fix: finalize semantic repair and test updates

backend/src/scripts/init_auth_db.py

@@ -1,9 +1,12 @@
-# [DEF:backend.src.scripts.init_auth_db:Module]
+# [DEF:InitAuthDbScript:Module]
 #
 # @SEMANTICS: setup, database, auth, migration
 # @PURPOSE:   Initializes the auth database and creates the necessary tables.
+# @COMPLEXITY: 2
 # @LAYER:     Scripts
-# @RELATION:  CALLS -> backend.src.core.database.init_db
+# @RELATION:  CALLS -> init_db
+# @RELATION:  CALLS -> ensure_encryption_key
+# @RELATION:  CALLS -> seed_permissions
 #
 # @INVARIANT: Safe to run multiple times (idempotent).
 
@@ -20,9 +23,14 @@ from src.core.logger import logger, belief_scope
 from src.scripts.seed_permissions import seed_permissions
 # [/SECTION]
 
+
 # [DEF:run_init:Function]
 # @PURPOSE: Main entry point for the initialization script.
+# @COMPLEXITY: 3
 # @POST:    auth.db is initialized with the correct schema and seeded permissions.
+# @RELATION: CALLS -> ensure_encryption_key
+# @RELATION: CALLS -> init_db
+# @RELATION: CALLS -> seed_permissions
 def run_init():
     with belief_scope("init_auth_db"):
         logger.info("Initializing authentication database...")
@@ -30,16 +38,18 @@ def run_init():
             ensure_encryption_key()
             init_db()
             logger.info("Authentication database initialized successfully.")
-            
+
             # Seed permissions
             seed_permissions()
-            
+
         except Exception as e:
             logger.error(f"Failed to initialize authentication database: {e}")
             sys.exit(1)
+
+
 # [/DEF:run_init:Function]
 
 if __name__ == "__main__":
     run_init()
 
-# [/DEF:backend.src.scripts.init_auth_db:Module]
+# [/DEF:InitAuthDbScript:Module]

backend/src/scripts/seed_permissions.py

@@ -1,10 +1,13 @@
-# [DEF:backend.src.scripts.seed_permissions:Module]
+# [DEF:SeedPermissionsScript:Module]
 #
 # @SEMANTICS: setup, database, auth, permissions, seeding
 # @PURPOSE:   Populates the auth database with initial system permissions.
+# @COMPLEXITY: 3
 # @LAYER:     Scripts
-# @RELATION:  USES -> backend.src.core.database.get_auth_db
-# @RELATION:  USES -> backend.src.models.auth.Permission
+# @RELATION:  DEPENDS_ON -> AuthSessionLocal
+# @RELATION:  DEPENDS_ON -> Permission
+# @RELATION:  DEPENDS_ON -> Role
+# @RELATION:  DEPENDS_ON -> AuthRepository
 #
 # @INVARIANT: Safe to run multiple times (idempotent).
 
@@ -22,6 +25,9 @@ from src.core.logger import logger, belief_scope
 # [/SECTION]
 
 # [DEF:INITIAL_PERMISSIONS:Constant]
+# @PURPOSE: Canonical bootstrap permission tuples seeded into auth storage.
+# @COMPLEXITY: 3
+# @RELATION: DEPENDS_ON -> SeedPermissionsScript
 INITIAL_PERMISSIONS = [
     # Admin Permissions
     {"resource": "admin:users", "action": "READ"},
@@ -34,7 +40,6 @@ INITIAL_PERMISSIONS = [
     {"resource": "plugins", "action": "READ"},
     {"resource": "tasks", "action": "READ"},
     {"resource": "tasks", "action": "WRITE"},
-    
     # Plugin Permissions
     {"resource": "plugin:backup", "action": "EXECUTE"},
     {"resource": "plugin:migration", "action": "EXECUTE"},
@@ -46,7 +51,6 @@ INITIAL_PERMISSIONS = [
     {"resource": "plugin:storage", "action": "WRITE"},
     {"resource": "plugin:debug", "action": "EXECUTE"},
     {"resource": "git_config", "action": "READ"},
-
     # Dataset Review Permissions
     {"resource": "dataset:session", "action": "READ"},
     {"resource": "dataset:session", "action": "MANAGE"},
@@ -57,9 +61,16 @@ INITIAL_PERMISSIONS = [
 ]
 # [/DEF:INITIAL_PERMISSIONS:Constant]
 
