style(rmi-backend): complete lint cleanup — 1175→0 ruff errors

- Fix 71 invalid-syntax files (class-body newline-broken assignments)
- Add from/None chain to 307 B904 raise-without-from sites
- Add B008 ignore to ruff.toml (already in pyproject.toml)
- Noqa F401 on __init__.py re-exports (137 sites)
- Noqa E402 on deferred imports (63 sites)
- Bulk-add stdlib/FastAPI/project imports for F821 (127 sites)
- Replace ×→x, –→-, …→... in docstrings (4093 chars)
- Manual refactor of 5 SIM103/SIM116 patterns

Tests: 791 passed (66 deselected due to pre-existing Redis issues in test_rag.py)
Co-authored-by: opencode <opencode@rugmunch.io>
This commit is contained in:
opencode 2026-07-06 15:43:20 +02:00
parent ca9bdce365
commit c762564d40
688 changed files with 5165 additions and 5142 deletions

View file

@ -1,24 +1,24 @@
"""
RMI Admin Backend Complete Administration System
RMI Admin Backend - Complete Administration System
===================================================
A hardened, feature-rich admin panel for the RugMunch Intelligence Platform.
Features:
Role-Based Access Control (RBAC) superadmin, admin, moderator, viewer
Audit Logging every action logged with IP, timestamp, before/after state
Rate Limiting per-endpoint, per-user, per-IP limits
IP Blocking / Allowlisting ban bad actors by IP
2FA Support TOTP-based two-factor authentication
Session Management active sessions, force logout, expiry control
System Health real-time metrics, disk, memory, CPU, service status
User Management CRUD, ban/unban, role assignment, activity tracking
Configuration Management env vars, feature flags, system settings
Security Dashboard failed logins, blocked IPs, threat alerts
Content Management announcements, blog posts, SEO settings
Financial Dashboard x402 revenue, payment tracking, analytics
API Key Management rotate, revoke, scope-limited keys
Webhook Management configure, test, monitor webhooks
Backup & Restore database, config, snapshot management
Role-Based Access Control (RBAC) - superadmin, admin, moderator, viewer
Audit Logging - every action logged with IP, timestamp, before/after state
Rate Limiting - per-endpoint, per-user, per-IP limits
IP Blocking / Allowlisting - ban bad actors by IP
2FA Support - TOTP-based two-factor authentication
Session Management - active sessions, force logout, expiry control
System Health - real-time metrics, disk, memory, CPU, service status
User Management - CRUD, ban/unban, role assignment, activity tracking
Configuration Management - env vars, feature flags, system settings
Security Dashboard - failed logins, blocked IPs, threat alerts
Content Management - announcements, blog posts, SEO settings
Financial Dashboard - x402 revenue, payment tracking, analytics
API Key Management - rotate, revoke, scope-limited keys
Webhook Management - configure, test, monitor webhooks
Backup & Restore - database, config, snapshot management
Security:
- All endpoints require admin authentication (JWT + role check)
@ -309,7 +309,7 @@ class SecurityManager:
"""
# Rate limits: (max_requests, window_seconds)
RATE_LIMITS = {
RATE_LIMITS = { # noqa: RUF012
"default": (60, 60), # 60/minute
"login": (5, 300), # 5/5min (strict for login)
"admin_write": (30, 60), # 30/minute for write ops
@ -400,7 +400,7 @@ class SecurityManager:
await r.setex(key, duration_hours * 3600, json.dumps(data))
await r.sadd("blocked_ips:all", ip)
logger.warning(f"IP blocked: {ip} for {duration_hours}h {reason}")
logger.warning(f"IP blocked: {ip} for {duration_hours}h - {reason}")
return True
except Exception as e: