MultiDirectoryLab · milov-dmitriy · Feb 12, 2026 · Feb 13, 2026 · Feb 13, 2026 · Feb 19, 2026
diff --git a/.github/instructions/*.instructions.md b/.github/instructions/*.instructions.md
@@ -0,0 +1,7 @@
+# Instructions for Large PR Reviews
+
+## General Approach for Big Changesets
+- Prioritize high-impact issues: security, performance, errors.
+- Review files individually; skip minor style if >1000 lines total diff.
+- Group feedback by file; limit to 5-10 key comments per file.
+- If diff too large, comment on architecture/summary + top 3 files.
diff --git a/app/alembic/versions/01f3f05a5b11_add_primary_group_id.py b/app/alembic/versions/01f3f05a5b11_add_primary_group_id.py
@@ -21,7 +21,10 @@
 from ldap_protocol.ldap_schema.attribute_value_validator import (
     AttributeValueValidator,
 )
-from ldap_protocol.ldap_schema.entity_type_dao import EntityTypeDAO
+from ldap_protocol.ldap_schema.entity_type.entity_type_dao import EntityTypeDAO
+from ldap_protocol.ldap_schema.entity_type.entity_type_use_case import (
+    EntityTypeUseCase,
+)
 from ldap_protocol.roles.role_use_case import RoleUseCase
 from ldap_protocol.utils.queries import (
     create_group,
@@ -38,14 +41,15 @@
 depends_on: None = None
 
 
-@temporary_stub_column("is_system", sa.Boolean())
+@temporary_stub_column("Directory", "is_system", sa.Boolean())
 def upgrade(container: AsyncContainer) -> None:
     """Upgrade."""
 
     async def _add_domain_computers_group(connection: AsyncConnection) -> None:  # noqa: ARG001
         async with container(scope=Scope.REQUEST) as cnt:
             session = await cnt.get(AsyncSession)
             entity_type_dao = await cnt.get(EntityTypeDAO)
+            entity_type_use_case = await cnt.get(EntityTypeUseCase)
             role_use_case = await cnt.get(RoleUseCase)
 
         base_dn_list = await get_base_directories(session)
@@ -104,7 +108,10 @@ async def _add_domain_computers_group(connection: AsyncConnection) -> None:  # n
                 attribute_names=["attributes"],
                 with_for_update=None,
             )
-            await entity_type_dao.attach_entity_type_to_directory(dir_, False)
+            await entity_type_use_case.attach_entity_type_to_directory(
+                dir_,
+                False,
+            )
             await role_use_case.inherit_parent_aces(
                 parent_directory=parent,
                 directory=dir_,
@@ -169,7 +176,7 @@ async def _add_primary_group_id(connection: AsyncConnection) -> None:  # noqa: A
     op.run_async(_add_primary_group_id)
 
 
-@temporary_stub_column("is_system", sa.Boolean())
+@temporary_stub_column("Directory", "is_system", sa.Boolean())
 def downgrade(container: AsyncContainer) -> None:
     """Downgrade."""
     bind = op.get_bind()

diff --git a/app/alembic/versions/05ddc0bd562a_add_roles.py b/app/alembic/versions/05ddc0bd562a_add_roles.py
@@ -24,7 +24,7 @@
 depends_on: None = None
 
 
-@temporary_stub_column("is_system", sa.Boolean())
+@temporary_stub_column("Directory", "is_system", sa.Boolean())
 def upgrade(container: AsyncContainer) -> None:
     """Upgrade."""
     op.create_table(

diff --git a/app/alembic/versions/16a9fa2c1f1e_rename_readonly_group.py b/app/alembic/versions/16a9fa2c1f1e_rename_readonly_group.py
@@ -25,7 +25,7 @@
 depends_on: None | list[str] = None
 
 
-@temporary_stub_column("is_system", sa.Boolean())
+@temporary_stub_column("Directory", "is_system", sa.Boolean())
 def upgrade(container: AsyncContainer) -> None:  # noqa: ARG001
     """Upgrade."""
     bind = op.get_bind()
@@ -72,7 +72,7 @@ def upgrade(container: AsyncContainer) -> None:  # noqa: ARG001
         session.close()
 
 
-@temporary_stub_column("is_system", sa.Boolean())
+@temporary_stub_column("Directory", "is_system", sa.Boolean())
 def downgrade(container: AsyncContainer) -> None:  # noqa: ARG001
     """Downgrade."""
     bind = op.get_bind()

diff --git a/app/alembic/versions/275222846605_initial_ldap_schema.py b/app/alembic/versions/275222846605_initial_ldap_schema.py
diff --git a/app/alembic/versions/2dadf40c026a_add_system_flags_to_attribute_types.py b/app/alembic/versions/2dadf40c026a_add_system_flags_to_attribute_types.py
@@ -6,19 +6,15 @@
 
