||||||
|
public read path before any anonymous endpoint is exposed.
|
||||||
|
|
||||||
|
## 1. The model
|
||||||
|
|
||||||
|
Visibility flattens **two axes** — *who may read* and *how discoverable* — into one
|
||||||
|
ordered enum for the UI:
|
||||||
|
|
||||||
|
| Level | Anonymous (no login) | Any logged-in user | Tree members | In-app directory | Search-indexed |
|
||||||
|
|---|---|---|---|---|---|
|
||||||
|
| `public` — anyone on the web | ✅ view¹ | ✅ view¹ | ✅ full | ✅ listed to everyone | ✅ sitemap + indexable |
|
||||||
|
| `site_members` — Public, Site Members | ❌ | ✅ view¹ | ✅ full | ✅ listed to logged-in users | ❌ (`noindex`) |
|
||||||
|
| `unlisted` — anyone with the link | ✅ via direct link¹ | ✅ via link¹ | ✅ full | ❌ never listed | ❌ (`noindex`) |
|
||||||
|
| `private` | ❌ | ❌ | ✅ full | ❌ | ❌ |
|
||||||
|
|
||||||
|
¹ **Every non-member view passes through the privacy engine.** Living people are
|
||||||
|
redacted, and per-person `private` hides / `public` reveals, exactly as
|
||||||
|
`person_visibility()` already does (`backend/app/services/privacy.py:100-110`).
|
||||||
|
This is the single enforcement point — no public code path may issue a raw query.
|
||||||
|
|
||||||
|
Decisions captured (2026-06-09):
|
||||||
|
- **Unlisted** = anyone with the link, no account required. The link must be
|
||||||
|
**unguessable** (the tree UUID is already non-enumerable; do not add a public
|
||||||
|
integer id). Unlisted trees are excluded from the directory and sitemap and
|
||||||
|
served `noindex`.
|
||||||
|
- **Public** discovery for v1 includes **an in-app public browse/search**, not
|
||||||
|
just search-engine indexing.
|
||||||
|
- **Public – Site Members** = *any* registered account on this instance (not an
|
||||||
|
invite list — that is already tree membership / `private`).
|
||||||
|
|
||||||
|
## 2. Data model
|
||||||
|
|
||||||
|
`TreeVisibility` enum (`backend/app/models/enums.py`) gains a value:
|
||||||
|
|
||||||
|
```
|
||||||
|
public # anyone on the web
|
||||||
|
site_members # any authenticated user of this instance <-- NEW
|
||||||
|
unlisted # anyone with the link
|
||||||
|
private # members only (default)
|
||||||
|
```
|
||||||
|
|
||||||
|
- Alembic migration to `ALTER TYPE tree_visibility ADD VALUE 'site_members'`
|
||||||
|
(Postgres enum add-value cannot run inside a transaction with other DDL — use
|
||||||
|
`op.execute` with autocommit, separate migration).
|
||||||
|
- Default stays `private`. Existing rows unchanged.
|
||||||
|
- `TreeRead`/`TreeUpdate`/`TreeCreate` schemas already carry the enum; they pick
|
||||||
|
up the new value automatically. The OpenAPI client regen (`gen:api`) exposes it
|
||||||
|
to the frontend.
|
||||||
|
|
||||||
|
## 3. Privacy engine
|
||||||
|
|
||||||
|
`can_view_tree()` today treats `public` and `unlisted` identically and ignores
|
||||||
|
whether the viewer is anonymous vs authenticated (`privacy.py:44-49`). Replace the
|
||||||
|
final line with explicit branching on viewer auth state:
|
||||||
|
|
||||||
|
```
|
||||||
|
if membership: return True # members always
|
||||||
|
match tree.visibility:
|
||||||
|
public, unlisted: return True # anonymous OK (unlisted gated only by knowing the link)
|
||||||
|
site_members: return user_id is not None # any logged-in account
|
||||||
|
private: return False
|
||||||
|
```
|
||||||
|
|
||||||
|
`person_visibility()` is unchanged — it already redacts living/private people for
|
||||||
|
non-members. Add focused unit tests: anonymous + each visibility; living person
|
||||||
|
redacted on public/unlisted; `site_members` denies anonymous but allows a
|
||||||
|
logged-in non-member; `private` denies both.
|
||||||
|
|
||||||
|
## 4. The anonymous read path (the careful part)
|
||||||
|
|
||||||
|
**Recommendation: a dedicated read-only public API namespace**, not optional-auth
|
||||||
|
on the existing endpoints. Rationale: it is far easier to audit a small,
|
||||||
|
purpose-built surface that *always* funnels through `person_visibility` than to
|
||||||
|
weaken the membership checks on the authenticated endpoints and hope every branch
|
||||||
|
is covered.
|
||||||
|
|
||||||
|
- New router `app/api/v1/public.py`, mounted at `/api/v1/public`, with an
|
||||||
|
**optional-auth** dependency `CurrentUserOrNone` (returns `User | None`; never
|
||||||
|
401s). Contrast with `CurrentUser` (`deps.py:30-36`) which hard-401s.
|
||||||
|
- Endpoints (read-only; no create/update/delete):
|
||||||
|
- `GET /public/trees` — directory: lists `public` to everyone; additionally
|
||||||
|
lists `site_members` when the caller is authenticated. Paginated, search via
|
||||||
|
existing `pg_trgm`. Never lists `unlisted`/`private`.
|
||||||
|
- `GET /public/trees/{id}` — tree metadata if `can_view_tree(user_or_none)`.
|
||||||
|
- `GET /public/trees/{id}/persons`, `/persons/{pid}`, `/relationships`,
|
||||||
|
`/events`, `/media`, … — each filtered through `person_visibility`, returning
|
||||||
|
redacted projections (a `PublicPersonRead` that omits PII for redacted people:
|
||||||
|
no exact dates, no living-person names beyond "Living", etc.).
|
||||||
|
- **A redacted response schema**, distinct from the member `PersonRead`, so the
|
||||||
|
serializer physically cannot emit fields a non-member shouldn't see. Redaction
|
||||||
|
happens in the service, not the route.
|
||||||
|
- **Rate limiting** on the public namespace (per-IP) to blunt scraping/enumeration.
|
||||||
|
- **Audit**: count public reads; do not log PII.
|
||||||
|
|
||||||
|
## 5. Frontend public pages
|
||||||
|
|
||||||
|
- New **server-rendered** routes outside the authed app shell, e.g.
|
||||||
|
`/p/[treeId]` (tree), `/p/[treeId]/[personId]` (person), `/explore` (directory).
|
||||||
|
Server components fetch the `/api/v1/public/*` endpoints; no login redirect.
|
||||||
|
- `robots`: allow + sitemap for `public`; `noindex, nofollow` meta for `unlisted`
|
||||||
|
and `site_members`. Sitemap lists only `public` trees/persons.
|
||||||
|
- The directory `/explore` is anonymous for `public`; shows `site_members` trees
|
||||||
|
only to logged-in users.
|
||||||
|
- Reuse the tree/person view components where possible, fed by the redacted
|
||||||
|
schema.
|
||||||
|
|
||||||
|
## 6. UI control
|
||||||
|
|
||||||
|
Update the visibility dropdown (`frontend/app/trees/page.tsx`, shipped in PR #41)
|
||||||
|
from 3 to 4 options with helper text:
|
||||||
|
|
||||||
|
```
|
||||||
|
Private — only you and people you invite
|
||||||
|
Public – Members — any signed-in user on this site
|
||||||
|
Unlisted — anyone with the link (not listed or indexed)
|
||||||
|
Public — anyone on the web; listed and search-indexable
|
||||||
|
```
|
||||||
|
|
||||||
|
A short confirmation when switching *to* `public` ("This makes <tree> visible to
|
||||||
|
anyone on the web. Living people stay hidden.") is worthwhile given the stakes.
|
||||||
|
|
||||||
|
## 7. Guardrails / invariants
|
||||||
|
|
||||||
|
- One enforcement point: every public response is built from `person_visibility`
|
||||||
|
output. No raw repository reads in the public router.
|
||||||
|
- Living-person protection holds regardless of tree visibility.
|
||||||
|
- Unlisted relies on UUID unguessability; never expose a sequential public id.
|
||||||
|
- `noindex` everything except `public`; sitemap is `public`-only.
|
||||||
|
- Tests gate the merge: privacy-engine matrix + an integration test that hits the
|
||||||
|
public endpoints anonymously and asserts no living-person PII leaks.
|
||||||
|
|
||||||
|
## 8. Suggested phasing (small PRs)
|
||||||
|
|
||||||
|
1. Enum value + migration + regen client (+ dropdown → 4 options). No behavior
|
||||||
|
change yet for non-members.
|
||||||
|
2. Privacy-engine branching + unit tests.
|
||||||
|
3. Public read API namespace (optional-auth, redacted schema, rate limit) + tests.
|
||||||
|
4. Public frontend pages (`/p/...`) + robots/sitemap.
|
||||||
|
5. In-app `/explore` directory + search.
|
||||||
|
|
||||||
|
Steps 2–3 are the privacy-critical core and should be reviewed hardest.
|
||||||
|
|
||||||
|
## 9. Open questions
|
||||||
|
|
||||||
|
- Caching: public pages are cacheable for SEO, but cache keys must not blur the
|
||||||
|
redacted-vs-member rendering. Likely: cache only the anonymous projection at the
|
||||||
|
edge; never cache member responses.
|
||||||
|
- Do `site_members` trees appear in the sitemap for logged-in crawling? (Default:
|
||||||
|
no — `noindex`.)
|
||||||
|
- Per-tree opt-out of the directory even when `public`? (Probably unnecessary;
|
||||||
|
`unlisted` already covers "reachable but not listed.")
|
||||||
@@ -3,4 +3,5 @@
|
|||||||
/out
|
/out
|
||||||
/build
|
/build
|
||||||
next-env.d.ts
|
next-env.d.ts
|
||||||
|
*.tsbuildinfo
|
||||||
.env*.local
|
.env*.local
|
||||||
|
|||||||
@@ -3,6 +3,9 @@
|
|||||||
FROM node:22-bookworm-slim AS deps
|
FROM node:22-bookworm-slim AS deps
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
COPY package.json package-lock.json ./
|
COPY package.json package-lock.json ./
|
||||||
|
# patches/ must be present before `npm ci` so the postinstall (patch-package)
|
||||||
|
# can apply our vendored family-chart layout fix.
|
||||||
|
COPY patches ./patches
|
||||||
RUN npm ci
|
RUN npm ci
|
||||||
|
|
||||||
FROM node:22-bookworm-slim AS build
|
FROM node:22-bookworm-slim AS build
|
||||||
|
|||||||
@@ -11,23 +11,28 @@
|
|||||||
--font-serif: var(--font-fraunces), Georgia, "Times New Roman", ui-serif, serif;
|
--font-serif: var(--font-fraunces), Georgia, "Times New Roman", ui-serif, serif;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Adaptive tokens — ink/paper flip for light/dark; bronze + paper are constant. */
|
/* Adaptive tokens — ink/paper flip for light/dark; bronze + paper are constant.
