ge-aerospace/shopdb-flask
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f419db94e5f0407e9401dd6b234fce89f677c799
shopdb-flask/shopdb/cli/__init__.py
cproudlock f419db94e5 Phase 7A fix: BINARY comparison on MySQL for ADR-001 type seeding 
MySQL's default collation (utf8mb4_general_ci) is case-insensitive, so
`WHERE relationshiptype = 'controls'` matched a legacy `Controls` row.
The check skipped the insert of the lowercase ADR-001 type, then the
follow-up UPDATE accidentally wired propagatesthroughid onto the legacy
capitalized row instead of the new canonical one.

Surfaced in live dev DB after running `flask db upgrade`:
- partof, connectedto inserted correctly
- controls NOT inserted (collision with legacy `Controls`)
- legacy `Controls` row got propagation FK wired by mistake

Fix uses BINARY comparison on MySQL in both paths:
- migrations/versions/7a01_adr001_position_contract.py: dialect-aware
  _eq() helper wraps each WHERE clause in BINARY when on MySQL. SQLite
  and PostgreSQL stay case-sensitive by default; the plain comparison
  is safe there.
- shopdb/cli/__init__.py: same dialect-aware _lookup_binary() using
  func.binary() in the SQLAlchemy query.

Dev DB healed manually by renaming `Controls` -> `controls` and wiring
propagatesthroughid to partof. Other deployments that ran the buggy
migration need the same one-line UPDATE:
    UPDATE relationshiptypes
    SET relationshiptype = 'controls', propagatesthroughid = <partof_id>
    WHERE relationshiptype = 'Controls';
(only if the deployment had a legacy capitalized row; fresh DBs are fine).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-30 14:47:16 -04:00

