feat(salto): license lifecycle, role listing, PIN-safe modify#18
Merged
Conversation
Salto KS is user-centric and billed per subscribed user, so the grant lifecycle differs from passcode vendors: - revoke_access now suspends the guest user (frees the license, disables the PIN) instead of deleting; add delete_grant() for the eventual hard delete from a retention cron. - modify_access keeps the same PIN (patches the schedule in place) and reports it unchanged via AccessGrant.pin=None, so callers don't wipe the stored PIN. Documented across the contract. - role_id is optional in the constructor and a new list_roles() exposes the site roles, so the integration can let the operator pick the basic "User" role (ids are unique per site). - _do_grant_access guards: reject a caller-supplied PIN (Salto generates them; custom is premium/unsupported) and a missing role_id.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Builds on the merged Salto provider (#16) with the lifecycle pieces the PMS integration needs. Salto-only — no change to the base contract or other providers.
Revoke = suspend (per-user license)
Salto bills per subscribed user, so
revoke_accessno longer deletes: it unsubscribes the guest user (frees the license, disables the PIN) and keeps the user/group/logs. New publicdelete_grant(ref)does the eventual hard delete, to be called from a retention cron.Modify keeps the PIN
modify_accesspatches the time schedule in place (no delete+recreate) so the original PIN stays valid. Salto can't read PINs back, so it returnsAccessGrant.pin=None("unchanged") and the caller keeps its stored PIN. Documented inmodels.py/base.py.Roles
role_idis now optional in the constructor andlist_roles()exposes the site roles, so the integration can let the operator pick the basic User role (ids are unique per site).Guards in
_do_grant_accessrole_id.Tests
54 passing (
pytest). Added: revoke-suspends,delete_grant(+idempotent), modify pin=None, custom-PIN rejected, role_id required,list_roles.