|
||||||
|
Theme is class-based (.dark on <html>) so it can be toggled manually; an inline
|
||||||
|
script in the root layout sets it pre-paint from the saved choice or the OS. */
|
||||||
:root {
|
:root {
|
||||||
--background: #f7f3ec;
|
--background: #f7f3ec;
|
||||||
--foreground: #1a1a17;
|
--foreground: #1a1a17;
|
||||||
--muted: #6b6862;
|
--muted: #6b6862;
|
||||||
--surface: #fffdf9;
|
--surface: #fffdf9;
|
||||||
--border: #e6ddcc;
|
--border: #e6ddcc;
|
||||||
|
/* Connector "lines between people" (pedigree + tree chart). Derived from Ink
|
||||||
|
(the brand mark color): a dark line on light, light on dark. */
|
||||||
|
--line: color-mix(in srgb, var(--foreground) 55%, transparent);
|
||||||
|
color-scheme: light;
|
||||||
}
|
}
|
||||||
|
|
||||||
@media (prefers-color-scheme: dark) {
|
.dark {
|
||||||
:root {
|
--background: #161410;
|
||||||
--background: #161410;
|
--foreground: #f2eee6;
|
||||||
--foreground: #f2eee6;
|
--muted: #9a968e;
|
||||||
--muted: #9a968e;
|
--surface: #211d17;
|
||||||
--surface: #211d17;
|
--border: #353029;
|
||||||
--border: #353029;
|
color-scheme: dark;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
body {
|
body {
|
||||||
@@ -54,3 +59,55 @@ h3,
|
|||||||
::selection {
|
::selection {
|
||||||
background: color-mix(in srgb, var(--color-bronze) 22%, transparent);
|
background: color-mix(in srgb, var(--color-bronze) 22%, transparent);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Pedigree bracket connectors (ancestors grow rightward). Each leaf draws its
|
||||||
|
own half of the vertical spine + a horizontal stub, so lines stay correct
|
||||||
|
regardless of box heights: focus → 2 parents, each parent → 2 grandparents. */
|
||||||
|
.ped-person {
|
||||||
|
display: flex;
|
||||||
|
align-items: center;
|
||||||
|
}
|
||||||
|
.ped-self {
|
||||||
|
flex-shrink: 0;
|
||||||
|
}
|
||||||
|
.ped-branch {
|
||||||
|
position: relative;
|
||||||
|
display: flex;
|
||||||
|
flex-direction: column;
|
||||||
|
gap: 0.75rem;
|
||||||
|
margin-left: 2.5rem;
|
||||||
|
}
|
||||||
|
.ped-branch::before {
|
||||||
|
content: "";
|
||||||
|
position: absolute;
|
||||||
|
left: -2.5rem;
|
||||||
|
top: 50%;
|
||||||
|
width: 2.5rem;
|
||||||
|
border-top: 1px solid var(--line);
|
||||||
|
}
|
||||||
|
.ped-leaf {
|
||||||
|
position: relative;
|
||||||
|
padding-left: 1.5rem;
|
||||||
|
}
|
||||||
|
.ped-leaf::before {
|
||||||
|
content: "";
|
||||||
|
position: absolute;
|
||||||
|
left: 0;
|
||||||
|
top: 50%;
|
||||||
|
width: 1.5rem;
|
||||||
|
border-top: 1px solid var(--line);
|
||||||
|
}
|
||||||
|
.ped-leaf::after {
|
||||||
|
content: "";
|
||||||
|
position: absolute;
|
||||||
|
left: 0;
|
||||||
|
top: 0;
|
||||||
|
bottom: 0;
|
||||||
|
border-left: 1px solid var(--line);
|
||||||
|
}
|
||||||
|
.ped-leaf:first-child::after {
|
||||||
|
top: 50%;
|
||||||
|
}
|
||||||
|
.ped-leaf:last-child::after {
|
||||||
|
bottom: 50%;
|
||||||
|
}
|
||||||
|
|||||||
@@ -0,0 +1,5 @@
|
|||||||
|
import { AppShell } from "@/components/app-shell";
|
||||||
|
|
||||||
|
export default function ImportLayout({ children }: { children: React.ReactNode }) {
|
||||||
|
return <AppShell>{children}</AppShell>;
|
||||||
|
}
|
||||||
@@ -0,0 +1,15 @@
|
|||||||
|
import { GedcomImport } from "@/components/gedcom-import";
|
||||||
|
|
||||||
|
export default function ImportPage() {
|
||||||
|
return (
|
||||||
|
<div className="space-y-6">
|
||||||
|
<div>
|
||||||
|
<h1 className="text-2xl font-semibold">Import</h1>
|
||||||
|
<p className="mt-1 text-sm text-[var(--muted)]">
|
||||||
|
Bring in a GEDCOM file — start a brand-new tree, or add to one you already have.
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
<GedcomImport />
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
+9
-33
@@ -1,10 +1,8 @@
|
|||||||
import type { Metadata } from "next";
|
import type { Metadata } from "next";
|
||||||
import { Fraunces, Inter } from "next/font/google";
|
import { Fraunces, Inter } from "next/font/google";
|
||||||
import Link from "next/link";
|
|
||||||
|
|
||||||
import "./globals.css";
|
import "./globals.css";
|
||||||
|
|
||||||
// Heritage display serif + clean humanist sans (per docs/brand typography).
|
|
||||||
const serif = Fraunces({
|
const serif = Fraunces({
|
||||||
subsets: ["latin"],
|
subsets: ["latin"],
|
||||||
variable: "--font-fraunces",
|
variable: "--font-fraunces",
|
||||||
@@ -20,39 +18,17 @@ export const metadata: Metadata = {
|
|||||||
icons: { icon: "/favicon.svg" },
|
icons: { icon: "/favicon.svg" },
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// Sets the theme class before first paint to avoid a flash; reads the saved
|
||||||
|
// choice ("light"/"dark"/"system") or falls back to the OS preference.
|
||||||
|
const themeScript = `(function(){try{var t=localStorage.getItem("theme");var d=t==="dark"||((!t||t==="system")&&window.matchMedia("(prefers-color-scheme: dark)").matches);document.documentElement.classList.toggle("dark",d);}catch(e){}})();`;
|
||||||
|
|
||||||
export default function RootLayout({ children }: { children: React.ReactNode }) {
|
export default function RootLayout({ children }: { children: React.ReactNode }) {
|
||||||
return (
|
return (
|
||||||
<html lang="en" className={`${serif.variable} ${sans.variable}`}>
|
<html lang="en" className={`${serif.variable} ${sans.variable}`} suppressHydrationWarning>
|
||||||
<body className="flex min-h-screen flex-col antialiased">
|
<head>
|
||||||
<header className="sticky top-0 z-20 border-b border-[var(--border)] bg-[var(--background)]">
|
<script dangerouslySetInnerHTML={{ __html: themeScript }} />
|
||||||
<div className="mx-auto flex max-w-5xl items-center justify-between px-5 py-3.5">
|
</head>
|
||||||
<Link href="/" className="flex items-center" aria-label="Provenance — home">
|
<body className="min-h-screen antialiased">{children}</body>
|
||||||
{/* eslint-disable-next-line @next/next/no-img-element */}
|
|
||||||
<img src="/provenance-logo-plain.svg" alt="Provenance" className="h-7 w-auto" />
|
|
||||||
</Link>
|
|
||||||
<nav className="flex items-center gap-6 text-sm">
|
|
||||||
<Link href="/trees" className="text-[var(--muted)] transition-colors hover:text-[var(--foreground)]">
|
|
||||||
Trees
|
|
||||||
</Link>
|
|
||||||
<Link
|
|
||||||
href="/login"
|
|
||||||
className="rounded-full border border-[var(--border)] px-4 py-1.5 font-medium transition-colors hover:border-bronze hover:text-bronze"
|
|
||||||
>
|
|
||||||
Sign in
|
|
||||||
</Link>
|
|
||||||
</nav>
|
|
||||||
</div>
|
|
||||||
</header>
|
|
||||||
|
|
||||||
<main className="mx-auto w-full max-w-5xl flex-1 px-5 py-10">{children}</main>
|
|
||||||
|
|
||||||
<footer className="border-t border-[var(--border)]">
|
|
||||||
<div className="mx-auto flex max-w-5xl flex-wrap items-center justify-between gap-2 px-5 py-6 text-sm text-[var(--muted)]">
|
|
||||||
<span className="font-serif text-base italic">where it came from matters</span>
|
|
||||||
<span>Self-hosted · source-available · your data, your infrastructure</span>
|
|
||||||
</div>
|
|
||||||
</footer>
|
|
||||||
</body>
|
|
||||||
</html>
|
</html>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -31,7 +31,13 @@ export default function LoginPage() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<Card className="mx-auto max-w-md">
|
<div className="grid min-h-screen place-items-center px-4 py-10">
|
||||||
|
<div className="w-full max-w-md space-y-6">
|
||||||
|
<Link href="/" className="flex justify-center" aria-label="Provenance — home">
|
||||||
|
{/* eslint-disable-next-line @next/next/no-img-element */}
|
||||||
|
<img src="/provenance-logo-plain.svg" alt="Provenance" className="h-8 w-auto" />
|
||||||
|
</Link>
|
||||||
|
<Card>
|
||||||
<CardHeader>
|
<CardHeader>
|
||||||
<CardTitle>Sign in</CardTitle>
|
<CardTitle>Sign in</CardTitle>
|
||||||
</CardHeader>
|
</CardHeader>
|
||||||
@@ -70,5 +76,7 @@ export default function LoginPage() {
|
|||||||
</p>
|
</p>
|
||||||
</CardContent>
|
</CardContent>
|
||||||
</Card>
|
</Card>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
+72
-44
@@ -23,55 +23,83 @@ const features = [
|
|||||||
|
|
||||||
export default function Home() {
|
export default function Home() {
|
||||||
return (
|
return (
|
||||||
<div className="space-y-20 py-6 sm:py-12">
|
<div className="flex min-h-screen flex-col">
|
||||||
<section className="grid items-center gap-10 sm:grid-cols-[1.3fr_1fr]">
|
<header className="border-b border-[var(--border)]">
|
||||||
<div>
|
<div className="mx-auto flex max-w-5xl items-center justify-between px-6 py-4">
|
||||||
<p className="text-xs font-semibold uppercase tracking-[0.2em] text-bronze">
|
<Link href="/" aria-label="Provenance — home">
|
||||||
Family · Land · Provenance
|
|
||||||
</p>
|
|
||||||
<h1 className="mt-4 text-5xl font-semibold leading-[1.04] tracking-tight sm:text-6xl">
|
|
||||||
Where it came from{" "}
|
|
||||||
<span className="italic text-bronze">matters</span>.
|
|
||||||
</h1>
|
|
||||||
<p className="mt-6 max-w-xl text-lg leading-relaxed text-[var(--muted)]">
|
|
||||||
Trace your family and your land in one place — every name, every parcel, every claim
|
|
||||||
linked to the record it came from. Self-hosted, sourced, and yours to keep.
|
|
||||||
</p>
|
|
||||||
<div className="mt-8 flex flex-wrap gap-3">
|
|
||||||
<Link href="/register">
|
|
||||||
<Button size="lg">Create your account</Button>
|
|
||||||
</Link>
|
|
||||||
<Link href="/login">
|
|
||||||
<Button size="lg" variant="outline">
|
|
||||||
Sign in
|
|
||||||
</Button>
|
|
||||||
</Link>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div className="hidden justify-self-end sm:block">
|
|
||||||
<div className="relative grid h-64 w-64 place-items-center rounded-full border border-[var(--border)] bg-[var(--surface)] shadow-[0_24px_60px_-24px_rgba(160,106,66,0.35)]">
|
|
||||||
{/* eslint-disable-next-line @next/next/no-img-element */}
|
{/* eslint-disable-next-line @next/next/no-img-element */}
|
||||||
<img src="/provenance-mark.svg" alt="" className="h-36 w-36" />
|
<img src="/provenance-logo-plain.svg" alt="Provenance" className="h-7 w-auto" />
|
||||||
<MapPin className="absolute -right-2 top-10 h-7 w-7 text-bronze" />
|
</Link>
|
||||||
</div>
|
<nav className="flex items-center gap-5 text-sm">
|
||||||
|
<Link href="/trees" className="text-[var(--muted)] hover:text-[var(--foreground)]">
|
||||||
|
Trees
|
||||||
|
</Link>
|
||||||
|
<Link
|
||||||
|
href="/login"
|
||||||
|
className="rounded-full border border-[var(--border)] px-4 py-1.5 font-medium hover:border-bronze hover:text-bronze"
|
||||||
|
>
|
||||||
|
Sign in
|
||||||
|
</Link>
|
||||||
|
</nav>
|
||||||
</div>
|
</div>
|
||||||
</section>
|
</header>
|
||||||
|
|
||||||
<section className="grid gap-5 sm:grid-cols-3">
|
<main className="mx-auto w-full max-w-5xl flex-1 px-6">
|
||||||
{features.map((f) => (
|
<section className="grid items-center gap-10 py-16 sm:grid-cols-[1.3fr_1fr] sm:py-24">
|
||||||
<div
|
<div>
|
||||||
key={f.title}
|
<p className="text-xs font-semibold uppercase tracking-[0.2em] text-bronze">
|
||||||
className="rounded-xl border border-[var(--border)] bg-[var(--surface)] p-6 shadow-[0_1px_2px_rgba(26,26,23,0.04)]"
|
Family · Land · Provenance
|
||||||
>
|
</p>
|
||||||
<div className="grid h-10 w-10 place-items-center rounded-lg bg-bronze/12 text-bronze">
|
<h1 className="mt-4 text-5xl font-semibold leading-[1.04] tracking-tight sm:text-6xl">
|
||||||
<f.icon className="h-5 w-5" />
|
Where it came from <span className="italic text-bronze">matters</span>.