362 lines
13 KiB
Python
Raw Blame History

"""Flask CLI commands."""
import click
from flask.cli import with_appcontext
@click.group('db-utils')
def db_cli():
"""Database utility commands."""
pass
@db_cli.command('create-all')
@with_appcontext
def create_all():
"""Create all database tables."""
from shopdb.extensions import db
db.create_all()
click.echo(click.style("All tables created.", fg='green'))
@db_cli.command('drop-all')
@click.confirmation_option(prompt='This will delete ALL data. Are you sure?')
@with_appcontext
def drop_all():
"""Drop all database tables."""
from shopdb.extensions import db
db.drop_all()
click.echo(click.style("All tables dropped.", fg='yellow'))
@click.group('seed')
def seed_cli():
"""Database seeding commands."""
pass
@seed_cli.command('reference-data')
@with_appcontext
def seed_reference_data():
"""Seed reference data (machine types, statuses, etc.)."""
from shopdb.extensions import db
from shopdb.core.models import MachineType, MachineStatus, OperatingSystem
from shopdb.core.models.relationship import RelationshipType
# Machine types
machine_types = [
{'machinetype': 'CNC Mill', 'category': 'Equipment', 'description': 'CNC Milling Machine'},
{'machinetype': 'CNC Lathe', 'category': 'Equipment', 'description': 'CNC Lathe'},
{'machinetype': 'CMM', 'category': 'Equipment', 'description': 'Coordinate Measuring Machine'},
{'machinetype': 'EDM', 'category': 'Equipment', 'description': 'Electrical Discharge Machine'},
{'machinetype': 'Grinder', 'category': 'Equipment', 'description': 'Grinding Machine'},
{'machinetype': 'Inspection Station', 'category': 'Equipment', 'description': 'Inspection Station'},
{'machinetype': 'Desktop PC', 'category': 'PC', 'description': 'Desktop Computer'},
{'machinetype': 'Laptop', 'category': 'PC', 'description': 'Laptop Computer'},
{'machinetype': 'Shopfloor PC', 'category': 'PC', 'description': 'Shopfloor Computer'},
{'machinetype': 'Server', 'category': 'Network', 'description': 'Server'},
{'machinetype': 'Switch', 'category': 'Network', 'description': 'Network Switch'},
{'machinetype': 'Access Point', 'category': 'Network', 'description': 'Wireless Access Point'},
]
for mt_data in machine_types:
existing = MachineType.query.filter_by(machinetype=mt_data['machinetype']).first()
if not existing:
mt = MachineType(**mt_data)
db.session.add(mt)
# Machine statuses
statuses = [
{'status': 'In Use', 'description': 'Currently in use', 'color': '#28a745'},
{'status': 'Spare', 'description': 'Available as spare', 'color': '#17a2b8'},
{'status': 'Retired', 'description': 'No longer in use', 'color': '#6c757d'},
{'status': 'In Repair', 'description': 'Currently being repaired', 'color': '#ffc107'},
{'status': 'Pending', 'description': 'Pending installation', 'color': '#007bff'},
]
for s_data in statuses:
existing = MachineStatus.query.filter_by(status=s_data['status']).first()
if not existing:
s = MachineStatus(**s_data)
db.session.add(s)
# Operating systems
os_list = [
{'osname': 'Windows 10', 'osversion': '10.0'},
{'osname': 'Windows 11', 'osversion': '11.0'},
{'osname': 'Windows Server 2019', 'osversion': '2019'},
{'osname': 'Windows Server 2022', 'osversion': '2022'},
{'osname': 'Linux', 'osversion': 'Various'},
]
for os_data in os_list:
existing = OperatingSystem.query.filter_by(osname=os_data['osname']).first()
if not existing:
os_obj = OperatingSystem(**os_data)
db.session.add(os_obj)
# Connection types (pre-1.0 legacy; kept for backward compat with
# existing relationship rows. New ADR-001 code reasons about the three
# canonical types below via free-text label.)
connection_types = [
{'relationshiptype': 'Serial Cable', 'description': 'RS-232 or similar serial connection'},
{'relationshiptype': 'Direct Ethernet', 'description': 'Direct network cable (airgapped)'},
{'relationshiptype': 'USB', 'description': 'USB connection'},
{'relationshiptype': 'WiFi', 'description': 'Wireless network connection'},
{'relationshiptype': 'Dualpath', 'description': 'Redundant/failover network path'},
]
for ct_data in connection_types:
existing = RelationshipType.query.filter_by(relationshiptype=ct_data['relationshiptype']).first()
if not existing:
ct = RelationshipType(**ct_data)
db.session.add(ct)
# ADR-001 canonical relationship types. Created first without propagation
# FKs, then patched with propagatesthroughid since `controls` points at
# `partof` (same table). All three are idempotent.
#
# MySQL collation is case-insensitive by default, which would let a
# legacy capitalized row (e.g. "Controls") match the lowercase
# "controls" check and skip the insert. Force binary comparison via
# collate so the three ADR-001 types stay distinct from any legacy
# rows with the same spelling but different case.
from sqlalchemy import func, literal
def _lookup_binary(name):
dialect = db.engine.dialect.name
if dialect == 'mysql':
return RelationshipType.query.filter(
func.binary(RelationshipType.relationshiptype) == literal(name)
).first()
return RelationshipType.query.filter_by(relationshiptype=name).first()
adr_types = [
{'relationshiptype': 'partof', 'description': 'Composition / sub-assembly (ADR-001)'},
{'relationshiptype': 'controls', 'description': 'Operational authority over another asset (ADR-001)'},
{'relationshiptype': 'connectedto', 'description': 'Network or data link without authority (ADR-001)'},
