refactor: simplify config system to use Django settings directly

Author: CuriousLearner

django_postgres_anon/__init__.py

@@ -17,6 +17,9 @@
 import os
 from typing import Any, Dict
 
+import django
+from django.core.exceptions import ImproperlyConfigured
+
 __version__ = "0.1.0-alpha.1"
 __author__ = "Sanyam Khurana"
 __email__ = "[email protected]"
@@ -78,9 +81,6 @@ def check_dependencies():
     """Check if required dependencies are available."""
     import sys
 
-    import django
-    from django.core.exceptions import ImproperlyConfigured
-
     # Check Python version
     if sys.version_info < PACKAGE_CONFIG["min_python_version"]:
         min_version = PACKAGE_CONFIG["min_python_version"]

django_postgres_anon/admin.py

@@ -7,8 +7,6 @@
 from django.utils.html import format_html
 
 from django_postgres_anon.admin_base import BaseAnonymizationAdmin, BaseLogAdmin
-
-# Removed constants - using inline values
 from django_postgres_anon.models import MaskedRole, MaskingLog, MaskingPreset, MaskingRule
 
 
@@ -264,6 +262,3 @@ def short_details(self, obj: MaskingLog) -> str:
         return "-"
 
     short_details.short_description = "Details"
-
-
-# Custom admin views could be added here for dashboard functionality

django_postgres_anon/admin_base.py

@@ -11,28 +11,24 @@
 from django_postgres_anon.constants import (
     ADMIN_ERROR_EMOJI,
     ADMIN_WARNING_EMOJI,
+    ANON_FUNCTION_PREFIX,
+    APPLIED_COUNT_FIELD,
+    ERROR_FIELD,
+    ERRORS_FIELD,
     EXTENSION_REQUIRED_OPERATIONS,
+    MASKED_ROLE_MARK_APPLIED_METHOD,
+    MAX_ERROR_SUMMARY_COUNT,
+    MAX_ERRORS_BEFORE_ROLLBACK,
+    MAX_ERRORS_TO_SHOW,
+    MAX_RULES_TO_VALIDATE,
+    SUCCESS_FIELD,
     VALID_ADMIN_OPERATIONS,
 )
 
 # Simplified error handling
 from django_postgres_anon.utils import create_operation_log, generate_anonymization_sql, validate_anon_extension
 
-# Admin-specific constants
 logger = logging.getLogger(__name__)
-MAX_RULES_TO_VALIDATE = 100
-ANON_FUNCTION_PREFIX = "anon."
-LARGE_OPERATION_THRESHOLD = 50
-MAX_ERRORS_TO_SHOW = 5
-MAX_ERROR_SUMMARY_COUNT = 3
-MAX_ERRORS_BEFORE_ROLLBACK = 10
-
-# Field name constants for operation results
-APPLIED_COUNT_FIELD = "applied_count"
-ERRORS_FIELD = "errors"
-SUCCESS_FIELD = "success"
-ERROR_FIELD = "error"
-MASKED_ROLE_MARK_APPLIED_METHOD = "mark_applied"
 
 
 class BaseAnonymizationAdmin(admin.ModelAdmin):

django_postgres_anon/apps.py

@@ -2,6 +2,7 @@
 
 from django.apps import AppConfig
 from django.conf import settings
+from django.core.management import call_command
 
 logger = logging.getLogger(__name__)
 
@@ -22,7 +23,6 @@ def ready(self):
 
     def _auto_init_development(self):
         """Auto-initialize anonymization in development"""
-        from django.core.management import call_command
 
         logger.info("Auto-initializing PostgreSQL Anonymizer for development")
         call_command("anon_init", verbosity=0)

django_postgres_anon/config.py

@@ -1,70 +1,26 @@
-"""Centralized configuration for django-postgres-anonymizer"""
+"""Simple configuration helpers for django-postgres-anonymizer"""
 
 from django.conf import settings
 
 
-class AnonConfig:
-    """Centralized configuration class for all anonymization settings"""
+def get_setting(key: str, default=None):
+    """Get a setting from POSTGRES_ANON configuration with default fallback"""
+    return getattr(settings, "POSTGRES_ANON", {}).get(key, default)
 
-    def __init__(self):
-        # Get the settings dict or use defaults
-        config = getattr(settings, "POSTGRES_ANON", {})
 
-        # Set defaults
-        self._config = {
-            "DEFAULT_MASKED_ROLE": "masked_reader",
-            "MASKED_GROUP": "view_masked_data",
-            "ANONYMIZED_DATA_ROLE": "masked_reader",
-            "ENABLED": False,
-            "AUTO_APPLY_RULES": False,
-            "VALIDATE_FUNCTIONS": True,
-            "ALLOW_CUSTOM_FUNCTIONS": False,
-            "ENABLE_LOGGING": True,
-        }
+# Default values (moved from constants.py to keep config self-contained)
+DEFAULTS = {
+    "DEFAULT_MASKED_ROLE": "masked_reader",
+    "MASKED_GROUP": "view_masked_data",
+    "ANONYMIZED_DATA_ROLE": "masked_reader",
+    "ENABLED": False,
+    "AUTO_APPLY_RULES": False,
+    "VALIDATE_FUNCTIONS": True,
+    "ALLOW_CUSTOM_FUNCTIONS": False,
+    "ENABLE_LOGGING": True,
+}
 
-        # Override with user settings
-        self._config.update(config)
 
-    @property
-    def default_masked_role(self) -> str:
-        """Default role name for anonymized access"""
-        return self._config["DEFAULT_MASKED_ROLE"]
-
-    @property
-    def masked_group(self) -> str:
-        """Group name for users who should see masked data"""
-        return self._config["MASKED_GROUP"]
-
-    @property
-    def anonymized_data_role(self) -> str:
-        """Role for anonymized data context manager"""
-        return self._config["ANONYMIZED_DATA_ROLE"]
-
-    @property
-    def enabled(self) -> bool:
-        """Whether anonymization is enabled"""
-        return self._config["ENABLED"]
-
-    @property
-    def auto_apply_rules(self) -> bool:
-        """Whether to automatically apply rules when created"""
-        return self._config["AUTO_APPLY_RULES"]
-
-    @property
-    def validate_functions(self) -> bool:
-        """Whether to validate anonymization functions"""
-        return self._config["VALIDATE_FUNCTIONS"]
-
-    @property
-    def allow_custom_functions(self) -> bool:
-        """Whether to allow custom anonymization functions"""
-        return self._config["ALLOW_CUSTOM_FUNCTIONS"]
-
-    @property
-    def enable_logging(self) -> bool:
-        """Whether to enable audit logging"""
-        return self._config["ENABLE_LOGGING"]
-
-
-# Global configuration instance
-anon_config = AnonConfig()
+def get_anon_setting(key: str):
+    """Get anonymization setting with built-in default"""
+    return get_setting(key, DEFAULTS.get(key))

django_postgres_anon/constants.py

@@ -13,6 +13,20 @@
 ADMIN_ERROR_EMOJI = "❌"
 ADMIN_WARNING_EMOJI = "⚠️"
 
+# Admin operation constants
+MAX_RULES_TO_VALIDATE = 100
+ANON_FUNCTION_PREFIX = "anon."
+MAX_ERRORS_TO_SHOW = 5
+MAX_ERROR_SUMMARY_COUNT = 3
+MAX_ERRORS_BEFORE_ROLLBACK = 10
+
+# Field name constants for operation results
+APPLIED_COUNT_FIELD = "applied_count"
+ERRORS_FIELD = "errors"
+SUCCESS_FIELD = "success"
+ERROR_FIELD = "error"
+MASKED_ROLE_MARK_APPLIED_METHOD = "mark_applied"
+
 # SQL templates
 ANONYMIZATION_SQL_TEMPLATE = "SECURITY LABEL FOR anon ON COLUMN {table}.{column} IS 'MASKED WITH FUNCTION {function}';"
 REMOVE_ANONYMIZATION_SQL_TEMPLATE = "SECURITY LABEL FOR anon ON COLUMN {table}.{column} IS NULL;"

django_postgres_anon/context_managers.py

@@ -6,7 +6,7 @@
 
 from django.db import connection
 
-from django_postgres_anon.config import anon_config
+from django_postgres_anon.config import get_anon_setting
 
 # ErrorHandler no longer needed
 from django_postgres_anon.models import MaskedRole
@@ -41,7 +41,7 @@ def anonymized_data(role_name: Optional[str] = None, auto_create: bool = True) -
         Exception: If role switching fails
     """
     if role_name is None:
-        role_name = anon_config.anonymized_data_role
+        role_name = get_anon_setting("ANONYMIZED_DATA_ROLE")
 
     # Initialize state tracking
     state = _initialize_context_state()

django_postgres_anon/management/commands/anon_drop.py

@@ -2,6 +2,7 @@
 
 from django.core.management.base import BaseCommand, CommandError
 from django.db import connection
+from django.db.models import Count
 
 from django_postgres_anon.models import MaskedRole, MaskingPreset, MaskingRule
 from django_postgres_anon.utils import create_operation_log, generate_remove_anonymization_sql, validate_anon_extension
@@ -213,7 +214,6 @@ def _remove_masking_rules(self, options):
     def _remove_masking_presets(self, options):
         """Remove masking presets that have no rules"""
         # Find presets with no rules - use annotate to avoid distinct() issue with delete()
-        from django.db.models import Count
 
         empty_presets = MaskingPreset.objects.annotate(rules_count=Count("rules")).filter(rules_count=0)
 

django_postgres_anon/middleware.py

@@ -4,7 +4,7 @@
 from django.db import DatabaseError, OperationalError, connection
 from django.http import HttpRequest, HttpResponse
 
-from django_postgres_anon.config import anon_config
+from django_postgres_anon.config import get_anon_setting
 from django_postgres_anon.utils import reset_role, switch_to_role
 
 logger = logging.getLogger(__name__)
@@ -27,16 +27,16 @@ def __call__(self, request: HttpRequest) -> HttpResponse:
             # Check if user should have data masked - defensive against user access issues
             try:
                 should_mask = (
-                    anon_config.enabled
+                    get_anon_setting("ENABLED")
                     and request.user.is_authenticated
-                    and request.user.groups.filter(name=anon_config.masked_group).exists()
+                    and request.user.groups.filter(name=get_anon_setting("MASKED_GROUP")).exists()
                 )
             except Exception:
                 # If there's any issue with user/group access, default to no masking
                 should_mask = False
 
             if should_mask:
-                masked_role = anon_config.default_masked_role
+                masked_role = get_anon_setting("DEFAULT_MASKED_ROLE")
 
                 if switch_to_role(masked_role, auto_create=True):
                     used_mask = True

django_postgres_anon/models.py

@@ -3,6 +3,7 @@
 from typing import Optional
 
 import yaml
+from django.conf import settings
 from django.db import DatabaseError, OperationalError, connection, models
 from django.db.models.signals import post_save, pre_save
 from django.dispatch import receiver
@@ -196,8 +197,6 @@ def handle_rule_disabled(sender, instance, created, **kwargs):
     # Skip if we're in a test environment with fake table names
     import sys
 
-    from django.conf import settings
-
     # Check various test indicators
     if (hasattr(settings, "TESTING") and settings.TESTING) or "test" in sys.argv or "pytest" in sys.modules:
         return