 """
 
-import contextlib
-
 import sqlalchemy as sa
 from alembic import op
 from dishka import AsyncContainer, Scope
 from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession
 from sqlalchemy.orm import Session
 
-from entities import AttributeType
-from ldap_protocol.ldap_schema.attribute_type_use_case import (
-    AttributeTypeUseCase,
+from ldap_protocol.ldap_schema._legacy.attribute_type.attribute_type_use_case import (  # noqa: E501
+    AttributeTypeUseCaseLegacy,
 )
-from ldap_protocol.ldap_schema.exceptions import AttributeTypeNotFoundError
 
 # revision identifiers, used by Alembic.
 revision: None | str = "2dadf40c026a"
@@ -27,7 +23,7 @@
 depends_on: None | list[str] = None
 
 
-_NON_REPLICATED_ATTRIBUTES_TYPE_NAMES = (
+_NON_REPLICATED_ATTRIBUTES_TYPE_NAMES: tuple[str, ...] = (
     "badPasswordTime",
     "badPwdCount",
     "bridgeheadServerListBL",
@@ -144,23 +140,28 @@ def upgrade(container: AsyncContainer) -> None:
         ),
     )
 
-    session.execute(sa.update(AttributeType).values({"system_flags": 0}))
+    async def _zero_all_replicated_flags(connection: AsyncConnection) -> None:  # noqa: ARG001
+        async with container(scope=Scope.REQUEST) as cnt:
+            session = await cnt.get(AsyncSession)
+            at_type_use_case = await cnt.get(AttributeTypeUseCaseLegacy)
+
+        await at_type_use_case.zero_all_replicated_flags()
+        await session.commit()
+
+    op.run_async(_zero_all_replicated_flags)
 
-    async def _set_attr_replication_flag(connection: AsyncConnection) -> None:  # noqa: ARG001
+    async def _set_false_replication_flag(connection: AsyncConnection) -> None:  # noqa: ARG001
         async with container(scope=Scope.REQUEST) as cnt:
             session = await cnt.get(AsyncSession)
-            at_type_use_case = await cnt.get(AttributeTypeUseCase)
+            at_type_use_case = await cnt.get(AttributeTypeUseCaseLegacy)
 
-        for name in _NON_REPLICATED_ATTRIBUTES_TYPE_NAMES:
-            with contextlib.suppress(AttributeTypeNotFoundError):
-                await at_type_use_case.set_attr_replication_flag(
-                    name,
-                    need_to_replicate=False,
-                )
+        await at_type_use_case.set_false_replication_flag(
+            _NON_REPLICATED_ATTRIBUTES_TYPE_NAMES,
+        )
 
         await session.commit()
 
-    op.run_async(_set_attr_replication_flag)
+    op.run_async(_set_false_replication_flag)
 
     op.alter_column("AttributeTypes", "system_flags", nullable=False)
 

diff --git a/app/alembic/versions/4442d1d982a4_remove_krb_policy.py b/app/alembic/versions/4442d1d982a4_remove_krb_policy.py
@@ -22,7 +22,7 @@
 depends_on: None | str = None
 
 
-@temporary_stub_column("entity_type_id", sa.Integer())
+@temporary_stub_column("Directory", "entity_type_id", sa.Integer())
 def upgrade(container: AsyncContainer) -> None:  # noqa: ARG001
     """Upgrade."""
     bind = op.get_bind()

diff --git a/app/alembic/versions/6303f5c706ec_update_krbadmin_useraccountcontrol_.py b/app/alembic/versions/6303f5c706ec_update_krbadmin_useraccountcontrol_.py
@@ -26,7 +26,7 @@
 depends_on: None | list[str] = None
 
 
-@temporary_stub_column("is_system", sa.Boolean())
+@temporary_stub_column("Directory", "is_system", sa.Boolean())
 def upgrade(container: AsyncContainer) -> None:
     """Upgrade."""
 