|
||||||
|
</h1>
|
||||||
|
<p className="mt-6 max-w-xl text-lg leading-relaxed text-[var(--muted)]">
|
||||||
|
Trace your family and your land in one place — every name, every parcel, every claim
|
||||||
|
linked to the record it came from. Self-hosted, sourced, and yours to keep.
|
||||||
|
</p>
|
||||||
|
<div className="mt-8 flex flex-wrap gap-3">
|
||||||
|
<Link href="/register">
|
||||||
|
<Button size="lg">Create your account</Button>
|
||||||
|
</Link>
|
||||||
|
<Link href="/login">
|
||||||
|
<Button size="lg" variant="outline">
|
||||||
|
Sign in
|
||||||
|
</Button>
|
||||||
|
</Link>
|
||||||
</div>
|
</div>
|
||||||
<h2 className="mt-4 text-lg font-semibold">{f.title}</h2>
|
|
||||||
<p className="mt-2 text-sm leading-relaxed text-[var(--muted)]">{f.body}</p>
|
|
||||||
</div>
|
</div>
|
||||||
))}
|
|
||||||
</section>
|
<div className="hidden justify-self-end sm:block">
|
||||||
|
<div className="relative grid h-64 w-64 place-items-center rounded-full border border-[var(--border)] bg-[var(--surface)] shadow-[0_24px_60px_-24px_rgba(160,106,66,0.35)]">
|
||||||
|
{/* eslint-disable-next-line @next/next/no-img-element */}
|
||||||
|
<img src="/provenance-mark.svg" alt="" className="h-36 w-36" />
|
||||||
|
<MapPin className="absolute -right-2 top-10 h-7 w-7 text-bronze" />
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</section>
|
||||||
|
|
||||||
|
<section className="grid gap-5 pb-20 sm:grid-cols-3">
|
||||||
|
{features.map((f) => (
|
||||||
|
<div
|
||||||
|
key={f.title}
|
||||||
|
className="rounded-xl border border-[var(--border)] bg-[var(--surface)] p-6 shadow-[0_1px_2px_rgba(26,26,23,0.04)]"
|
||||||
|
>
|
||||||
|
<div className="grid h-10 w-10 place-items-center rounded-lg bg-bronze/12 text-bronze">
|
||||||
|
<f.icon className="h-5 w-5" />
|
||||||
|
</div>
|
||||||
|
<h2 className="mt-4 text-lg font-semibold">{f.title}</h2>
|
||||||
|
<p className="mt-2 text-sm leading-relaxed text-[var(--muted)]">{f.body}</p>
|
||||||
|
</div>
|
||||||
|
))}
|
||||||
|
</section>
|
||||||
|
</main>
|
||||||
|
|
||||||
|
<footer className="border-t border-[var(--border)]">
|
||||||
|
<div className="mx-auto flex max-w-5xl flex-wrap items-center justify-between gap-2 px-6 py-6 text-sm text-[var(--muted)]">
|
||||||
|
<span className="font-serif text-base italic">where it came from matters</span>
|
||||||
|
<span>Self-hosted · source-available · your data, your infrastructure</span>
|
||||||
|
</div>
|
||||||
|
</footer>
|
||||||
</div>
|
</div>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -34,7 +34,13 @@ export default function RegisterPage() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<Card className="mx-auto max-w-md">
|
<div className="grid min-h-screen place-items-center px-4 py-10">
|
||||||
|
<div className="w-full max-w-md space-y-6">
|
||||||
|
<Link href="/" className="flex justify-center" aria-label="Provenance — home">
|
||||||
|
{/* eslint-disable-next-line @next/next/no-img-element */}
|
||||||
|
<img src="/provenance-logo-plain.svg" alt="Provenance" className="h-8 w-auto" />
|
||||||
|
</Link>
|
||||||
|
<Card>
|
||||||
<CardHeader>
|
<CardHeader>
|
||||||
<CardTitle>Create your account</CardTitle>
|
<CardTitle>Create your account</CardTitle>
|
||||||
</CardHeader>
|
</CardHeader>
|
||||||
@@ -78,5 +84,7 @@ export default function RegisterPage() {
|
|||||||
</p>
|
</p>
|
||||||
</CardContent>
|
</CardContent>
|
||||||
</Card>
|
</Card>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,5 @@
|
|||||||
|
import { AppShell } from "@/components/app-shell";
|
||||||
|
|
||||||
|
export default function SettingsLayout({ children }: { children: React.ReactNode }) {
|
||||||
|
return <AppShell>{children}</AppShell>;
|
||||||
|
}
|
||||||
@@ -0,0 +1,229 @@
|
|||||||
|
"use client";
|
||||||
|
|
||||||
|
import { useEffect, useRef, useState } from "react";
|
||||||
|
import { useRouter } from "next/navigation";
|
||||||
|
|
||||||
|
import { api } from "@/lib/api/client";
|
||||||
|
import { Button } from "@/components/ui/button";
|
||||||
|
import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card";
|
||||||
|
import { Input } from "@/components/ui/input";
|
||||||
|
|
||||||
|
export default function SettingsPage() {
|
||||||
|
const router = useRouter();
|
||||||
|
const [me, setMe] = useState<{ display_name: string | null; email: string } | null>(null);
|
||||||
|
|
||||||
|
const [current, setCurrent] = useState("");
|
||||||
|
const [next, setNext] = useState("");
|
||||||
|
const [confirm, setConfirm] = useState("");
|
||||||
|
const [msg, setMsg] = useState<{ kind: "ok" | "err"; text: string } | null>(null);
|
||||||
|
const [busy, setBusy] = useState(false);
|
||||||
|
|
||||||
|
// Data export / restore / delete.
|
||||||
|
const [exporting, setExporting] = useState(false);
|
||||||
|
const [restoreMsg, setRestoreMsg] = useState<string | null>(null);
|
||||||
|
const [restoring, setRestoring] = useState(false);
|
||||||
|
const restoreRef = useRef<HTMLInputElement>(null);
|
||||||
|
const [deleteConfirm, setDeleteConfirm] = useState("");
|
||||||
|
const [deleting, setDeleting] = useState(false);
|
||||||
|
|
||||||
|
useEffect(() => {
|
||||||
|
api.GET("/api/v1/users/me").then((r) => setMe(r.data ?? null));
|
||||||
|
}, []);
|
||||||
|
|
||||||
|
async function exportData() {
|
||||||
|
setExporting(true);
|
||||||
|
const resp = await fetch("/api/v1/users/me/export", { credentials: "include" });
|
||||||
|
if (resp.ok) {
|
||||||
|
const blob = await resp.blob();
|
||||||
|
const url = URL.createObjectURL(blob);
|
||||||
|
const a = document.createElement("a");
|
||||||
|
a.href = url;
|
||||||
|
a.download = "provenance-export.zip";
|
||||||
|
a.click();
|
||||||
|
URL.revokeObjectURL(url);
|
||||||
|
}
|
||||||
|
setExporting(false);
|
||||||
|
}
|
||||||
|
|
||||||
|
async function restoreData(e: React.ChangeEvent<HTMLInputElement>) {
|
||||||
|
const file = e.target.files?.[0];
|
||||||
|
if (restoreRef.current) restoreRef.current.value = "";
|
||||||
|
if (!file) return;
|
||||||
|
setRestoring(true);
|
||||||
|
setRestoreMsg(null);
|
||||||
|
const fd = new FormData();
|
||||||
|
fd.append("file", file);
|
||||||
|
const resp = await fetch("/api/v1/users/me/import", {
|
||||||
|
method: "POST",
|
||||||
|
body: fd,
|
||||||
|
credentials: "include",
|
||||||
|
});
|
||||||
|
setRestoring(false);
|
||||||
|
if (resp.ok) {
|
||||||
|
const c = await resp.json();
|
||||||
|
setRestoreMsg(`Restored ${c.trees} tree(s), ${c.persons} people into new trees.`);
|
||||||
|
} else {
|
||||||
|
setRestoreMsg("That doesn't look like a valid Provenance export.");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
async function deleteAccount() {
|
||||||
|
if (deleteConfirm !== me?.email) return;
|
||||||
|
setDeleting(true);
|
||||||
|
const fd = new FormData();
|
||||||
|
fd.append("confirm_email", deleteConfirm);
|
||||||
|
const resp = await fetch("/api/v1/users/me", {
|
||||||
|
method: "DELETE",
|
||||||
|
body: fd,
|
||||||
|
credentials: "include",
|
||||||
|
});
|
||||||
|
setDeleting(false);
|
||||||
|
if (resp.ok) {
|
||||||
|
await api.POST("/api/v1/auth/logout");
|
||||||
|
router.push("/register");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
async function changePassword(e: React.FormEvent) {
|
||||||
|
e.preventDefault();
|
||||||
|
setMsg(null);
|
||||||
|
if (next.length < 8) {
|
||||||
|
setMsg({ kind: "err", text: "New password must be at least 8 characters." });
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (next !== confirm) {
|
||||||
|
setMsg({ kind: "err", text: "New passwords don't match." });
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
setBusy(true);
|
||||||
|
const { error } = await api.POST("/api/v1/auth/change-password", {
|
||||||
|
body: { current_password: current, new_password: next },
|
||||||
|
});
|
||||||
|
setBusy(false);
|
||||||
|
if (error) {
|
||||||
|
setMsg({ kind: "err", text: "Current password is incorrect." });
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
setCurrent("");
|
||||||
|
setNext("");
|
||||||
|
setConfirm("");
|
||||||
|
setMsg({ kind: "ok", text: "Password changed." });
|
||||||
|
}
|
||||||
|
|
||||||
|
return (
|
||||||
|
<div className="space-y-6">
|
||||||
|
<h1 className="text-2xl font-semibold">Settings</h1>
|
||||||
|
|
||||||
|
<Card>
|
||||||
|
<CardHeader>
|
||||||
|
<CardTitle className="text-base">Account</CardTitle>
|
||||||
|
</CardHeader>
|
||||||
|
<CardContent className="space-y-1 text-sm">
|
||||||
|
<div>
|
||||||
|
<span className="text-[var(--muted)]">Name: </span>
|
||||||
|
{me?.display_name ?? "—"}
|
||||||
|
</div>
|
||||||
|
<div>
|
||||||
|
<span className="text-[var(--muted)]">Email: </span>
|
||||||
|
{me?.email ?? "—"}
|
||||||
|
</div>
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
|
||||||
|
<Card>
|
||||||
|
<CardHeader>
|
||||||
|
<CardTitle className="text-base">Change password</CardTitle>
|
||||||
|
</CardHeader>
|
||||||
|
<CardContent>
|
||||||
|
<form onSubmit={changePassword} className="flex max-w-sm flex-col gap-3">
|
||||||
|
<Input
|
||||||
|
type="password"
|
||||||
|
placeholder="Current password"
|
||||||
|
autoComplete="current-password"
|
||||||
|
value={current}
|
||||||
|
onChange={(e) => setCurrent(e.target.value)}
|
||||||
|
/>
|
||||||
|
<Input
|
||||||
|
type="password"
|
||||||
|
placeholder="New password (min 8 chars)"
|
||||||
|
autoComplete="new-password"
|
||||||
|
value={next}
|
||||||
|
onChange={(e) => setNext(e.target.value)}
|
||||||
|
/>
|
||||||
|
<Input
|
||||||
|
type="password"
|
||||||
|
placeholder="Confirm new password"
|
||||||
|
autoComplete="new-password"
|
||||||
|
value={confirm}
|
||||||
|
onChange={(e) => setConfirm(e.target.value)}
|
||||||
|
/>
|
||||||
|
{msg && (
|
||||||
|
<p className={msg.kind === "ok" ? "text-sm text-bronze" : "text-sm text-red-600"}>
|
||||||
|
{msg.text}
|
||||||
|
</p>
|
||||||
|
)}
|
||||||
|
<Button type="submit" disabled={busy || !current || !next}>
|
||||||
|
{busy ? "Saving…" : "Change password"}
|
||||||
|
</Button>
|
||||||
|
</form>
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
|
||||||
|
<Card>
|
||||||
|
<CardHeader>
|
||||||
|
<CardTitle className="text-base">Your data</CardTitle>
|
||||||
|
</CardHeader>
|
||||||
|
<CardContent className="space-y-5">
|
||||||
|
<div className="space-y-2">
|
||||||
|
<p className="text-sm text-[var(--muted)]">
|
||||||
|
Download a complete backup of every tree you own — people, sources, media, and
|
||||||
|
all — as a zip.
