Skip to content

Poseidon/feature/license management#145

Open
Yasserelhaddar wants to merge 15 commits intoposeidon/devfrom
poseidon/feature/license_management
Open

Poseidon/feature/license management#145
Yasserelhaddar wants to merge 15 commits intoposeidon/devfrom
poseidon/feature/license_management

Conversation

@Yasserelhaddar
Copy link
Collaborator

@Yasserelhaddar Yasserelhaddar commented Aug 20, 2025

License Management System Implementation

Summary

Complete implementation of a project license management system for Poseidon with role-based access control, enabling super admins to issue, renew, and manage project licenses.

🚀 Features Added

Backend Implementation

  • ProjectLicense Model - Complete data model with validation logic and expiry tracking
  • LicenseRepository - Data access layer with organization-scoped operations
  • LicenseService - Business logic layer with role validation and security controls
  • LicenseStatus Enum - Status tracking (Active, Expired, Cancelled) with display names

Frontend Implementation

  • License Management UI - Complete interface with tables, dialogs, and statistics
  • Role-Based Access - Super admin license management, admin organization viewing
  • License Operations - Issue new licenses, renew existing, cancel active licenses
  • Statistics Dashboard - Overview cards showing license counts and expiry alerts

Key Capabilities

  • License Lifecycle Management - Create, renew, cancel licenses with expiry tracking
  • Security & Validation - Super admin only operations with proper privilege validation
  • Organization Scoping - Regular admins see only their organization's licenses
  • Expiry Management - Automatic expiry detection and renewal workflows
  • Statistics & Monitoring - License counts, expiring alerts, and health metrics

📊 Changes Overview

  • 15 files changed with 2,315 additions
  • 5 new files - Complete license management backend and UI implementation
  • 10 modified files - Integration with existing navigation, database, and project management

Note: Scopping access is another feature not currently implemented. I would like to discuss our options to scope the relevant pages (Camera Configurator, Inference, Deployment and Image Viewer)

@Yasserelhaddar
Add ProjectAssignment model for user-project role relationships
a49b9ed 
- Create ProjectAssignment model to handle many-to-many relationships between users and projects
- Includes role assignment (Inspector/Viewer) and assignment metadata
- Supports immutable business rule for organization admin auto-assignment
@Yasserelhaddar
Enhance OrgRole enum with utility methods
00b9519 
- Add is_admin(), is_super_admin(), is_admin_or_higher() utility methods
- Add get_manageable_roles() for role management logic
- Improve type safety and code organization for role handling
@Yasserelhaddar
Update database initialization for ProjectAssignment model
5ee1dc1 
- Register ProjectAssignment model in database initialization
- Update model imports to include new ProjectAssignment
@Yasserelhaddar
Implement ProjectAssignment repository logic and security fixes
46b2c9f 
- Add assign_to_project() and remove_from_project() methods using ProjectAssignment model
- Implement immutable business rule: org admins cannot be removed from organization projects
- Fix Link object access issues with proper fetch_all_links() calls
- Use OrgRole enum constants for consistent role comparisons
- Add cross-organization validation and security checks
@Yasserelhaddar
Implement comprehensive service layer security
6d305a3 
- Add authentication validation to all critical service methods
- Implement _validate_super_admin() for privilege escalation prevention
- Add cross-organization validation and access control
- Fix auto-assignment of organization admins to all projects as viewers
- Ensure defense-in-depth security architecture
@Yasserelhaddar
Implement role-based access control and visibility filtering
ff79d58 
- Add super admin filtering - super admins invisible to regular admins and each other in user management
- Implement can_manage_user_projects() with immutable business rules
- Fix organizational isolation between super admins (SYSTEM org) and regular users
- Add comprehensive permission checks for user management operations
- Use OrgRole enum constants throughout for type safety
@Yasserelhaddar
Fix UI component permissions and project assignment display
290d949 
- Hide 'Manage Projects' button for admin users, show 'Auto-managed' instead
- Implement proper role-based button visibility using OrgRole enum
- Fix project assignment display to show project names instead of IDs
- Add role display formatting for project assignments
@Yasserelhaddar
Standardize role handling in state models
b0b8de7 
- Convert UserRoles and ProjectRoles to compatibility wrappers for centralized enums
- Update UserData model to use OrgRole enum constants
- Maintain backward compatibility while enforcing enum usage
- Clean up duplicate enum definitions
@Yasserelhaddar
Standardize enum usage across all components
f32c359 
- Add OrgRole and ProjectRole imports to all component files
- Replace hardcoded role strings with enum constants throughout
- Update role comparison logic to use type-safe enum values
- Enhance role filtering and color mapping with consistent enum usage
@Yasserelhaddar
Complete enum standardization across pages and models
a224bd5 
- Update project management page to use OrgRole.ADMIN
- Add ProjectAssignment reference imports to User model
- Ensure 100% consistent enum usage throughout codebase
@Yasserelhaddar
Add license management backend implementation
1edb382 
- Add ProjectLicense model with validation logic
- Implement LicenseRepository for data access operations
- Add LicenseService with business logic and role validation
- Support license creation, renewal, cancellation operations
- Include license statistics and expiry management
@Yasserelhaddar
Add license management UI components
e01523f 
- Implement license management UI components with status badges
- Add license table with filtering and pagination
- Create dialogs for issuing, renewing, and viewing licenses
- Implement LicenseManagementState with role-based access control
- Support license statistics overview and expiry alerts
@Yasserelhaddar
Update database schema for license management
65f975a 
- Add LicenseStatus enum with display names
- Register ProjectLicense model in database init
- Add LicenseData model for UI state management
- Support license status tracking and validation
@Yasserelhaddar
Integrate license management into navigation
d49fc2e 
- Add license management sidebar navigation item
- Register license management page route
- Update management pages module exports
- Enable role-based access to license management features
@Yasserelhaddar
Enhance project management functionality
8eb09be 
- Update utilities with improved enum handling
- Add project assignment validation and filtering
- Implement role-based project access controls
- Support organization-scoped project operations
@Yasserelhaddar Yasserelhaddar requested review from a user and canelbirlik August 20, 2025 15:12
@ghost ghost assigned Yasserelhaddar Aug 28, 2025
@YasserElHaddar16 YasserElHaddar16 added paz Raised from paz team in the mindtrace package enhancement New feature or request labels Aug 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@canelbirlik canelbirlik Awaiting requested review from canelbirlik

Assignees

@Yasserelhaddar Yasserelhaddar

Labels

enhancement New feature or request paz Raised from paz team in the mindtrace package

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Yasserelhaddar @YasserElHaddar16