@@ -93,7 +93,7 @@ async def _change_uid_admin(connection: AsyncConnection) -> None:  # noqa: ARG00
     op.run_async(_change_uid_admin)
 
 
-@temporary_stub_column("is_system", sa.Boolean())
+@temporary_stub_column("Directory", "is_system", sa.Boolean())
 def downgrade(container: AsyncContainer) -> None:
     """Downgrade."""
 

diff --git a/app/alembic/versions/6c858cc05da7_add_default_admin_name.py b/app/alembic/versions/6c858cc05da7_add_default_admin_name.py
@@ -22,7 +22,7 @@
 depends_on: None | list[str] = None
 
 
-@temporary_stub_column("is_system", sa.Boolean())
+@temporary_stub_column("Directory", "is_system", sa.Boolean())
 def upgrade(container: AsyncContainer) -> None:  # noqa: ARG001
     """Upgrade."""
     bind = op.get_bind()

diff --git a/app/alembic/versions/6f8fe2548893_fix_read_only.py b/app/alembic/versions/6f8fe2548893_fix_read_only.py
@@ -24,8 +24,8 @@
 depends_on: None = None
 
 
-@temporary_stub_column("entity_type_id", sa.Integer())
-@temporary_stub_column("is_system", sa.Boolean())
+@temporary_stub_column("Directory", "entity_type_id", sa.Integer())
+@temporary_stub_column("Directory", "is_system", sa.Boolean())
 def upgrade(container: AsyncContainer) -> None:  # noqa: ARG001
     """Upgrade."""
     bind = op.get_bind()