|
||||||
|
</p>
|
||||||
|
<Button variant="outline" onClick={exportData} disabled={exporting}>
|
||||||
|
{exporting ? "Preparing…" : "Export all my data"}
|
||||||
|
</Button>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div className="space-y-2 border-t border-[var(--border)] pt-4">
|
||||||
|
<p className="text-sm text-[var(--muted)]">
|
||||||
|
Restore a backup. It’s imported into <strong>new</strong> trees — nothing existing
|
||||||
|
is touched or overwritten.
|
||||||
|
</p>
|
||||||
|
<input ref={restoreRef} type="file" accept=".zip" onChange={restoreData} className="hidden" />
|
||||||
|
<Button variant="outline" onClick={() => restoreRef.current?.click()} disabled={restoring}>
|
||||||
|
{restoring ? "Restoring…" : "Restore from backup"}
|
||||||
|
</Button>
|
||||||
|
{restoreMsg && <p className="text-sm text-bronze">{restoreMsg}</p>}
|
||||||
|
</div>
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
|
||||||
|
<Card className="border-red-300/60">
|
||||||
|
<CardHeader>
|
||||||
|
<CardTitle className="text-base text-red-700">Delete account</CardTitle>
|
||||||
|
</CardHeader>
|
||||||
|
<CardContent className="space-y-3">
|
||||||
|
<p className="text-sm text-[var(--muted)]">
|
||||||
|
This deletes your account, the trees you own, and signs you out everywhere. Export
|
||||||
|
your data first if you might want it. Type <strong>{me?.email}</strong> to confirm.
|
||||||
|
</p>
|
||||||
|
<div className="flex max-w-sm flex-col gap-2">
|
||||||
|
<Input
|
||||||
|
placeholder="your email"
|
||||||
|
value={deleteConfirm}
|
||||||
|
onChange={(e) => setDeleteConfirm(e.target.value)}
|
||||||
|
/>
|
||||||
|
<Button
|
||||||
|
variant="ghost"
|
||||||
|
className="bg-red-600 text-white hover:bg-red-700 hover:text-white"
|
||||||
|
onClick={deleteAccount}
|
||||||
|
disabled={deleting || deleteConfirm !== me?.email}
|
||||||
|
>
|
||||||
|
{deleting ? "Deleting…" : "Permanently delete my account"}
|
||||||
|
</Button>
|
||||||
|
</div>
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
@@ -0,0 +1,393 @@
|
|||||||
|
"use client";
|
||||||
|
|
||||||
|
import { useCallback, useEffect, useRef, useState } from "react";
|
||||||
|
import { useParams } from "next/navigation";
|
||||||
|
|
||||||
|
import { api } from "@/lib/api/client";
|
||||||
|
import type { components } from "@/lib/api/schema";
|
||||||
|
import { Button } from "@/components/ui/button";
|
||||||
|
import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card";
|
||||||
|
import { Input } from "@/components/ui/input";
|
||||||
|
|
||||||
|
type Deceased = components["schemas"]["DeceasedCandidate"];
|
||||||
|
type GenderProp = components["schemas"]["GenderProposal"];
|
||||||
|
type NameIssue = components["schemas"]["NameIssue"];
|
||||||
|
type Person = components["schemas"]["PersonRead"];
|
||||||
|
|
||||||
|
const ISSUE_LABEL: Record<string, string> = {
|
||||||
|
date_in_surname: "date in surname",
|
||||||
|
date_in_given: "date in given name",
|
||||||
|
no_surname: "no surname",
|
||||||
|
packed_given: "long given name",
|
||||||
|
};
|
||||||
|
|
||||||
|
export default function CleanupPage() {
|
||||||
|
const params = useParams<{ id: string }>();
|
||||||
|
const treeId = params.id;
|
||||||
|
|
||||||
|
// 1) Deceased by birth year
|
||||||
|
const [year, setYear] = useState(1930);
|
||||||
|
const [deceased, setDeceased] = useState<Deceased[] | null>(null);
|
||||||
|
const [decSel, setDecSel] = useState<Set<string>>(new Set());
|
||||||
|
const [decMsg, setDecMsg] = useState<string | null>(null);
|
||||||
|
|
||||||
|
// 2) Gender from source GEDCOM
|
||||||
|
const [gender, setGender] = useState<GenderProp[] | null>(null);
|
||||||
|
const [genSel, setGenSel] = useState<Set<string>>(new Set());
|
||||||
|
const [genMsg, setGenMsg] = useState<string | null>(null);
|
||||||
|
const genFile = useRef<HTMLInputElement>(null);
|
||||||
|
|
||||||
|
// People still missing a sex (manual mop-up)
|
||||||
|
const [unset, setUnset] = useState<Person[] | null>(null);
|
||||||
|
|
||||||
|
// 3) Name issues
|
||||||
|
const [issues, setIssues] = useState<NameIssue[] | null>(null);
|
||||||
|
const [edits, setEdits] = useState<Record<string, { given: string; surname: string; on: boolean }>>({});
|
||||||
|
const [nameMsg, setNameMsg] = useState<string | null>(null);
|
||||||
|
|
||||||
|
async function previewDeceased() {
|
||||||
|
setDecMsg(null);
|
||||||
|
const { data } = await api.GET("/api/v1/trees/{tree_id}/cleanup/deceased", {
|
||||||
|
params: { path: { tree_id: treeId }, query: { born_on_or_before: year } },
|
||||||
|
});
|
||||||
|
setDeceased(data ?? []);
|
||||||
|
setDecSel(new Set((data ?? []).map((d) => d.person_id)));
|
||||||
|
}
|
||||||
|
async function applyDeceased() {
|
||||||
|
const ids = [...decSel];
|
||||||
|
const { data } = await api.POST("/api/v1/trees/{tree_id}/cleanup/deceased", {
|
||||||
|
params: { path: { tree_id: treeId } },
|
||||||
|
body: { person_ids: ids },
|
||||||
|
});
|
||||||
|
setDecMsg(`Marked ${data?.updated ?? 0} people deceased.`);
|
||||||
|
setDeceased(null);
|
||||||
|
}
|
||||||
|
|
||||||
|
async function previewGender(e: React.ChangeEvent<HTMLInputElement>) {
|
||||||
|
const file = e.target.files?.[0];
|
||||||
|
if (genFile.current) genFile.current.value = "";
|
||||||
|
if (!file) return;
|
||||||
|
setGenMsg(null);
|
||||||
|
const fd = new FormData();
|
||||||
|
fd.append("file", file);
|
||||||
|
const resp = await fetch(`/api/v1/trees/${treeId}/cleanup/gender/preview`, {
|
||||||
|
method: "POST",
|
||||||
|
body: fd,
|
||||||
|
credentials: "include",
|
||||||
|
});
|
||||||
|
if (resp.ok) {
|
||||||
|
const data: GenderProp[] = await resp.json();
|
||||||
|
setGender(data);
|
||||||
|
setGenSel(new Set(data.map((g) => g.person_id)));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
const loadUnset = useCallback(async () => {
|
||||||
|
const { data } = await api.GET("/api/v1/trees/{tree_id}/persons", {
|
||||||
|
params: { path: { tree_id: treeId } },
|
||||||
|
});
|
||||||
|
setUnset(
|
||||||
|
(data ?? [])
|
||||||
|
.filter((p) => !p.gender)
|
||||||
|
.sort((a, b) => (a.primary_name ?? "").localeCompare(b.primary_name ?? "")),
|
||||||
|
);
|
||||||
|
}, [treeId]);
|
||||||
|
|
||||||
|
async function setSex(personId: string, gender: "male" | "female") {
|
||||||
|
await api.PATCH("/api/v1/trees/{tree_id}/persons/{person_id}", {
|
||||||
|
params: { path: { tree_id: treeId, person_id: personId } },
|
||||||
|
body: { gender },
|
||||||
|
});
|
||||||
|
setUnset((prev) => (prev ? prev.filter((p) => p.id !== personId) : prev));
|
||||||
|
}
|
||||||
|
|
||||||
|
async function guessGender() {
|
||||||
|
setGenMsg(null);
|
||||||
|
const { data } = await api.GET("/api/v1/trees/{tree_id}/cleanup/gender/guess", {
|
||||||
|
params: { path: { tree_id: treeId } },
|
||||||
|
});
|
||||||
|
setGender(data ?? []);
|
||||||
|
setGenSel(new Set((data ?? []).map((g) => g.person_id)));
|
||||||
|
}
|
||||||
|
|
||||||
|
async function applyGender() {
|
||||||
|
const updates = (gender ?? [])
|
||||||
|
.filter((g) => genSel.has(g.person_id))
|
||||||
|
.map((g) => ({ person_id: g.person_id, gender: g.proposed_gender }));
|
||||||
|
const { data } = await api.POST("/api/v1/trees/{tree_id}/cleanup/gender", {
|
||||||
|
params: { path: { tree_id: treeId } },
|
||||||
|
body: { updates },
|
||||||
|
});
|
||||||
|
setGenMsg(`Set gender on ${data?.updated ?? 0} people.`);
|
||||||
|
setGender(null);
|
||||||
|
loadUnset();
|
||||||
|
}
|
||||||
|
|
||||||
|
const loadNames = useCallback(async () => {
|
||||||
|
setNameMsg(null);
|
||||||
|
const { data } = await api.GET("/api/v1/trees/{tree_id}/cleanup/names", {
|
||||||
|
params: { path: { tree_id: treeId } },
|
||||||
|
});
|
||||||
|
setIssues(data ?? []);
|
||||||
|
const init: Record<string, { given: string; surname: string; on: boolean }> = {};
|
||||||
|
for (const i of data ?? []) {
|
||||||
|
init[i.name_id] = { given: i.given ?? "", surname: i.surname ?? "", on: false };
|
||||||
|
}
|
||||||
|
setEdits(init);
|
||||||
|
}, [treeId]);
|
||||||
|
|
||||||
|
useEffect(() => {
|
||||||
|
loadNames();
|
||||||
|
loadUnset();
|
||||||
|
}, [loadNames, loadUnset]);
|
||||||
|
|
||||||
|
async function applyNames() {
|
||||||
|
const chosen = (issues ?? []).filter((i) => edits[i.name_id]?.on);
|
||||||
|
const body = {
|
||||||
|
edits: chosen.map((i) => ({
|
||||||
|
name_id: i.name_id,
|
||||||
|
given: edits[i.name_id].given,
|
||||||
|
surname: edits[i.name_id].surname,
|
||||||
|
})),
|
||||||
|
};
|
||||||
|
if (!body.edits.length) return;
|
||||||
|
const { data } = await api.POST("/api/v1/trees/{tree_id}/cleanup/names", {
|
||||||
|
params: { path: { tree_id: treeId } },
|
||||||
|
body,
|
||||||
|
});
|
||||||
|
setNameMsg(`Fixed ${data?.updated ?? 0} names.`);
|
||||||
|
loadNames();
|
||||||
|
}
|
||||||
|
|
||||||
|
const toggle = (set: Set<string>, id: string, setter: (s: Set<string>) => void) => {
|
||||||
|
const n = new Set(set);
|
||||||
|
if (n.has(id)) n.delete(id);
|
||||||
|
else n.add(id);
|
||||||
|
setter(n);
|
||||||
|
};
|
||||||
|
|
||||||
|
return (
|
||||||
|
<div className="space-y-6">
|
||||||
|
<div>
|
||||||
|
<h1 className="text-2xl font-semibold">Cleanup</h1>
|
||||||
|
<p className="mt-1 text-sm text-[var(--muted)]">
|
||||||
|
Fix common import messes in bulk. Each tool previews its changes — nothing is saved
|
||||||
|
until you apply.
