Skip to content

Class tigrbl.orm.mixins.ownable.Ownable

tigrbl.orm.mixins.ownable.Ownable

Mixin that adds an owner_id column and installs v3 hooks to enforce ownership policy.

Policy (per __tigrbl_owner_policy__): • CLIENT_SET: client may provide owner_id; if missing, we leave it as-is. • DEFAULT_TO_USER: if owner_id missing, default to ctx user; if provided, keep it. • STRICT_SERVER: always enforce owner_id = ctx user; reject mismatches.

Hooks (installed at class creation via init_subclass): • PRE_TX_BEGIN on "create": normalize/enforce owner_id in ctx.env.params & ctx.payload • PRE_TX_BEGIN on "update": forbid changing owner_id unless CLIENT_SET and matches ctx user (note: if you need to compare with the existing DB value, do that in POST_HANDLER where your core sets ctx["result"] or fetch the row here — this version validates intent only)

owner_id

owner_id()
Source code in tigrbl/orm/mixins/ownable.py
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
@declared_attr
def owner_id(cls) -> Mapped[UUID]:
    pol = getattr(cls, TIGRBL_OWNER_POLICY_ATTR, OwnerPolicy.CLIENT_SET)
    schema = _infer_schema(cls, default="public")

    in_verbs = (
        ("create", "update", "replace")
        if pol == OwnerPolicy.CLIENT_SET
        else ("create",)
    )
    io = IO(
        in_verbs=in_verbs,
        out_verbs=("read", "list"),
        mutable_verbs=in_verbs,
    )

    spec = ColumnSpec(
        storage=S(
            type_=PgUUID(as_uuid=True),
            fk=ForeignKeySpec(target=f"{schema}.users.id"),
            nullable=False,
            index=True,
        ),
        field=F(py_type=UUID),
        io=io,
    )
    return acol(spec=spec)