diff --git a/app/alembic/versions/708b01eaf025_convert_schema_to_ldap.py b/app/alembic/versions/708b01eaf025_convert_schema_to_ldap.py
@@ -0,0 +1,195 @@
+"""Migrate LDAP Schema data to Directory (like as LDAP).
+
+Revision ID: 759d196145ae
+Revises: 19d86e660cf2
+Create Date: 2026-02-24 13:18:06.715730
+
+"""
+
+from alembic import op
+from dishka import AsyncContainer, Scope
+from sqlalchemy.ext.asyncio import AsyncConnection, AsyncSession
+
+from constants import ENTITY_TYPE_DTOS_V2
+from ldap_protocol.ldap_schema._legacy.attribute_type.attribute_type_use_case import (  # noqa: E501
+    AttributeTypeUseCaseLegacy,
+)
+from ldap_protocol.ldap_schema._legacy.object_class.object_class_use_case import (  # noqa: E501
+    ObjectClassUseCaseLegacy,
+)
+from ldap_protocol.ldap_schema.attribute_type.attribute_type_use_case import (
+    AttributeTypeUseCase,
+)
+from ldap_protocol.ldap_schema.entity_type.entity_type_use_case import (
+    EntityTypeUseCase,
+)
+from ldap_protocol.ldap_schema.object_class.object_class_use_case import (
+    ObjectClassUseCase,
+)
+from ldap_protocol.roles.migrations_ace_dao import (
+    AccessControlEntryMigrationsDAO,
+)
+from ldap_protocol.utils.queries import get_base_directories
+
+# revision identifiers, used by Alembic.
+revision: None | str = "708b01eaf025"
+down_revision: None | str = "df4287898910"
+branch_labels: None | list[str] = None
+depends_on: None | list[str] = None
+
+
+def upgrade(container: AsyncContainer) -> None:
+    """Upgrade."""
+    op.drop_constraint(
+        op.f("AccessControlEntries_attributeTypeId_fkey"),
+        "AccessControlEntries",
+        type_="foreignkey",
+    )
+
+    async def _update_entity_types(connection: AsyncConnection) -> None:  # noqa: ARG001
+        async with container(scope=Scope.REQUEST) as cnt:
+            session = await cnt.get(AsyncSession)
+            entity_type_use_case = await cnt.get(EntityTypeUseCase)
+
+        if not await get_base_directories(session):
+            return
+
+        for entity_type_dto in ENTITY_TYPE_DTOS_V2:
+            await entity_type_use_case.create(entity_type_dto)
+
+        await session.commit()
+
+    async def _create_ldap_attributes(connection: AsyncConnection) -> None:  # noqa: ARG001
+        async with container(scope=Scope.REQUEST) as cnt:
+            session = await cnt.get(AsyncSession)
+            attribute_type_use_case = await cnt.get(AttributeTypeUseCase)
+            attribute_type_use_case_legacy = await cnt.get(AttributeTypeUseCaseLegacy)  # noqa: E501  # fmt: skip
+
+        if not await get_base_directories(session):
+            return
+
+        attr_type_dtos = await attribute_type_use_case_legacy.get_all()
+        for attr_type_dto in attr_type_dtos:
+            await attribute_type_use_case.create(attr_type_dto)
+
+        await session.commit()
+
+    async def _create_ldap_object_classes(connection: AsyncConnection) -> None:  # noqa: ARG001
+        async with container(scope=Scope.REQUEST) as cnt:
+            session = await cnt.get(AsyncSession)
+            obj_cls_use_case_legacy = await cnt.get(ObjectClassUseCaseLegacy)
+            object_class_use_case = await cnt.get(ObjectClassUseCase)
+
+        if not await get_base_directories(session):
+            return
+
+        obj_class_dtos = await obj_cls_use_case_legacy.get_all()
+        for obj_class_dto in obj_class_dtos:
+            obj_class_dto.attribute_types_may = [
+                _.name  # type: ignore
+                for _ in obj_class_dto.attribute_types_may
+            ]
+            obj_class_dto.attribute_types_must = [
+                _.name  # type: ignore
+                for _ in obj_class_dto.attribute_types_must
+            ]
+            await object_class_use_case.create(obj_class_dto)  # type: ignore
+
+        await session.commit()
+
+    async def _rebind_ace_attribute_types_to_directories(
+        connection: AsyncConnection,  # noqa: ARG001
+    ) -> None:
+        async with container(scope=Scope.REQUEST) as cnt:
+            session = await cnt.get(AsyncSession)
+            ace_dao = await cnt.get(AccessControlEntryMigrationsDAO)
+
+        if not await get_base_directories(session):
+            return
+
+        await ace_dao.upgrade()
+
+    op.run_async(_update_entity_types)
+    op.run_async(_create_ldap_attributes)
+    op.run_async(_create_ldap_object_classes)
+    op.run_async(_rebind_ace_attribute_types_to_directories)
+
+    op.create_foreign_key(
+        op.f("AccessControlEntries_directoryAttributeTypeId_fkey"),
+        "AccessControlEntries",
+        "Directory",
+        ["attributeTypeId"],
+        ["id"],
+        ondelete="CASCADE",
+    )
+
+
+def downgrade(container: AsyncContainer) -> None:
+    """Downgrade."""
+
+    async def _rebind_ace_attribute_types_to_legacy(
+        connection: AsyncConnection,  # noqa: ARG001
+    ) -> None:
+        async with container(scope=Scope.REQUEST) as cnt:
+            session = await cnt.get(AsyncSession)
+            ace_dao = await cnt.get(AccessControlEntryMigrationsDAO)
+
+        if not await get_base_directories(session):
+            return
+
+        await ace_dao.downgrade()
+
+    async def _delete_ldap_attributes(connection: AsyncConnection) -> None:  # noqa: ARG001
+        async with container(scope=Scope.REQUEST) as cnt:
+            session = await cnt.get(AsyncSession)
+            attribute_type_use_case_legacy = await cnt.get(AttributeTypeUseCaseLegacy)  # noqa: E501  # fmt: skip
+
+        if not await get_base_directories(session):
+            return
+
+        await attribute_type_use_case_legacy.delete_all_dirs()
+        await session.commit()
+
+    async def _delete_ldap_object_classes(connection: AsyncConnection) -> None:  # noqa: ARG001
+        async with container(scope=Scope.REQUEST) as cnt:
+            session = await cnt.get(AsyncSession)
+            obj_cls_use_case_legacy = await cnt.get(ObjectClassUseCaseLegacy)
+
+        if not await get_base_directories(session):
+            return
+
+        await obj_cls_use_case_legacy.delete_all_dirs()
+        await session.commit()
+
+    async def _delete_entity_types(connection: AsyncConnection) -> None:  # noqa: ARG001
+        async with container(scope=Scope.REQUEST) as cnt:
+            session = await cnt.get(AsyncSession)
+            entity_type_use_case = await cnt.get(EntityTypeUseCase)
+
+        if not await get_base_directories(session):
+            return
+
+        entity_type_names = [dto.name for dto in ENTITY_TYPE_DTOS_V2]
+
+        await entity_type_use_case.delete_all_by_names(entity_type_names)
+        await session.commit()
+
+    op.drop_constraint(
+        op.f("AccessControlEntries_directoryAttributeTypeId_fkey"),
+        "AccessControlEntries",
+        type_="foreignkey",
+    )
+
+    op.run_async(_rebind_ace_attribute_types_to_legacy)
+    op.run_async(_delete_ldap_attributes)
+    op.run_async(_delete_ldap_object_classes)
+    op.run_async(_delete_entity_types)
+
+    op.create_foreign_key(
+        op.f("AccessControlEntries_attributeTypeId_fkey"),
+        "AccessControlEntries",
+        "AttributeTypes",
+        ["attributeTypeId"],
+        ["id"],
+        ondelete="CASCADE",
+    )