feat: Add presence heartbeat for Matrix online status

- matrix-gateway: POST /internal/matrix/presence/online endpoint - usePresenceHeartbeat hook with activity tracking - Auto away after 5 min inactivity - Offline on page close/visibility change - Integrated in MatrixChatRoom component
2025-11-27 00:19:40 -08:00
parent 5bed515852
commit 3de3c8cb36
6371 changed files with 1317450 additions and 932 deletions
--- a/services/dao-service/pdp_client.py
+++ b/services/dao-service/pdp_client.py
@@ -0,0 +1,51 @@
+"""
+PDP Client — Check permissions via pdp-service
+Phase 8: DAO Dashboard
+"""
+from fastapi import HTTPException
+import httpx
+import os
+
+PDP_SERVICE_URL = os.getenv("PDP_SERVICE_URL", "http://localhost:7012")
+
+async def check_pdp_permission(
+    action: str,
+    resource: dict,
+    context: dict,
+    actor: dict
+) -> bool:
+    """
+    Check permission via pdp-service
+    Returns True if allowed, False otherwise
+    """
+    async with httpx.AsyncClient() as client:
+        try:
+            response = await client.post(
+                f"{PDP_SERVICE_URL}/internal/pdp/evaluate",
+                json={
+                    "action": action,
+                    "resource": resource,
+                    "context": context,
+                    "actor": actor
+                }
+            )
+            response.raise_for_status()
+            result = response.json()
+            return result.get("decision") == "ALLOW"
+        except httpx.HTTPError as e:
+            print(f"⚠️  PDP error: {e}")
+            return False  # Fail closed
+
+async def require_permission(
+    action: str,
+    resource: dict,
+    context: dict,
+    actor: dict
+):
+    """
+    Check permission and raise 403 if denied
+    """
+    allowed = await check_pdp_permission(action, resource, context, actor)
+    if not allowed:
+        raise HTTPException(status_code=403, detail=f"Permission denied: {action}")
+