fix: corrige problemas de permissões e rotas

2025-04-04 02:34:51 -03:00
parent 241543ea63
commit 745803fef3
5 changed files with 110 additions and 513 deletions
--- a/functions/rbac.py
+++ b/functions/rbac.py
@@ -137,14 +137,22 @@ def init_rbac():
    session = get_db_connection()
    
    try:
-        # Criar roles se não existirem
-        for nivel, nome in Role.get_roles_list():
-            role = session.query(Role).filter_by(nivel=nivel).first()
-            if not role:
-                role = Role(nome=nome, nivel=nivel)
-                session.add(role)
+        # Criar role de administrador primeiro
+        admin_role = session.query(Role).filter_by(nome="Administrador").first()
+        if not admin_role:
+            admin_role = Role(nome="Administrador", nivel=Role.SECRETARIO_GERAL)
+            session.add(admin_role)
+            session.commit()
        
-        # Criar permissões se não existirem
+        # Criar outras roles
+        for nivel, nome in Role.get_roles_list():
+            if nome != "Administrador":  # Pular Administrador pois já foi criado
+                role = session.query(Role).filter_by(nivel=nivel).first()
+                if not role:
+                    role = Role(nome=nome, nivel=nivel)
+                    session.add(role)
+        
+        # Criar permissões
        for nome, descricao in Permission.get_permissions_list():
            permission = session.query(Permission).filter_by(nome=nome).first()
            if not permission:
@@ -153,13 +161,6 @@ def init_rbac():
        
        session.commit()
        
-        # Buscar role de administrador
-        admin_role = session.query(Role).filter_by(nome="Administrador").first()
-        if not admin_role:
-            admin_role = Role(nome="Administrador", nivel=Role.SECRETARIO_GERAL)
-            session.add(admin_role)
-            session.commit()
-        
        # Dar todas as permissões para o admin
        all_permissions = session.query(Permission).all()
        admin_role.permissions = all_permissions
@@ -167,9 +168,10 @@ def init_rbac():
        
        # Buscar usuário admin e atribuir role de administrador
        admin_user = session.query(Usuario).filter_by(username="admin").first()
-        if admin_user and admin_role not in admin_user.roles:
-            admin_user.roles.append(admin_role)
-            session.commit()
+        if admin_user:
+            if admin_role not in admin_user.roles:
+                admin_user.roles = [admin_role]  # Substituir roles existentes
+                session.commit()
        
        # Mapear permissões para outros roles
        for role in session.query(Role).filter(Role.nome != "Administrador").all():