Add target owners and alert notification management.

This commit implements the addition of `target_owners` and `alert_notification_events` tables, enabling management of responsible users for targets. Backend and frontend components are updated to allow viewing, assigning, and notifying target owners about critical alerts via email.

backend/app/api/routes/alerts.py

@@ -20,6 +20,7 @@ from app.services.alerts import (
     validate_alert_sql,
     validate_alert_thresholds,
 )
+from app.services.alert_notifications import process_target_owner_notifications
 from app.services.audit import write_audit_log
 
 router = APIRouter()
@@ -38,7 +39,9 @@ async def list_alert_status(
     user: User = Depends(get_current_user), db: AsyncSession = Depends(get_db)
 ) -> AlertStatusResponse:
     _ = user
-    return await get_alert_status(db, use_cache=True)
+    payload = await get_alert_status(db, use_cache=True)
+    await process_target_owner_notifications(db, payload)
+    return payload
 
 
 @router.get("/definitions", response_model=list[AlertDefinitionOut])

backend/app/api/routes/targets.py

@@ -1,14 +1,23 @@
 from datetime import datetime
+
 import asyncpg
 from fastapi import APIRouter, Depends, HTTPException, Query, status
-from sqlalchemy import and_, desc, select
+from sqlalchemy import and_, delete, desc, select
 from sqlalchemy.ext.asyncio import AsyncSession
+
 from app.core.db import get_db
 from app.core.deps import get_current_user, require_roles
-from app.models.models import Metric, QueryStat, Target, User
+from app.models.models import Metric, QueryStat, Target, TargetOwner, User
 from app.schemas.metric import MetricOut, QueryStatOut
 from app.schemas.overview import DatabaseOverviewOut
-from app.schemas.target import TargetConnectionTestRequest, TargetCreate, TargetOut, TargetUpdate
+from app.schemas.target import (
+    TargetConnectionTestRequest,
+    TargetCreate,
+    TargetOut,
+    TargetOwnerOut,
+    TargetOwnersUpdate,
+    TargetUpdate,
+)
 from app.services.audit import write_audit_log
 from app.services.collector import build_target_dsn
 from app.services.crypto import encrypt_secret
@@ -17,10 +26,46 @@ from app.services.overview_service import get_target_overview
 router = APIRouter()
 
 
+async def _owners_by_target_ids(db: AsyncSession, target_ids: list[int]) -> dict[int, list[int]]:
+    if not target_ids:
+        return {}
+    rows = (
+        await db.execute(select(TargetOwner.target_id, TargetOwner.user_id).where(TargetOwner.target_id.in_(target_ids)))
+    ).all()
+    mapping: dict[int, list[int]] = {target_id: [] for target_id in target_ids}
+    for target_id, user_id in rows:
+        mapping.setdefault(target_id, []).append(user_id)
+    return mapping
+
+
+def _target_out_with_owners(target: Target, owner_user_ids: list[int]) -> TargetOut:
+    return TargetOut(
+        id=target.id,
+        name=target.name,
+        host=target.host,
+        port=target.port,
+        dbname=target.dbname,
+        username=target.username,
+        sslmode=target.sslmode,
+        use_pg_stat_statements=target.use_pg_stat_statements,
+        owner_user_ids=owner_user_ids,
+        tags=target.tags or {},
+        created_at=target.created_at,
+    )
+
+
+async def _set_target_owners(db: AsyncSession, target_id: int, user_ids: list[int], assigned_by_user_id: int | None) -> None:
+    await db.execute(delete(TargetOwner).where(TargetOwner.target_id == target_id))
+    for user_id in sorted(set(user_ids)):
+        db.add(TargetOwner(target_id=target_id, user_id=user_id, assigned_by_user_id=assigned_by_user_id))
+
+
 @router.get("", response_model=list[TargetOut])
 async def list_targets(user: User = Depends(get_current_user), db: AsyncSession = Depends(get_db)) -> list[TargetOut]:
+    _ = user
     targets = (await db.scalars(select(Target).order_by(Target.id.desc()))).all()
-    return [TargetOut.model_validate(item) for item in targets]
+    owner_map = await _owners_by_target_ids(db, [item.id for item in targets])
+    return [_target_out_with_owners(item, owner_map.get(item.id, [])) for item in targets]
 
