- Add Settings menu for Stripe configuration- In the Member Profile page, Superadmin can assign new Role to the member- Stripe Configuration is now stored with encryption in Database

2026-01-16 19:07:58 +07:00
parent 39324ba6f6
commit e938baa78e
7 changed files with 717 additions and 11 deletions
--- a/alembic/versions/4fa11836f7fd_add_role_audit_fields.py
+++ b/alembic/versions/4fa11836f7fd_add_role_audit_fields.py
@@ -0,0 +1,48 @@
+"""add_role_audit_fields
+
+Revision ID: 4fa11836f7fd
+Revises: 013_sync_permissions
+Create Date: 2026-01-16 17:21:40.514605
+
+"""
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects.postgresql import UUID
+
+
+# revision identifiers, used by Alembic.
+revision: str = '4fa11836f7fd'
+down_revision: Union[str, None] = '013_sync_permissions'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Add role audit trail columns
+    op.add_column('users', sa.Column('role_changed_at', sa.DateTime(timezone=True), nullable=True))
+    op.add_column('users', sa.Column('role_changed_by', UUID(as_uuid=True), nullable=True))
+
+    # Create foreign key constraint to track who changed the role
+    op.create_foreign_key(
+        'fk_users_role_changed_by',
+        'users', 'users',
+        ['role_changed_by'], ['id'],
+        ondelete='SET NULL'
+    )
+
+    # Create index for efficient querying by role change date
+    op.create_index('idx_users_role_changed_at', 'users', ['role_changed_at'])
+
+
+def downgrade() -> None:
+    # Drop index first
+    op.drop_index('idx_users_role_changed_at')
+
+    # Drop foreign key constraint
+    op.drop_constraint('fk_users_role_changed_by', 'users', type_='foreignkey')
+
+    # Drop columns
+    op.drop_column('users', 'role_changed_by')
+    op.drop_column('users', 'role_changed_at')
--- a/alembic/versions/ec4cb4a49cde_add_system_settings_table.py
+++ b/alembic/versions/ec4cb4a49cde_add_system_settings_table.py
@@ -0,0 +1,68 @@
+"""add_system_settings_table
+
+Revision ID: ec4cb4a49cde
+Revises: 4fa11836f7fd
+Create Date: 2026-01-16 18:16:00.283455
+
+"""
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects.postgresql import UUID
+
+
+# revision identifiers, used by Alembic.
+revision: str = 'ec4cb4a49cde'
+down_revision: Union[str, None] = '4fa11836f7fd'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Create enum for setting types (only if not exists)
+    op.execute("""
+        DO $$ BEGIN
+            CREATE TYPE settingtype AS ENUM ('plaintext', 'encrypted', 'json');
+        EXCEPTION
+            WHEN duplicate_object THEN null;
+        END $$;
+    """)
+
+    # Create system_settings table
+    op.execute("""
+        CREATE TABLE system_settings (
+            id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+            setting_key VARCHAR(100) UNIQUE NOT NULL,
+            setting_value TEXT,
+            setting_type settingtype NOT NULL DEFAULT 'plaintext'::settingtype,
+            description TEXT,
+            updated_by UUID REFERENCES users(id) ON DELETE SET NULL,
+            created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
+            updated_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
+            is_sensitive BOOLEAN NOT NULL DEFAULT FALSE
+        );
+
+        COMMENT ON COLUMN system_settings.setting_key IS 'Unique setting identifier (e.g., stripe_secret_key)';
+        COMMENT ON COLUMN system_settings.setting_value IS 'Setting value (encrypted if setting_type is encrypted)';
+        COMMENT ON COLUMN system_settings.setting_type IS 'Type of setting: plaintext, encrypted, or json';
+        COMMENT ON COLUMN system_settings.description IS 'Human-readable description of the setting';
+        COMMENT ON COLUMN system_settings.updated_by IS 'User who last updated this setting';
+        COMMENT ON COLUMN system_settings.is_sensitive IS 'Whether this setting contains sensitive data';
+    """)
+
+    # Create indexes
+    op.create_index('idx_system_settings_key', 'system_settings', ['setting_key'])
+    op.create_index('idx_system_settings_updated_at', 'system_settings', ['updated_at'])
+
+
+def downgrade() -> None:
+    # Drop indexes
+    op.drop_index('idx_system_settings_updated_at')
+    op.drop_index('idx_system_settings_key')
+
+    # Drop table
+    op.drop_table('system_settings')
+
+    # Drop enum
+    op.execute('DROP TYPE IF EXISTS settingtype')