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{/* 1) Deceased by year */}
|
||||||
|
<Card>
|
||||||
|
<CardHeader>
|
||||||
|
<CardTitle className="text-base">Mark deceased by birth year</CardTitle>
|
||||||
|
</CardHeader>
|
||||||
|
<CardContent className="space-y-3">
|
||||||
|
<div className="flex flex-wrap items-end gap-2">
|
||||||
|
<label className="flex flex-col gap-1 text-sm">
|
||||||
|
<span className="text-xs text-[var(--muted)]">Born on or before</span>
|
||||||
|
<Input
|
||||||
|
type="number"
|
||||||
|
className="w-28"
|
||||||
|
value={year}
|
||||||
|
onChange={(e) => setYear(Number(e.target.value))}
|
||||||
|
/>
|
||||||
|
</label>
|
||||||
|
<Button variant="outline" onClick={previewDeceased}>
|
||||||
|
Preview
|
||||||
|
</Button>
|
||||||
|
</div>
|
||||||
|
{decMsg && <p className="text-sm text-bronze">{decMsg}</p>}
|
||||||
|
{deceased && (
|
||||||
|
<div className="space-y-2">
|
||||||
|
<p className="text-sm text-[var(--muted)]">
|
||||||
|
{deceased.length} people born ≤ {year} (not already marked deceased).
|
||||||
|
</p>
|
||||||
|
<ul className="max-h-64 divide-y divide-[var(--border)] overflow-auto rounded-lg border border-[var(--border)]">
|
||||||
|
{deceased.map((d) => (
|
||||||
|
<li key={d.person_id} className="flex items-center gap-3 px-3 py-1.5 text-sm">
|
||||||
|
<input
|
||||||
|
type="checkbox"
|
||||||
|
checked={decSel.has(d.person_id)}
|
||||||
|
onChange={() => toggle(decSel, d.person_id, setDecSel)}
|
||||||
|
/>
|
||||||
|
<span className="flex-1">{d.name}</span>
|
||||||
|
<span className="text-xs text-[var(--muted)]">b. {d.birth_year}</span>
|
||||||
|
</li>
|
||||||
|
))}
|
||||||
|
</ul>
|
||||||
|
{deceased.length > 0 && (
|
||||||
|
<Button onClick={applyDeceased}>Mark {decSel.size} deceased</Button>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
|
||||||
|
{/* 2) Gender from source */}
|
||||||
|
<Card>
|
||||||
|
<CardHeader>
|
||||||
|
<CardTitle className="text-base">Set sex from a source GEDCOM</CardTitle>
|
||||||
|
</CardHeader>
|
||||||
|
<CardContent className="space-y-3">
|
||||||
|
<p className="text-sm text-[var(--muted)]">
|
||||||
|
Upload your source <code>.ged</code> (it carries each person’s sex). We match by
|
||||||
|
name and propose sex only for people who don’t have it set.
|
||||||
|
</p>
|
||||||
|
<input
|
||||||
|
ref={genFile}
|
||||||
|
type="file"
|
||||||
|
accept=".ged,.gedcom,text/plain"
|
||||||
|
onChange={previewGender}
|
||||||
|
className="hidden"
|
||||||
|
/>
|
||||||
|
<div className="flex flex-wrap gap-2">
|
||||||
|
<Button variant="outline" onClick={() => genFile.current?.click()}>
|
||||||
|
Choose source GEDCOM
|
||||||
|
</Button>
|
||||||
|
<Button variant="outline" onClick={guessGender}>
|
||||||
|
Guess from first name
|
||||||
|
</Button>
|
||||||
|
</div>
|
||||||
|
<p className="text-xs text-[var(--muted)]">
|
||||||
|
“Guess from first name” uses a built-in name dictionary for people with no sex set;
|
||||||
|
ambiguous names (Marion, Frances, …) are left for you to decide.
|
||||||
|
</p>
|
||||||
|
{genMsg && <p className="text-sm text-bronze">{genMsg}</p>}
|
||||||
|
{gender && (
|
||||||
|
<div className="space-y-2">
|
||||||
|
<p className="text-sm text-[var(--muted)]">{gender.length} matches with a sex to set.</p>
|
||||||
|
<ul className="max-h-64 divide-y divide-[var(--border)] overflow-auto rounded-lg border border-[var(--border)]">
|
||||||
|
{gender.map((g) => (
|
||||||
|
<li key={g.person_id} className="flex items-center gap-3 px-3 py-1.5 text-sm">
|
||||||
|
<input
|
||||||
|
type="checkbox"
|
||||||
|
checked={genSel.has(g.person_id)}
|
||||||
|
onChange={() => toggle(genSel, g.person_id, setGenSel)}
|
||||||
|
/>
|
||||||
|
<span className="flex-1">{g.name}</span>
|
||||||
|
<span
|
||||||
|
className="text-xs"
|
||||||
|
style={{
|
||||||
|
color:
|
||||||
|
g.proposed_gender === "male"
|
||||||
|
? "rgb(120,159,172)"
|
||||||
|
: "rgb(196,138,146)",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
{g.proposed_gender}
|
||||||
|
</span>
|
||||||
|
</li>
|
||||||
|
))}
|
||||||
|
</ul>
|
||||||
|
{gender.length > 0 && (
|
||||||
|
<Button onClick={applyGender}>Set sex on {genSel.size} people</Button>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
|
||||||
|
{/* People still missing a sex */}
|
||||||
|
<Card>
|
||||||
|
<CardHeader>
|
||||||
|
<CardTitle className="text-base">
|
||||||
|
People with no sex set{unset ? ` (${unset.length})` : ""}
|
||||||
|
</CardTitle>
|
||||||
|
</CardHeader>
|
||||||
|
<CardContent className="space-y-3">
|
||||||
|
{unset === null ? (
|
||||||
|
<p className="text-sm text-[var(--muted)]">Loading…</p>
|
||||||
|
) : unset.length === 0 ? (
|
||||||
|
<p className="text-sm text-[var(--muted)]">Everyone has a sex set. 🎉</p>
|
||||||
|
) : (
|
||||||
|
<ul className="max-h-80 divide-y divide-[var(--border)] overflow-auto rounded-lg border border-[var(--border)]">
|
||||||
|
{unset.map((p) => (
|
||||||
|
<li key={p.id} className="flex items-center gap-3 px-3 py-1.5 text-sm">
|
||||||
|
<a
|
||||||
|
href={`/trees/${treeId}/persons/${p.id}`}
|
||||||
|
className="flex-1 truncate hover:underline"
|
||||||
|
>
|
||||||
|
{p.primary_name ?? "Unnamed"}
|
||||||
|
</a>
|
||||||
|
<button
|
||||||
|
onClick={() => setSex(p.id, "male")}
|
||||||
|
className="rounded px-2 py-0.5 text-xs"
|
||||||
|
style={{ color: "rgb(120,159,172)", border: "1px solid rgb(120,159,172)" }}
|
||||||
|
>
|
||||||
|
♂ Male
|
||||||
|
</button>
|
||||||
|
<button
|
||||||
|
onClick={() => setSex(p.id, "female")}
|
||||||
|
className="rounded px-2 py-0.5 text-xs"
|
||||||
|
style={{ color: "rgb(196,138,146)", border: "1px solid rgb(196,138,146)" }}
|
||||||
|
>
|
||||||
|
♀ Female
|
||||||
|
</button>
|
||||||
|
</li>
|
||||||
|
))}
|
||||||
|
</ul>
|
||||||
|
)}
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
|
||||||
|
{/* 3) Name issues */}
|
||||||
|
<Card>
|
||||||
|
<CardHeader>
|
||||||
|
<CardTitle className="text-base">Names that look broken</CardTitle>
|
||||||
|
</CardHeader>
|
||||||
|
<CardContent className="space-y-3">
|
||||||
|
{nameMsg && <p className="text-sm text-bronze">{nameMsg}</p>}
|
||||||
|
{issues === null ? (
|
||||||
|
<p className="text-sm text-[var(--muted)]">Scanning…</p>
|
||||||
|
) : issues.length === 0 ? (
|
||||||
|
<p className="text-sm text-[var(--muted)]">No obvious name problems found.</p>
|
||||||
|
) : (
|
||||||
|
<div className="space-y-2">
|
||||||
|
<p className="text-sm text-[var(--muted)]">
|
||||||
|
{issues.length} flagged. Edit given/surname, tick the ones to fix, then apply.
|
||||||
|
</p>
|
||||||
|
<ul className="space-y-2">
|
||||||
|
{issues.map((i) => {
|
||||||
|
const e = edits[i.name_id] ?? { given: "", surname: "", on: false };
|
||||||
|
return (
|
||||||
|
<li key={i.name_id} className="flex flex-wrap items-center gap-2 text-sm">
|
||||||
|
<input
|
||||||
|
type="checkbox"
|
||||||
|
checked={e.on}
|
||||||
|
onChange={() =>
|
||||||
|
setEdits((p) => ({ ...p, [i.name_id]: { ...e, on: !e.on } }))
|
||||||
|
}
|
||||||
|
/>
|
||||||
|
<Input
|
||||||
|
className="h-9 w-40"
|
||||||
|
placeholder="Given"
|
||||||
|
value={e.given}
|
||||||
|
onChange={(ev) =>
|
||||||
|
setEdits((p) => ({ ...p, [i.name_id]: { ...e, given: ev.target.value } }))
|
||||||
|
}
|
||||||
|
/>
|
||||||
|
<Input
|
||||||
|
className="h-9 w-40"
|
||||||
|
placeholder="Surname"
|
||||||
|
value={e.surname}
|
||||||
|
onChange={(ev) =>
|
||||||
|
setEdits((p) => ({
|
||||||
|
...p,
|
||||||
|
[i.name_id]: { ...e, surname: ev.target.value },
|
||||||
|
}))
|
||||||
|
}
|
||||||
|
/>
|
||||||
|
<span className="rounded bg-[var(--border)]/50 px-1.5 py-0.5 text-xs text-[var(--muted)]">
|
||||||
|
{ISSUE_LABEL[i.issue] ?? i.issue}
|
||||||
|
</span>
|
||||||
|
</li>
|
||||||
|
);
|
||||||
|
})}
|
||||||
|
</ul>
|
||||||
|
<Button onClick={applyNames}>Fix selected</Button>
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
@@ -0,0 +1,46 @@
|
|||||||
|
"use client";
|
||||||
|
|
||||||
|
import { useParams } from "next/navigation";
|
||||||
|
|
||||||
|
import { Button } from "@/components/ui/button";
|
||||||
|
import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card";
|
||||||
|
import { GedcomImport } from "@/components/gedcom-import";
|
||||||
|
|
||||||
|
export default function TreeGedcomPage() {
|
||||||
|
const params = useParams<{ id: string }>();
|
||||||
|
const treeId = params.id;
|
||||||
|
|
||||||
|
async function exportGed() {
|
||||||
|
const resp = await fetch(`/api/v1/trees/${treeId}/gedcom/export`, { credentials: "include" });
|
||||||
|
if (!resp.ok) return;
|
||||||
|
const blob = await resp.blob();
|
||||||
|
const url = URL.createObjectURL(blob);
|
||||||
|
const a = document.createElement("a");
|
||||||
|
a.href = url;
|
||||||
|
a.download = "tree.ged";
|
||||||
|
a.click();
|
||||||
|
URL.revokeObjectURL(url);
|
||||||
|
}
|
||||||
|
|
||||||
|
return (
|
||||||
|
<div className="space-y-6">
|
||||||
|
<h1 className="text-2xl font-semibold">Import & export GEDCOM</h1>
|
||||||
|
|
||||||
|
<GedcomImport fixedTreeId={treeId} />
|
||||||
|
|
||||||
|
<Card>
|
||||||
|
<CardHeader>
|
||||||
|
<CardTitle className="text-base">Export this tree</CardTitle>
|
||||||
|
</CardHeader>
|
||||||
|
<CardContent className="space-y-3">
|
||||||
|
<p className="text-sm text-[var(--muted)]">
|
||||||
|
Download this tree as a GEDCOM file — people, relationships, events, and sources.