+
 # [DEF:seed_permissions:Function]
 # @PURPOSE: Inserts missing permissions into the database.
+# @COMPLEXITY: 3
 # @POST:    All INITIAL_PERMISSIONS exist in the DB.
+# @RELATION: DEPENDS_ON -> AuthSessionLocal
+# @RELATION: DEPENDS_ON -> Permission
+# @RELATION: DEPENDS_ON -> Role
+# @RELATION: DEPENDS_ON -> AuthRepository
+# @RELATION: DEPENDS_ON -> INITIAL_PERMISSIONS
 def seed_permissions():
     with belief_scope("seed_permissions"):
         db = AuthSessionLocal()
@@ -67,19 +78,22 @@ def seed_permissions():
             logger.info("Seeding permissions...")
             count = 0
             for perm_data in INITIAL_PERMISSIONS:
-                exists = db.query(Permission).filter(
-                    Permission.resource == perm_data["resource"],
-                    Permission.action == perm_data["action"]
-                ).first()
-                
+                exists = (
+                    db.query(Permission)
+                    .filter(
+                        Permission.resource == perm_data["resource"],
+                        Permission.action == perm_data["action"],
+                    )
+                    .first()
+                )
+
                 if not exists:
                     new_perm = Permission(
-                        resource=perm_data["resource"],
-                        action=perm_data["action"]
+                        resource=perm_data["resource"], action=perm_data["action"]
                     )
                     db.add(new_perm)
                     count += 1
-            
+
             db.commit()
             logger.info(f"Seeding completed. Added {count} new permissions.")
 
@@ -87,10 +101,12 @@ def seed_permissions():
             repo = AuthRepository(db)
             user_role = repo.get_role_by_name("User")
             if not user_role:
-                user_role = Role(name="User", description="Standard user with plugin access")
+                user_role = Role(
+                    name="User", description="Standard user with plugin access"
+                )
                 db.add(user_role)
                 db.flush()
-            
+
             user_permissions = [
                 ("plugin:mapper", "EXECUTE"),
                 ("plugin:migration", "EXECUTE"),
@@ -113,7 +129,7 @@ def seed_permissions():
                 perm = repo.get_permission_by_resource_action(res, act)
                 if perm and perm not in user_role.permissions:
                     user_role.permissions.append(perm)
-            
+
             db.commit()
             logger.info("User role permissions updated.")
 
@@ -122,9 +138,11 @@ def seed_permissions():
             db.rollback()
         finally:
             db.close()
+
+
 # [/DEF:seed_permissions:Function]
 
 if __name__ == "__main__":
     seed_permissions()
 
-# [/DEF:backend.src.scripts.seed_permissions:Module]
+# [/DEF:SeedPermissionsScript:Module]

backend/src/scripts/test_dataset_dashboard_relations.py

@@ -1,4 +1,8 @@
 #!/usr/bin/env python3
+# [DEF:test_dataset_dashboard_relations_script:Module]
+# @SEMANTICS: scripts, test, dataset, dashboard, superset, relations
+# @PURPOSE: Tests and inspects dataset-to-dashboard relationship responses from Superset API.
+# @COMPLEXITY: 2
 """
 Script to test dataset-to-dashboard relationships from Superset API.
 
@@ -164,3 +168,5 @@ def test_dashboard_dataset_relations():
 
 if __name__ == "__main__":
     test_dashboard_dataset_relations()
+
+# [/DEF:test_dataset_dashboard_relations_script:Module]