arbret/backend/models/role_config.py

from .enums import Permission
from .types import RoleConfig

# Role name constants
ROLE_ADMIN = "admin"
ROLE_REGULAR = "regular"

# Role definitions with their permissions
ROLE_DEFINITIONS: dict[str, RoleConfig] = {
    ROLE_ADMIN: {
        "description": "Administrator with audit/invite/exchange access",
        "permissions": [
            Permission.VIEW_AUDIT,
            Permission.FETCH_PRICE,
            Permission.MANAGE_INVITES,
            Permission.MANAGE_AVAILABILITY,
            Permission.MANAGE_PRICING,
            Permission.VIEW_ALL_EXCHANGES,
            Permission.CANCEL_ANY_EXCHANGE,
            Permission.COMPLETE_EXCHANGE,
        ],
    },
    ROLE_REGULAR: {
        "description": "Regular user with profile, invite, and exchange access",
        "permissions": [
            Permission.MANAGE_OWN_PROFILE,
            Permission.VIEW_OWN_INVITES,
            Permission.CREATE_EXCHANGE,
            Permission.VIEW_OWN_EXCHANGES,
            Permission.CANCEL_OWN_EXCHANGE,
        ],
    },
}