|
||||||
|
</p>
|
||||||
|
<Button variant="outline" onClick={exportGed}>
|
||||||
|
Download .ged
|
||||||
|
</Button>
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
@@ -0,0 +1,163 @@
|
|||||||
|
"use client";
|
||||||
|
|
||||||
|
import { useParams, useRouter } from "next/navigation";
|
||||||
|
import { useCallback, useEffect, useRef, useState } from "react";
|
||||||
|
|
||||||
|
import { api } from "@/lib/api/client";
|
||||||
|
import type { components } from "@/lib/api/schema";
|
||||||
|
import { Button } from "@/components/ui/button";
|
||||||
|
import { Card, CardContent } from "@/components/ui/card";
|
||||||
|
|
||||||
|
type Media = components["schemas"]["MediaRead"];
|
||||||
|
type Person = components["schemas"]["PersonRead"];
|
||||||
|
|
||||||
|
const fieldCls = "h-8 w-full rounded-md border border-[var(--border)] bg-[var(--surface)] px-2 text-xs";
|
||||||
|
|
||||||
|
function humanSize(bytes: number) {
|
||||||
|
if (bytes < 1024) return `${bytes} B`;
|
||||||
|
if (bytes < 1024 * 1024) return `${(bytes / 1024).toFixed(0)} KB`;
|
||||||
|
return `${(bytes / 1024 / 1024).toFixed(1)} MB`;
|
||||||
|
}
|
||||||
|
|
||||||
|
export default function MediaPage() {
|
||||||
|
const router = useRouter();
|
||||||
|
const params = useParams<{ id: string }>();
|
||||||
|
const treeId = params.id;
|
||||||
|
|
||||||
|
const [items, setItems] = useState<Media[]>([]);
|
||||||
|
const [people, setPeople] = useState<Person[]>([]);
|
||||||
|
const [ready, setReady] = useState(false);
|
||||||
|
const [uploading, setUploading] = useState(false);
|
||||||
|
const fileRef = useRef<HTMLInputElement>(null);
|
||||||
|
|
||||||
|
const load = useCallback(async () => {
|
||||||
|
const { data, response } = await api.GET("/api/v1/trees/{tree_id}/media", {
|
||||||
|
params: { path: { tree_id: treeId } },
|
||||||
|
});
|
||||||
|
if (response.status === 401) {
|
||||||
|
router.push("/login");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const ppl = await api.GET("/api/v1/trees/{tree_id}/persons", {
|
||||||
|
params: { path: { tree_id: treeId } },
|
||||||
|
});
|
||||||
|
setItems(data ?? []);
|
||||||
|
setPeople(ppl.data ?? []);
|
||||||
|
setReady(true);
|
||||||
|
}, [router, treeId]);
|
||||||
|
|
||||||
|
async function linkPerson(mediaId: string, personId: string) {
|
||||||
|
await api.PATCH("/api/v1/trees/{tree_id}/media/{media_id}", {
|
||||||
|
params: { path: { tree_id: treeId, media_id: mediaId } },
|
||||||
|
body: { person_id: personId || null },
|
||||||
|
});
|
||||||
|
load();
|
||||||
|
}
|
||||||
|
|
||||||
|
useEffect(() => {
|
||||||
|
load();
|
||||||
|
}, [load]);
|
||||||
|
|
||||||
|
async function onFile(e: React.ChangeEvent<HTMLInputElement>) {
|
||||||
|
const file = e.target.files?.[0];
|
||||||
|
if (!file) return;
|
||||||
|
setUploading(true);
|
||||||
|
const fd = new FormData();
|
||||||
|
fd.append("file", file);
|
||||||
|
// Plain fetch for multipart (same origin → cookie auth via Caddy).
|
||||||
|
await fetch(`/api/v1/trees/${treeId}/media`, {
|
||||||
|
method: "POST",
|
||||||
|
body: fd,
|
||||||
|
credentials: "include",
|
||||||
|
});
|
||||||
|
setUploading(false);
|
||||||
|
if (fileRef.current) fileRef.current.value = "";
|
||||||
|
load();
|
||||||
|
}
|
||||||
|
|
||||||
|
async function remove(id: string) {
|
||||||
|
await api.DELETE("/api/v1/trees/{tree_id}/media/{media_id}", {
|
||||||
|
params: { path: { tree_id: treeId, media_id: id } },
|
||||||
|
});
|
||||||
|
load();
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!ready) return <p className="text-[var(--muted)]">Loading…</p>;
|
||||||
|
|
||||||
|
return (
|
||||||
|
<div className="space-y-6">
|
||||||
|
<div className="flex flex-wrap items-center justify-between gap-3">
|
||||||
|
<h1 className="text-2xl font-semibold">Media</h1>
|
||||||
|
<div>
|
||||||
|
<input
|
||||||
|
ref={fileRef}
|
||||||
|
type="file"
|
||||||
|
onChange={onFile}
|
||||||
|
className="hidden"
|
||||||
|
id="media-upload"
|
||||||
|
/>
|
||||||
|
<Button onClick={() => fileRef.current?.click()} disabled={uploading}>
|
||||||
|
{uploading ? "Uploading…" : "Upload file"}
|
||||||
|
</Button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{items.length === 0 ? (
|
||||||
|
<p className="text-[var(--muted)]">
|
||||||
|
No media yet — upload scans, photos, or documents and attach them to facts.
|
||||||
|
</p>
|
||||||
|
) : (
|
||||||
|
<div className="grid grid-cols-2 gap-4 sm:grid-cols-3 lg:grid-cols-4">
|
||||||
|
{items.map((m) => (
|
||||||
|
<Card key={m.id} className="overflow-hidden">
|
||||||
|
<a href={m.url ?? "#"} target="_blank" rel="noreferrer" className="block">
|
||||||
|
{m.content_type.startsWith("image/") ? (
|
||||||
|
// eslint-disable-next-line @next/next/no-img-element
|
||||||
|
<img
|
||||||
|
src={m.url ?? ""}
|
||||||
|
alt={m.title ?? m.original_filename}
|
||||||
|
className="aspect-square w-full object-cover"
|
||||||
|
/>
|
||||||
|
) : (
|
||||||
|
<div className="grid aspect-square w-full place-items-center bg-bronze/[0.06] text-3xl font-serif text-bronze">
|
||||||
|
{(m.original_filename.split(".").pop() ?? "file").toUpperCase()}
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
</a>
|
||||||
|
<CardContent className="p-3">
|
||||||
|
<div className="flex items-start justify-between gap-2">
|
||||||
|
<div className="min-w-0">
|
||||||
|
<div className="truncate text-sm font-medium" title={m.original_filename}>
|
||||||
|
{m.title ?? m.original_filename}
|
||||||
|
</div>
|
||||||
|
<div className="text-xs text-[var(--muted)]">{humanSize(m.byte_size)}</div>
|
||||||
|
</div>
|
||||||
|
<button
|
||||||
|
onClick={() => remove(m.id)}
|
||||||
|
className="text-[var(--muted)] hover:text-bronze"
|
||||||
|
aria-label="Remove"
|
||||||
|
>
|
||||||
|
×
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
<select
|
||||||
|
className={`${fieldCls} mt-2`}
|
||||||
|
value={m.person_id ?? ""}
|
||||||
|
onChange={(e) => linkPerson(m.id, e.target.value)}
|
||||||
|
title="Link to a person"
|
||||||
|
>
|
||||||
|
<option value="">— link to person —</option>
|
||||||
|
{people.map((p) => (
|
||||||
|
<option key={p.id} value={p.id}>
|
||||||
|
{p.primary_name ?? "Unnamed"}
|
||||||
|
</option>
|
||||||
|
))}
|
||||||
|
</select>
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
))}
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
@@ -1,36 +1,74 @@
|
|||||||
"use client";
|
"use client";
|
||||||
|
|
||||||
import Link from "next/link";
|
import Link from "next/link";
|
||||||
import { useParams, useRouter } from "next/navigation";
|
import { useParams, useRouter, useSearchParams } from "next/navigation";
|
||||||
import { useCallback, useEffect, useState } from "react";
|
import { useCallback, useEffect, useMemo, useRef, useState } from "react";
|
||||||
|
|
||||||
import { api } from "@/lib/api/client";
|
import { api } from "@/lib/api/client";
|
||||||
import type { components } from "@/lib/api/schema";
|
import type { components } from "@/lib/api/schema";
|
||||||
import { Button } from "@/components/ui/button";
|
import { Button } from "@/components/ui/button";
|
||||||
import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card";
|
import { Card, CardContent } from "@/components/ui/card";
|
||||||
import { Input } from "@/components/ui/input";
|
import { Input } from "@/components/ui/input";
|
||||||
|
|
||||||
type Person = components["schemas"]["PersonRead"];
|
type Person = components["schemas"]["PersonRead"];
|
||||||
|
type Relationship = components["schemas"]["RelationshipRead"];
|
||||||
|
type Event = components["schemas"]["EventRead"];
|
||||||
|
|
||||||
export default function TreeDetailPage() {
|
function splitName(full: string): { given: string | null; surname: string | null } {
|
||||||
|
const t = full.trim().split(/\s+/).filter(Boolean);
|
||||||
|
if (t.length === 0) return { given: null, surname: null };
|
||||||
|
if (t.length === 1) return { given: t[0], surname: null };
|
||||||
|
return { given: t.slice(0, -1).join(" "), surname: t[t.length - 1] };
|
||||||
|
}
|
||||||
|
|
||||||
|
type AddKind = "parent" | "child" | "partner";
|
||||||
|
|
||||||
|
export default function FamilyViewPage() {
|
||||||
const router = useRouter();
|
const router = useRouter();
|
||||||
const params = useParams<{ id: string }>();
|
const params = useParams<{ id: string }>();
|
||||||
|
const searchParams = useSearchParams();
|
||||||
const treeId = params.id;
|
const treeId = params.id;
|
||||||
|
// ?focus=… lets another view (or a person page) hand us who to center on.
|
||||||
|
// Read once at mount so the focus→URL sync below doesn't trigger a refetch.
|
||||||
|
const initialFocus = useRef<string | null>(searchParams.get("focus"));
|
||||||
|
|
||||||
const [persons, setPersons] = useState<Person[]>([]);
|
const [people, setPeople] = useState<Person[]>([]);
|
||||||
const [given, setGiven] = useState("");
|
const [rels, setRels] = useState<Relationship[]>([]);
|
||||||
const [surname, setSurname] = useState("");
|
const [events, setEvents] = useState<Event[]>([]);
|
||||||
const [ready, setReady] = useState(false);
|
const [ready, setReady] = useState(false);
|
||||||
|
const [focusId, setFocusId] = useState<string | null>(null);
|
||||||
|
const [search, setSearch] = useState("");
|
||||||
|
const [results, setResults] = useState<Person[] | null>(null); // server fuzzy search
|
||||||
|
const [firstName, setFirstName] = useState("");
|
||||||
|
// Inline add-relative form: which anchor + kind is open, and the typed name.
|
||||||
|
// `key` keeps each empty slot's inline form independent (a person has 2
|
||||||
|
// parents, 4 grandparents — many same-kind/anchor slots can coexist).
