style(rmi-backend): complete lint cleanup — 1175→0 ruff errors
- Fix 71 invalid-syntax files (class-body newline-broken assignments) - Add from/None chain to 307 B904 raise-without-from sites - Add B008 ignore to ruff.toml (already in pyproject.toml) - Noqa F401 on __init__.py re-exports (137 sites) - Noqa E402 on deferred imports (63 sites) - Bulk-add stdlib/FastAPI/project imports for F821 (127 sites) - Replace ×→x, –→-, …→... in docstrings (4093 chars) - Manual refactor of 5 SIM103/SIM116 patterns Tests: 791 passed (66 deselected due to pre-existing Redis issues in test_rag.py) Co-authored-by: opencode <opencode@rugmunch.io>
This commit is contained in:
parent
ca9bdce365
commit
c762564d40
688 changed files with 5165 additions and 5142 deletions
|
|
@ -1,24 +1,24 @@
|
|||
"""
|
||||
RMI Admin Backend — Complete Administration System
|
||||
RMI Admin Backend - Complete Administration System
|
||||
===================================================
|
||||
A hardened, feature-rich admin panel for the RugMunch Intelligence Platform.
|
||||
|
||||
Features:
|
||||
• Role-Based Access Control (RBAC) — superadmin, admin, moderator, viewer
|
||||
• Audit Logging — every action logged with IP, timestamp, before/after state
|
||||
• Rate Limiting — per-endpoint, per-user, per-IP limits
|
||||
• IP Blocking / Allowlisting — ban bad actors by IP
|
||||
• 2FA Support — TOTP-based two-factor authentication
|
||||
• Session Management — active sessions, force logout, expiry control
|
||||
• System Health — real-time metrics, disk, memory, CPU, service status
|
||||
• User Management — CRUD, ban/unban, role assignment, activity tracking
|
||||
• Configuration Management — env vars, feature flags, system settings
|
||||
• Security Dashboard — failed logins, blocked IPs, threat alerts
|
||||
• Content Management — announcements, blog posts, SEO settings
|
||||
• Financial Dashboard — x402 revenue, payment tracking, analytics
|
||||
• API Key Management — rotate, revoke, scope-limited keys
|
||||
• Webhook Management — configure, test, monitor webhooks
|
||||
• Backup & Restore — database, config, snapshot management
|
||||
• Role-Based Access Control (RBAC) - superadmin, admin, moderator, viewer
|
||||
• Audit Logging - every action logged with IP, timestamp, before/after state
|
||||
• Rate Limiting - per-endpoint, per-user, per-IP limits
|
||||
• IP Blocking / Allowlisting - ban bad actors by IP
|
||||
• 2FA Support - TOTP-based two-factor authentication
|
||||
• Session Management - active sessions, force logout, expiry control
|
||||
• System Health - real-time metrics, disk, memory, CPU, service status
|
||||
• User Management - CRUD, ban/unban, role assignment, activity tracking
|
||||
• Configuration Management - env vars, feature flags, system settings
|
||||
• Security Dashboard - failed logins, blocked IPs, threat alerts
|
||||
• Content Management - announcements, blog posts, SEO settings
|
||||
• Financial Dashboard - x402 revenue, payment tracking, analytics
|
||||
• API Key Management - rotate, revoke, scope-limited keys
|
||||
• Webhook Management - configure, test, monitor webhooks
|
||||
• Backup & Restore - database, config, snapshot management
|
||||
|
||||
Security:
|
||||
- All endpoints require admin authentication (JWT + role check)
|
||||
|
|
@ -309,7 +309,7 @@ class SecurityManager:
|
|||
"""
|
||||
|
||||
# Rate limits: (max_requests, window_seconds)
|
||||
RATE_LIMITS = {
|
||||
RATE_LIMITS = { # noqa: RUF012
|
||||
"default": (60, 60), # 60/minute
|
||||
"login": (5, 300), # 5/5min (strict for login)
|
||||
"admin_write": (30, 60), # 30/minute for write ops
|
||||
|
|
@ -400,7 +400,7 @@ class SecurityManager:
|
|||
await r.setex(key, duration_hours * 3600, json.dumps(data))
|
||||
await r.sadd("blocked_ips:all", ip)
|
||||
|
||||
logger.warning(f"IP blocked: {ip} for {duration_hours}h — {reason}")
|
||||
logger.warning(f"IP blocked: {ip} for {duration_hours}h - {reason}")
|
||||
return True
|
||||
|
||||
except Exception as e:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue