capability handling

api/kiwi_vpn_api/db/crud.py

@@ -13,24 +13,19 @@ def get_user(db: Session, name: str):
 def create_user(
     db: Session,
     user: schemas.UserCreate,
-    crypt_context: CryptContext
+    capabilities: list[str],
+    crypt_context: CryptContext,
 ):
     db_user = models.User(
         name=user.name,
         password=crypt_context.hash(user.password),
+        capabilities=[
+            models.UserCapability(capability=capability)
+            for capability in capabilities
+        ]
     )
+
     db.add(db_user)
     db.commit()
     db.refresh(db_user)
     return db_user
-
-
-def add_user_capability(db: Session, user_name: str, capability: str):
-    db_user_capability = models.UserCapability(
-        user_name=user_name,
-        capability=capability,
-    )
-    db.add(db_user_capability)
-    db.commit()
-    db.refresh(db_user_capability)
-    return db_user_capability

api/kiwi_vpn_api/db/models.py

@@ -14,8 +14,8 @@ class User(ORMBaseModel):
     name = Column(String, primary_key=True, index=True)
     password = Column(String)
 
-    capabilities = relationship("UserCapability")
-    certificates = relationship("Certificate")
+    capabilities = relationship("UserCapability", lazy="joined")
+    certificates = relationship("Certificate", lazy="joined")
 
 
 class UserCapability(ORMBaseModel):
@@ -44,7 +44,7 @@ class DistinguishedName(ORMBaseModel):
     email = Column(String)
     common_name = Column(String)
 
-    certificates = relationship("Certificate")
+    certificates = relationship("Certificate", lazy="joined")
 
     UniqueConstraint(
         country,

api/kiwi_vpn_api/routers/admin.py

@@ -63,6 +63,6 @@ async def add_user(
             name=user_name,
             password=user_password,
         ),
+        capabilities=["admin"],
         crypt_context=current_config.crypt_context,
     )
-    crud.add_user_capability(db, user_name=user_name, capability="admin")