|
||||||
|
const [adding, setAdding] = useState<{ key: string; kind: AddKind; anchor: string } | null>(null);
|
||||||
|
const [addName, setAddName] = useState("");
|
||||||
|
|
||||||
const load = useCallback(async () => {
|
const load = useCallback(async () => {
|
||||||
const { data, response } = await api.GET("/api/v1/trees/{tree_id}/persons", {
|
const p = await api.GET("/api/v1/trees/{tree_id}/persons", {
|
||||||
params: { path: { tree_id: treeId } },
|
params: { path: { tree_id: treeId } },
|
||||||
});
|
});
|
||||||
if (response.status === 401) {
|
if (p.response.status === 401) {
|
||||||
router.push("/login");
|
router.push("/login");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
setPersons(data ?? []);
|
const [r, e, t] = await Promise.all([
|
||||||
|
api.GET("/api/v1/trees/{tree_id}/relationships", { params: { path: { tree_id: treeId } } }),
|
||||||
|
api.GET("/api/v1/trees/{tree_id}/events", { params: { path: { tree_id: treeId } } }),
|
||||||
|
api.GET("/api/v1/trees/{tree_id}", { params: { path: { tree_id: treeId } } }),
|
||||||
|
]);
|
||||||
|
const ppl = p.data ?? [];
|
||||||
|
const home = t.data?.home_person_id ?? null;
|
||||||
|
const homeId = home && ppl.some((x) => x.id === home) ? home : null;
|
||||||
|
const fromUrl = initialFocus.current && ppl.some((x) => x.id === initialFocus.current)
|
||||||
|
? initialFocus.current
|
||||||
|
: null;
|
||||||
|
setPeople(ppl);
|
||||||
|
setRels(r.data ?? []);
|
||||||
|
setEvents(e.data ?? []);
|
||||||
|
setFocusId((cur) => cur ?? fromUrl ?? homeId ?? ppl[0]?.id ?? null);
|
||||||
setReady(true);
|
setReady(true);
|
||||||
}, [router, treeId]);
|
}, [router, treeId]);
|
||||||
|
|
||||||
@@ -38,67 +76,434 @@ export default function TreeDetailPage() {
|
|||||||
load();
|
load();
|
||||||
}, [load]);
|
}, [load]);
|
||||||
|
|
||||||
async function addPerson(e: React.FormEvent) {
|
// Keep the focused person in the URL (?focus=…) so leaving and returning —
|
||||||
e.preventDefault();
|
// e.g. opening a person then coming back — lands on the same person rather
|
||||||
if (!given.trim() && !surname.trim()) return;
|
// than resetting to the home person. `replace` keeps history clean.
|
||||||
const { error } = await api.POST("/api/v1/trees/{tree_id}/persons", {
|
useEffect(() => {
|
||||||
params: { path: { tree_id: treeId } },
|
if (!focusId || searchParams.get("focus") === focusId) return;
|
||||||
body: { given: given || null, surname: surname || null },
|
const sp = new URLSearchParams(searchParams.toString());
|
||||||
});
|
sp.set("focus", focusId);
|
||||||
if (!error) {
|
router.replace(`/trees/${treeId}?${sp.toString()}`, { scroll: false });
|
||||||
setGiven("");
|
}, [focusId, searchParams, router, treeId]);
|
||||||
setSurname("");
|
|
||||||
load();
|
// Debounced server-side fuzzy search (pg_trgm) across the whole tree.
|
||||||
|
useEffect(() => {
|
||||||
|
const q = search.trim();
|
||||||
|
if (!q) {
|
||||||
|
setResults(null);
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
const t = setTimeout(async () => {
|
||||||
|
const { data } = await api.GET("/api/v1/trees/{tree_id}/persons", {
|
||||||
|
params: { path: { tree_id: treeId }, query: { q } },
|
||||||
|
});
|
||||||
|
setResults(data ?? []);
|
||||||
|
}, 250);
|
||||||
|
return () => clearTimeout(t);
|
||||||
|
}, [search, treeId]);
|
||||||
|
|
||||||
|
const byId = useMemo(() => new Map(people.map((p) => [p.id, p])), [people]);
|
||||||
|
// Order parents deterministically: father (male) on top, mother below, with a
|
||||||
|
// stable fallback when gender is unknown (so it doesn't depend on which link
|
||||||
|
// happened to be created first).
|
||||||
|
const parentRank = (id: string) => {
|
||||||
|
const g = byId.get(id)?.gender;
|
||||||
|
return g === "male" ? 0 : g === "female" ? 1 : 2;
|
||||||
|
};
|
||||||
|
const parentsOf = (id: string) =>
|
||||||
|
rels
|
||||||
|
.filter((r) => r.type === "parent_child" && r.person_to_id === id)
|
||||||
|
.map((r) => r.person_from_id)
|
||||||
|
.sort((a, b) => parentRank(a) - parentRank(b));
|
||||||
|
const childrenOf = (id: string) =>
|
||||||
|
rels.filter((r) => r.type === "parent_child" && r.person_from_id === id).map((r) => r.person_to_id);
|
||||||
|
const partnersOf = (id: string) =>
|
||||||
|
rels
|
||||||
|
.filter((r) => r.type === "partnership" && (r.person_from_id === id || r.person_to_id === id))
|
||||||
|
.map((r) => (r.person_from_id === id ? r.person_to_id : r.person_from_id));
|
||||||
|
|
||||||
|
const years = useMemo(() => {
|
||||||
|
const m = new Map<string, string>();
|
||||||
|
const yr = (e: Event) => (e.date_start ? e.date_start.slice(0, 4) : e.date_value ?? "");
|
||||||
|
for (const p of people) {
|
||||||
|
const b = events.find((e) => e.person_id === p.id && e.event_type === "birth");
|
||||||
|
const d = events.find((e) => e.person_id === p.id && e.event_type === "death");
|
||||||
|
const parts = [b ? yr(b) : "", d ? yr(d) : ""];
|
||||||
|
if (parts[0] || parts[1]) m.set(p.id, `${parts[0]}–${parts[1]}`.replace(/^–$/, ""));
|
||||||
|
}
|
||||||
|
return m;
|
||||||
|
}, [people, events]);
|
||||||
|
|
||||||
|
async function addPerson(name: string): Promise<string | null> {
|
||||||
|
const { given, surname } = splitName(name);
|
||||||
|
const { data } = await api.POST("/api/v1/trees/{tree_id}/persons", {
|
||||||
|
params: { path: { tree_id: treeId } },
|
||||||
|
body: { given, surname },
|
||||||
|
});
|
||||||
|
return data?.id ?? null;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create a new (blank) person and open their page to fill in details.
|
||||||
|
async function newPersonAndGo() {
|
||||||
|
const id = await addPerson("");
|
||||||
|
if (id) router.push(`/trees/${treeId}/persons/${id}`);
|
||||||
|
}
|
||||||
|
|
||||||
|
async function createFirst(e: React.FormEvent) {
|
||||||
|
e.preventDefault();
|
||||||
|
if (!firstName.trim()) return;
|
||||||
|
const id = await addPerson(firstName);
|
||||||
|
setFirstName("");
|
||||||
|
if (id) setFocusId(id);
|
||||||
|
load();
|
||||||
|
}
|
||||||
|
|
||||||
|
async function postRel(body: components["schemas"]["RelationshipCreate"]) {
|
||||||
|
await api.POST("/api/v1/trees/{tree_id}/relationships", {
|
||||||
|
params: { path: { tree_id: treeId } },
|
||||||
|
body,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create the relationship(s) connecting an (existing or new) person to anchor.
|
||||||
|
async function createLink(kind: AddKind, anchor: string, personId: string) {
|
||||||
|
if (kind === "parent") {
|
||||||
|
await postRel({ type: "parent_child", person_from_id: personId, person_to_id: anchor, qualifier: "biological" });
|
||||||
|
} else if (kind === "partner") {
|
||||||
|
await postRel({ type: "partnership", person_from_id: anchor, person_to_id: personId });
|
||||||
|
} else {
|
||||||
|
// child: link to anchor, and to anchor's spouse too (so both parents show)
|
||||||
|
await postRel({ type: "parent_child", person_from_id: anchor, person_to_id: personId, qualifier: "biological" });
|
||||||
|
const partners = partnersOf(anchor);
|
||||||
|
if (partners.length === 1) {
|
||||||
|
await postRel({ type: "parent_child", person_from_id: partners[0], person_to_id: personId, qualifier: "biological" });
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
async function linkExisting(personId: string) {
|
||||||
|
if (!adding) return;
|
||||||
|
await createLink(adding.kind, adding.anchor, personId);
|
||||||
|
setAdding(null);
|
||||||
|
setAddName("");
|
||||||
|
load();
|
||||||
|
}
|
||||||
|
|
||||||
|
async function submitAdd(e: React.FormEvent) {
|
||||||
|
e.preventDefault();
|
||||||
|
if (!adding || !addName.trim()) return;
|
||||||
|
const newId = await addPerson(addName);
|
||||||
|
if (newId) await createLink(adding.kind, adding.anchor, newId);
|
||||||
|
setAdding(null);
|
||||||
|
setAddName("");
|
||||||
|
load();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!ready) return <p className="text-[var(--muted)]">Loading…</p>;
|
if (!ready) return <p className="text-[var(--muted)]">Loading…</p>;
|
||||||
|
|
||||||
|
if (people.length === 0) {
|
||||||
|
return (
|
||||||
|
<div className="space-y-6">
|
||||||
|
<h1 className="text-2xl font-semibold">Start your tree</h1>
|
||||||
|
<Card>
|
||||||
|
<CardContent className="p-6">
|
||||||
|
<form onSubmit={createFirst} className="flex flex-wrap gap-2">
|
||||||
|
<Input
|
||||||
|
className="w-64"
|
||||||
|
placeholder="First person's full name"
|
||||||
|
value={firstName}
|
||||||
|
onChange={(e) => setFirstName(e.target.value)}
|
||||||
|
/>
|
||||||
|
<Button type="submit">Add person</Button>
|
||||||
|
</form>
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
const focus = focusId ? byId.get(focusId) : undefined;
|
||||||
|
if (!focus) {
|
||||||
|
setFocusId(people[0].id);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
const PersonBox = ({
|
||||||
|
id,
|
||||||
|
muted,
|
||||||
|
}: {
|
||||||
|
id: string;
|
||||||
|
muted?: boolean;
|
||||||
|
}) => {
|
||||||
|
const p = byId.get(id);
|
||||||
|
if (!p) return null;
|
||||||
|
const isFocus = id === focusId;
|
||||||
|
return (
|
||||||
|
<button
|
||||||
|
onClick={() => setFocusId(id)}
|
||||||
|
className={`w-44 rounded-lg border px-3 py-2 text-left transition-colors ${
|
||||||
|
isFocus
|
||||||
|
? "border-bronze bg-bronze/[0.08]"
|
||||||
|
: "border-[var(--border)] bg-[var(--surface)] hover:border-bronze/60"
|
||||||
|
} ${muted ? "opacity-90" : ""}`}
|
||||||
|
>
|
||||||
|
<div className="truncate text-sm font-medium">{p.primary_name ?? "Unnamed"}</div>
|
||||||
|
<div className="text-xs text-[var(--muted)]">{years.get(id) ?? "—"}</div>
|
||||||
|
</button>
|
||||||
|
);
|
||||||
|
};
|
||||||
|
|
||||||
|
const AddSlot = ({
|
||||||
|
formKey,
|
||||||
|
kind,
|
||||||
|
anchor,
|
||||||
|
label,
|
||||||
|
}: {
|
||||||
|
formKey: string;
|
||||||
|
kind: AddKind;
|
||||||
|
anchor: string;
|
||||||
|
label: string;
|
||||||
|
}) =>
|
||||||
|
adding?.key === formKey ? (
|
||||||
|
<form onSubmit={submitAdd} className="flex w-56 flex-col gap-1">
|
||||||
|
<Input
|
||||||
|
autoFocus
|
||||||
|
className="h-9"
|
||||||
|
placeholder="Search existing or type a new name"
|
||||||
|
value={addName}
|
||||||
|
onChange={(e) => setAddName(e.target.value)}
|
||||||
|
/>
|
||||||
|
{addName.trim() && (
|
||||||
|
<div className="overflow-hidden rounded-md border border-[var(--border)] bg-[var(--surface)] text-sm">
|
||||||
|
{people
|
||||||
|
.filter(
|
||||||
|
(p) =>
|
||||||
|
p.id !== anchor &&
|
||||||
|
(p.primary_name ?? "").toLowerCase().includes(addName.trim().toLowerCase()),
|
||||||
|
)
|
||||||
|
.slice(0, 6)
|
||||||
|
.map((p) => (
|
||||||
|
<button
|
||||||
|
key={p.id}
|
||||||
|
type="button"
|
||||||
|
onClick={() => linkExisting(p.id)}
|
||||||
|
className="flex w-full items-center justify-between gap-2 px-2 py-1.5 text-left hover:bg-bronze/[0.07]"
|
||||||
|
>
|
||||||
|
<span className="truncate">{p.primary_name ?? "Unnamed"}</span>
|
||||||
|
<span className="shrink-0 text-xs text-[var(--muted)]">{years.get(p.id) ?? ""}</span>
|
||||||
|
</button>
|
||||||
|
))}
|
||||||
|
<button
|
||||||
|
type="submit"
|
||||||
|
className="flex w-full items-center gap-1 border-t border-[var(--border)] px-2 py-1.5 text-left text-bronze hover:bg-bronze/[0.07]"
|
||||||
|
>
|
||||||
|
+ Create new “{addName.trim()}”
|
||||||
|
</button>
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
<button type="button" onClick={() => setAdding(null)} className="text-xs text-[var(--muted)]">
|
||||||
|
cancel
|
||||||
|
</button>
|
||||||
|
</form>
|
||||||
|
) : (
|
||||||
|
<button
|
||||||
|
onClick={() => {
|
||||||
|
setAdding({ key: formKey, kind, anchor });
|
||||||
|
setAddName("");
|
||||||
|
}}
|
||||||
|
className="w-44 rounded-lg border border-dashed border-[var(--border)] px-3 py-2 text-left text-sm text-[var(--muted)] hover:border-bronze hover:text-bronze"
|
||||||
|
>
|
||||||
|
+ {label}
|
||||||
|
</button>
|
||||||
|
);
|
||||||
|
|
||||||
|
// Recursive ancestor chart (grows rightward): a node is its box plus a
|
||||||
|
// two-leaf "branch" of its parents, with CSS bracket connectors. Depth 0 =
|
||||||
|
// focus, capped at grandparents (depth 2).
