admin / Synapse-Cortex
publicSelf Hosted ITSM Tool with RBAC/Tenanting and MFA
Synapse-Cortex / Synapse-Cortexv2 / app / routers / setup.py
2224 B · main
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 | from fastapi import APIRouter, Depends, HTTPException, Request, status from sqlalchemy.orm import Session from .. import models, schemas from ..database import get_db from ..security import hash_password router = APIRouter(prefix="/api/v1/setup", tags=["setup"]) # Sensible out-of-the-box SLA targets, seeded per-priority for every new tenant. # (response_minutes, resolution_minutes) DEFAULT_SLA_MATRIX = { models.TicketPriority.CRITICAL: (15, 240), models.TicketPriority.HIGH: (30, 480), models.TicketPriority.MEDIUM: (60, 1440), models.TicketPriority.LOW: (120, 4320), } def _admin_exists(db: Session) -> bool: return ( db.query(models.User).filter(models.User.role == models.UserRole.GLOBAL_ADMIN).first() is not None ) @router.get("/status", response_model=schemas.SetupStatusOut) def setup_status(db: Session = Depends(get_db)): return schemas.SetupStatusOut(needs_setup=not _admin_exists(db)) @router.post("") def setup_submit(payload: schemas.SetupRequest, request: Request, db: Session = Depends(get_db)): if _admin_exists(db): raise HTTPException(status.HTTP_400_BAD_REQUEST, detail="Setup has already been completed.") slug = payload.tenant_name.strip().lower().replace(" ", "-") tenant = models.Tenant(name=payload.tenant_name.strip(), slug=slug) db.add(tenant) db.flush() for priority, (response_minutes, resolution_minutes) in DEFAULT_SLA_MATRIX.items(): db.add( models.SLAPolicy( tenant_id=tenant.id, priority=priority, response_time_minutes=response_minutes, resolution_time_minutes=resolution_minutes, ) ) for type_name in models.DEFAULT_ASSET_TYPE_NAMES: db.add(models.AssetTypeOption(tenant_id=tenant.id, name=type_name)) admin = models.User( tenant_id=tenant.id, email=payload.admin_email.strip().lower(), full_name=payload.admin_full_name.strip(), hashed_password=hash_password(payload.admin_password), role=models.UserRole.GLOBAL_ADMIN, ) db.add(admin) db.commit() request.session["user_id"] = str(admin.id) return {"status": "ok"} |