]
for at in adr_types:
if not _lookup_binary(at['relationshiptype']):
db.session.add(RelationshipType(**at))
db.session.flush()
# Wire `controls` -> `partof` propagation rail. partof + connectedto stay
# null (no propagation).
partof = _lookup_binary('partof')
controls = _lookup_binary('controls')
if partof and controls and controls.propagatesthroughid != partof.relationshiptypeid:
controls.propagatesthroughid = partof.relationshiptypeid
db.session.commit()
click.echo(click.style("Reference data seeded.", fg='green'))
@seed_cli.command('test-user')
@with_appcontext
def seed_test_user():
"""Create a test admin user."""
from shopdb.extensions import db
from shopdb.core.models import User, Role
from werkzeug.security import generate_password_hash
# Create admin role if not exists
admin_role = Role.query.filter_by(rolename='admin').first()
if not admin_role:
admin_role = Role(rolename='admin', description='Administrator')
db.session.add(admin_role)
# Create test user
test_user = User.query.filter_by(username='admin').first()
if not test_user:
test_user = User(
username='admin',
email='admin@localhost',
passwordhash=generate_password_hash('admin123'),
isactive=True
)
test_user.roles.append(admin_role)
db.session.add(test_user)
db.session.commit()
click.echo(click.style("Test user created: admin / admin123", fg='green'))
else:
click.echo(click.style("Test user already exists", fg='yellow'))
@seed_cli.command('permissions')
@with_appcontext
def seed_permissions():
"""Seed predefined permissions."""
from shopdb.extensions import db
from shopdb.core.models import Permission
created = Permission.seed()
db.session.commit()
click.echo(click.style(f"{created} permissions created.", fg='green'))
@seed_cli.command('settings')
@with_appcontext
def seed_settings():
"""Seed default system settings."""
from shopdb.extensions import db
from shopdb.core.models import Setting
defaults = [
# Zabbix integration
{
'key': 'zabbix_enabled',
'value': 'false',
'valuetype': 'boolean',
'category': 'integrations',
'description': 'Enable Zabbix integration for printer supply monitoring'
},
{
'key': 'zabbix_url',
'value': '',
'valuetype': 'string',
'category': 'integrations',
'description': 'Zabbix API URL (e.g., http://zabbix.example.com:8080)'
},
{
'key': 'zabbix_token',
'value': '',
'valuetype': 'string',
'category': 'integrations',
'description': 'Zabbix API authentication token'
},
# Email/SMTP settings
{
'key': 'smtp_enabled',
'value': 'false',
'valuetype': 'boolean',
'category': 'email',
'description': 'Enable email notifications and alerts'
},
{
'key': 'smtp_host',
'value': '',
'valuetype': 'string',
'category': 'email',
'description': 'SMTP server hostname'
},
{
'key': 'smtp_port',
'value': '587',
'valuetype': 'integer',
'category': 'email',
'description': 'SMTP server port (usually 587 for TLS, 465 for SSL, 25 for unencrypted)'
},
{
'key': 'smtp_username',
'value': '',
'valuetype': 'string',
'category': 'email',
'description': 'SMTP authentication username'
},
{
'key': 'smtp_password',
'value': '',
'valuetype': 'string',
'category': 'email',
'description': 'SMTP authentication password'
},
{
'key': 'smtp_use_tls',
'value': 'true',
'valuetype': 'boolean',
'category': 'email',
'description': 'Use TLS encryption for SMTP connection'
},
{
'key': 'smtp_from_address',
'value': '',
'valuetype': 'string',
'category': 'email',
'description': 'From address for outgoing emails'
},
{
'key': 'smtp_from_name',
'value': 'ShopDB',
'valuetype': 'string',
'category': 'email',
'description': 'From name for outgoing emails'
},
{
'key': 'alert_recipients',
'value': '',
'valuetype': 'string',
'category': 'email',
'description': 'Default email recipients for alerts (comma-separated)'
},
# Audit log settings
{
'key': 'audit_retention_days',
'value': '90',
'valuetype': 'integer',
'category': 'audit',
'description': 'Number of days to retain audit logs (0 = keep forever)'
},
# Authentication settings
{
'key': 'saml_enabled',
'value': 'false',
'valuetype': 'boolean',
'category': 'auth',
'description': 'Enable SAML SSO authentication'
},
{
'key': 'saml_idp_metadata_url',
'value': '',
'valuetype': 'string',
'category': 'auth',
'description': 'SAML Identity Provider metadata URL'
},
{
'key': 'saml_entity_id',
'value': '',
'valuetype': 'string',
'category': 'auth',
'description': 'SAML Service Provider entity ID (e.g., https://shopdb.example.com)'
},
{
'key': 'saml_acs_url',
'value': '',
'valuetype': 'string',
'category': 'auth',
'description': 'SAML Assertion Consumer Service URL'
},
{
'key': 'saml_allow_local_login',
'value': 'true',
'valuetype': 'boolean',
'category': 'auth',
'description': 'Allow local username/password login when SAML is enabled'
},
{
'key': 'saml_auto_create_users',
'value': 'true',
'valuetype': 'boolean',
'category': 'auth',
'description': 'Automatically create users on first SAML login'
},
{
'key': 'saml_admin_group',
'value': '',
'valuetype': 'string',
'category': 'auth',
'description': 'SAML group name that grants admin role'
},
]
created = 0
for d in defaults:
if not Setting.query.filter_by(key=d['key']).first():
setting = Setting(**d)
db.session.add(setting)
created += 1
db.session.commit()
click.echo(click.style(f"{created} default settings created.", fg='green'))
Reference in New Issue View Git Blame Copy Permalink