|
||||||
|
const renderNode = (
|
||||||
|
slotPersonId: string | null,
|
||||||
|
childId: string,
|
||||||
|
keyPrefix: string,
|
||||||
|
depth: number,
|
||||||
|
): React.ReactNode => {
|
||||||
|
const box = slotPersonId ? (
|
||||||
|
<PersonBox id={slotPersonId} muted={depth > 0} />
|
||||||
|
) : (
|
||||||
|
<AddSlot formKey={keyPrefix} kind="parent" anchor={childId} label="add parent" />
|
||||||
|
);
|
||||||
|
if (!slotPersonId || depth >= 2) {
|
||||||
|
return <div className="ped-person">{box}</div>;
|
||||||
|
}
|
||||||
|
const ps = parentsOf(slotPersonId);
|
||||||
|
return (
|
||||||
|
<div className="ped-person">
|
||||||
|
<div className="ped-self">{box}</div>
|
||||||
|
<div className="ped-branch">
|
||||||
|
<div className="ped-leaf">
|
||||||
|
{renderNode(ps[0] ?? null, slotPersonId, `${keyPrefix}-a`, depth + 1)}
|
||||||
|
</div>
|
||||||
|
<div className="ped-leaf">
|
||||||
|
{renderNode(ps[1] ?? null, slotPersonId, `${keyPrefix}-b`, depth + 1)}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
);
|
||||||
|
};
|
||||||
|
|
||||||
|
const partners = partnersOf(focus.id);
|
||||||
|
const children = childrenOf(focus.id);
|
||||||
|
|
||||||
|
// "Dangling" people: not linked to anyone. Common after a GEDCOM import or a
|
||||||
|
// mistaken delete — surface them so they're not lost in the directory.
|
||||||
|
const connected = new Set<string>();
|
||||||
|
for (const r of rels) {
|
||||||
|
connected.add(r.person_from_id);
|
||||||
|
connected.add(r.person_to_id);
|
||||||
|
}
|
||||||
|
const unconnected = people
|
||||||
|
.filter((p) => !connected.has(p.id))
|
||||||
|
.sort((a, b) => (a.primary_name ?? "").localeCompare(b.primary_name ?? ""));
|
||||||
|
|
||||||
|
const sorted = [...people].sort((a, b) =>
|
||||||
|
(a.primary_name ?? "").localeCompare(b.primary_name ?? ""),
|
||||||
|
);
|
||||||
|
// Server fuzzy results when searching; otherwise the loaded set.
|
||||||
|
const directory = results ?? sorted;
|
||||||
|
const shown = directory.slice(0, 200); // cap DOM nodes; refine search to narrow
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<div className="space-y-6">
|
<div className="space-y-8">
|
||||||
<div className="flex items-center justify-between">
|
<div className="flex flex-wrap items-center justify-between gap-3">
|
||||||
<Link href="/trees" className="text-sm text-[var(--muted)] hover:underline">
|
<h1 className="text-2xl font-semibold">Family view</h1>
|
||||||
← All trees
|
<div className="flex items-center gap-3">
|
||||||
</Link>
|
<Button size="sm" onClick={newPersonAndGo}>
|
||||||
<Link href={`/trees/${treeId}/sources`} className="text-sm text-bronze hover:underline">
|
+ Add person
|
||||||
Sources →
|
</Button>
|
||||||
</Link>
|
<Link
|
||||||
|
href={`/trees/${treeId}/persons/${focus.id}?from=people`}
|
||||||
|
className="text-sm text-bronze hover:underline"
|
||||||
|
>
|
||||||
|
Open {focus.primary_name ?? "person"} →
|
||||||
|
</Link>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
{/* Pedigree: focus → parents → grandparents, with bracket connectors */}
|
||||||
<Card>
|
<Card>
|
||||||
<CardHeader>
|
<CardContent className="overflow-x-auto p-6">
|
||||||
<CardTitle className="text-base">Add a person</CardTitle>
|
<div className="min-w-[44rem]">{renderNode(focus.id, focus.id, "ped", 0)}</div>
|
||||||
</CardHeader>
|
|
||||||
<CardContent>
|
|
||||||
<form onSubmit={addPerson} className="flex gap-2">
|
|
||||||
<Input placeholder="Given name" value={given} onChange={(e) => setGiven(e.target.value)} />
|
|
||||||
<Input placeholder="Surname" value={surname} onChange={(e) => setSurname(e.target.value)} />
|
|
||||||
<Button type="submit">Add</Button>
|
|
||||||
</form>
|
|
||||||
</CardContent>
|
</CardContent>
|
||||||
</Card>
|
</Card>
|
||||||
|
|
||||||
<div>
|
{/* Family group: partners + children of the focus */}
|
||||||
<h2 className="mb-2 text-lg font-semibold">People</h2>
|
<div className="grid gap-5 sm:grid-cols-2">
|
||||||
{persons.length === 0 ? (
|
<Card>
|
||||||
<p className="text-[var(--muted)]">No people yet.</p>
|
<CardContent className="space-y-3 p-6">
|
||||||
) : (
|
<h2 className="font-serif text-base font-semibold">Spouses & partners</h2>
|
||||||
<ul className="space-y-2">
|
<div className="flex flex-wrap gap-3">
|
||||||
{persons.map((person) => (
|
{partners.map((id) => (
|
||||||
<li key={person.id}>
|
<PersonBox key={id} id={id} muted />
|
||||||
<Link href={`/trees/${treeId}/persons/${person.id}`}>
|
))}
|
||||||
<Card className="transition-colors hover:border-bronze/50">
|
<AddSlot
|
||||||
<CardContent className="p-4">
|
formKey={`partner-${focus.id}`}
|
||||||
{person.primary_name ?? (
|
kind="partner"
|
||||||
<span className="text-[var(--muted)]">Unnamed</span>
|
anchor={focus.id}
|
||||||
)}
|
label="add spouse"
|
||||||
</CardContent>
|
/>
|
||||||
</Card>
|
</div>
|
||||||
</Link>
|
</CardContent>
|
||||||
</li>
|
</Card>
|
||||||
))}
|
|
||||||
</ul>
|
<Card>
|
||||||
)}
|
<CardContent className="space-y-3 p-6">
|
||||||
|
<h2 className="font-serif text-base font-semibold">Children</h2>
|
||||||
|
<div className="flex flex-wrap gap-3">
|
||||||
|
{children.map((id) => (
|
||||||
|
<PersonBox key={id} id={id} muted />
|
||||||
|
))}
|
||||||
|
<AddSlot
|
||||||
|
formKey={`child-${focus.id}`}
|
||||||
|
kind="child"
|
||||||
|
anchor={focus.id}
|
||||||
|
label="add child"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{/* Unconnected people — not linked to anyone in the tree */}
|
||||||
|
{unconnected.length > 0 && (
|
||||||
|
<Card className="border-bronze/40">
|
||||||
|
<CardContent className="space-y-3 p-6">
|
||||||
|
<div className="flex items-center justify-between">
|
||||||
|
<h2 className="font-serif text-base font-semibold">
|
||||||
|
Not connected to anyone ({unconnected.length})
|
||||||
|
</h2>
|
||||||
|
<span className="text-xs text-[var(--muted)]">
|
||||||
|
Open one and add a relationship, or delete it.
|
||||||
|
</span>
|
||||||
|
</div>
|
||||||
|
<div className="flex flex-wrap gap-3">
|
||||||
|
{unconnected.slice(0, 60).map((p) => (
|
||||||
|
<div key={p.id} className="flex items-center gap-1">
|
||||||
|
<PersonBox id={p.id} muted />
|
||||||
|
<Link
|
||||||
|
href={`/trees/${treeId}/persons/${p.id}?from=people`}
|
||||||
|
className="text-xs text-bronze hover:underline"
|
||||||
|
>
|
||||||
|
open
|
||||||
|
</Link>
|
||||||
|
</div>
|
||||||
|
))}
|
||||||
|
</div>
|
||||||
|
{unconnected.length > 60 && (
|
||||||
|
<p className="text-xs text-[var(--muted)]">
|
||||||
|
Showing 60 of {unconnected.length}.
|
||||||
|
</p>
|
||||||
|
)}
|
||||||
|
</CardContent>
|
||||||
|
</Card>
|
||||||
|
)}
|
||||||
|
|
||||||
|
{/* Scrollable, searchable people directory (scales to large trees) */}
|
||||||
|
<div className="space-y-3">
|
||||||
|
<div className="flex flex-wrap items-center justify-between gap-3">
|
||||||
|
<h2 className="font-serif text-base font-semibold">People ({people.length})</h2>
|
||||||
|
<Input
|
||||||
|
className="w-64"
|
||||||
|
placeholder="Search by name…"
|
||||||
|
value={search}
|
||||||
|
onChange={(e) => setSearch(e.target.value)}
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
<Card className="overflow-hidden">
|
||||||
|
<div className="max-h-96 overflow-y-auto">
|
||||||
|
{shown.length === 0 ? (
|
||||||
|
<div className="px-4 py-6 text-sm text-[var(--muted)]">No matches.</div>
|
||||||
|
) : (
|
||||||
|
shown.map((p, i) => (
|
||||||
|
<button
|
||||||
|
key={p.id}
|
||||||
|
onClick={() => setFocusId(p.id)}
|
||||||
|
className={`flex w-full items-center justify-between gap-3 px-4 py-2.5 text-left text-sm transition-colors ${
|
||||||
|
i > 0 ? "border-t border-[var(--border)]" : ""
|
||||||
|
} ${p.id === focusId ? "bg-bronze/[0.08]" : "hover:bg-bronze/[0.05]"}`}
|
||||||
|
>
|
||||||
|
<span className="truncate font-medium">{p.primary_name ?? "Unnamed"}</span>
|
||||||
|
<span className="shrink-0 text-xs text-[var(--muted)]">
|
||||||
|
{years.get(p.id) ?? ""}
|
||||||
|
</span>
|
||||||
|
</button>
|
||||||
|
))
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
{directory.length > shown.length && (
|
||||||
|
<div className="border-t border-[var(--border)] bg-[var(--surface)] px-4 py-2 text-xs text-[var(--muted)]">
|
||||||
|
Showing {shown.length} of {directory.length} — refine your search to narrow.
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
</Card>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
);
|
);
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user