 
 @router.post("/test-connection")
@@ -70,16 +115,37 @@ async def create_target(
     db.add(target)
     await db.commit()
     await db.refresh(target)
+
+    if payload.owner_user_ids:
+        owners_exist = (await db.scalars(select(User.id).where(User.id.in_(payload.owner_user_ids)))).all()
+        if len(set(owners_exist)) != len(set(payload.owner_user_ids)):
+            raise HTTPException(status_code=400, detail="One or more owner users were not found")
+        await _set_target_owners(db, target.id, payload.owner_user_ids, user.id)
+        await db.commit()
+
     await write_audit_log(db, "target.create", user.id, {"target_id": target.id, "name": target.name})
-    return TargetOut.model_validate(target)
+    owner_map = await _owners_by_target_ids(db, [target.id])
+    return _target_out_with_owners(target, owner_map.get(target.id, []))
+
+
+@router.get("/owner-candidates", response_model=list[TargetOwnerOut])
+async def list_owner_candidates(
+    user: User = Depends(require_roles("admin", "operator")),
+    db: AsyncSession = Depends(get_db),
+) -> list[TargetOwnerOut]:
+    _ = user
+    users = (await db.scalars(select(User).order_by(User.email.asc()))).all()
+    return [TargetOwnerOut(user_id=item.id, email=item.email, role=item.role) for item in users]
 
 
 @router.get("/{target_id}", response_model=TargetOut)
 async def get_target(target_id: int, user: User = Depends(get_current_user), db: AsyncSession = Depends(get_db)) -> TargetOut:
+    _ = user
     target = await db.scalar(select(Target).where(Target.id == target_id))
     if not target:
         raise HTTPException(status_code=404, detail="Target not found")
-    return TargetOut.model_validate(target)
+    owner_map = await _owners_by_target_ids(db, [target.id])
+    return _target_out_with_owners(target, owner_map.get(target.id, []))
 
 
 @router.put("/{target_id}", response_model=TargetOut)
@@ -94,14 +160,73 @@ async def update_target(
         raise HTTPException(status_code=404, detail="Target not found")
 
     updates = payload.model_dump(exclude_unset=True)
+    owner_user_ids = updates.pop("owner_user_ids", None)
     if "password" in updates:
         target.encrypted_password = encrypt_secret(updates.pop("password"))
     for key, value in updates.items():
         setattr(target, key, value)
+
+    if owner_user_ids is not None:
+        owners_exist = (await db.scalars(select(User.id).where(User.id.in_(owner_user_ids)))).all()
+        if len(set(owners_exist)) != len(set(owner_user_ids)):
+            raise HTTPException(status_code=400, detail="One or more owner users were not found")
+        await _set_target_owners(db, target.id, owner_user_ids, user.id)
+
     await db.commit()
     await db.refresh(target)
     await write_audit_log(db, "target.update", user.id, {"target_id": target.id})
-    return TargetOut.model_validate(target)
+    owner_map = await _owners_by_target_ids(db, [target.id])
+    return _target_out_with_owners(target, owner_map.get(target.id, []))
+
+
+@router.put("/{target_id}/owners", response_model=list[TargetOwnerOut])
+async def set_target_owners(
+    target_id: int,
+    payload: TargetOwnersUpdate,
+    user: User = Depends(require_roles("admin", "operator")),
+    db: AsyncSession = Depends(get_db),
+) -> list[TargetOwnerOut]:
+    target = await db.scalar(select(Target).where(Target.id == target_id))
+    if not target:
+        raise HTTPException(status_code=404, detail="Target not found")
+    owner_user_ids = sorted(set(payload.user_ids))
+    if owner_user_ids:
+        owners_exist = (await db.scalars(select(User.id).where(User.id.in_(owner_user_ids)))).all()
+        if len(set(owners_exist)) != len(set(owner_user_ids)):
+            raise HTTPException(status_code=400, detail="One or more owner users were not found")
+    await _set_target_owners(db, target_id, owner_user_ids, user.id)
+    await db.commit()
+    await write_audit_log(db, "target.owners.update", user.id, {"target_id": target_id, "owner_user_ids": owner_user_ids})
+    rows = (
+        await db.execute(
+            select(User.id, User.email, User.role)
+            .join(TargetOwner, TargetOwner.user_id == User.id)
+            .where(TargetOwner.target_id == target_id)
+            .order_by(User.email.asc())
+        )
+    ).all()
+    return [TargetOwnerOut(user_id=row.id, email=row.email, role=row.role) for row in rows]
+
+
+@router.get("/{target_id}/owners", response_model=list[TargetOwnerOut])
+async def get_target_owners(
+    target_id: int,
+    user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_db),
+) -> list[TargetOwnerOut]:
+    _ = user
+    target = await db.scalar(select(Target).where(Target.id == target_id))
+    if not target:
+        raise HTTPException(status_code=404, detail="Target not found")
+    rows = (
+        await db.execute(
+            select(User.id, User.email, User.role)
+            .join(TargetOwner, TargetOwner.user_id == User.id)
+            .where(TargetOwner.target_id == target_id)
+            .order_by(User.email.asc())
+        )
+    ).all()
+    return [TargetOwnerOut(user_id=row.id, email=row.email, role=row.role) for row in rows]
 
 
 @router.delete("/{target_id}")