Cursor Rules Template for Python FastAPI Tenant Maintenance | Suhas Bhairav

Overview

Direct answer: This Cursor rules configuration is tailored for a Python FastAPI stack implementing a tenant maintenance classification tool for property managers. It enforces multi-tenant data isolation using PostgreSQL with SQLAlchemy, JWT based security, and a robust testing workflow. This template guides architects and developers to paste a copyable .cursorrules block into project root and follow stack constraints.

What this config achieves: defines the framework role, code style, architecture constraints, security rules, ORM patterns, and testing workflows to maintain safe, auditable AI-assisted development for property management workflows.

When to Use These Cursor Rules

Starting a multi-tenant tenant maintenance classification tool for property managers
Standardizing prompt construction and API contracts for classification tasks
Enforcing per-tenant data isolation via schema or row level controls in PostgreSQL
Integrating with a FastAPI service and SQLAlchemy ORM for data access

Copyable .cursorrules Configuration

framework_role: senior python fastapi engineer specializing in multi-tenant Postgres with SQLAlchemy
context: tenant maintenance classification for property managers; multi-tenant isolation; secure API endpoints
code_style: black isort pep8
architecture_directory: app
directory_rules:
  app/main.py
  app/api/v1/endpoints
  app/core
  app/models
  app/repositories
  app/schemas
  app/services
  tests
  alembic
orm: sqlalchemy
db: postgresql
auth: jwt bearer tokens
security: enforce https, per-tenant secrets not stored in code
testing_linting: pytest httpx pytest-asyncio black isort ruff
ci_requirements: pre-commit hooks, unit tests, linting on push
tenant_pattern: multi-tenant using per-tenant schemas or row level security
prompt_construction: deterministic prompts; avoid unsafe prompts; do not reveal secrets
anti_patterns:
  - do not bypass authentication
  - do not hardcode secrets
  - do not perform privileged actions outside allowed endpoints
  - do not assume single tenant data access

Recommended Project Structure

app/
  main.py
  api/
    v1/
      endpoints/
        maintenance.py
      dependencies.py
  core/
    config.py
    security.py
  models/
    tenant.py
    user.py
  repositories/
    tenant_repo.py
  schemas/
    maintenance.py
  services/
    classification.py
  db/
    session.py
  __init__.py
tests/
  test_classification.py
  conftest.py
alembic/
  env.py
  versions/
requirements.txt
.env

Core Engineering Principles

Single responsibility across modules and strict layering
Strict data isolation per tenant with per-tenant schemas or row level security
Deterministic prompt construction and idempotent API endpoints
Strong input validation with pydantic models
Clear auditing and change tracking for classification outcomes
Observability through structured logging and tracing

Code Construction Rules

Use typed pydantic schemas for all inputs and outputs
Prompts must be constructed from predefined templates and cached
Use SQLAlchemy ORM patterns for data access; avoid raw SQL except for migrations
End-to-end typing between request models, domain models, and responses
Do not embed credentials or secrets in code or prompts
Ensure async support where appropriate in FastAPI endpoints

Security and Production Rules

Enforce TLS for all endpoints; disable insecure schemes
Use JWT access tokens with short expiry and refresh tokens
Implement per-tenant access controls and audit trails
Validate input thoroughly to avoid injection risks
Limit rate and resource usage per tenant

Testing Checklist

Unit tests for classification logic and validators
Integration tests for API endpoints and database interactions
Contract tests for expected prompt outputs
CI with pytest, httpx, and linting; run on push

Common Mistakes to Avoid

Overreliance on AI prompts without validation
Hardcoding tenant secrets or global admin access
Ignoring multi-tenant data isolation patterns
Skipping type checks and endpoint validation

FAQ

What is a Cursor rules template in this context?

A Cursor rules template provides a copyable configuration for Cursor AI to guide the Python FastAPI tenant maintenance classifier. It specifies the stack, directory conventions, auth patterns, and testing workflows to enable safe AI assisted development in a multi-tenant property management tool.

Which stack is this template designed for?

This template targets a Python FastAPI stack with PostgreSQL and SQLAlchemy. It includes multi-tenant data isolation, JWT based authentication, and a test driven development approach suitable for property management workflows.

How do I integrate the .cursorrules with FastAPI?

Place the copied .cursorrules block in the project root as .cursorrules. Cursor AI will read the configuration to shape prompts, enforce architecture rules, and guide coding tasks for the tenant maintenance classifier.

What are the security considerations?

Use TLS, short lived access tokens, per tenant authorization, and avoid embedding secrets in prompts or code. Validate all inputs and enforce strict access controls in the API and data layer.

How do I extend for new tenants?

Follow the architecture guide in the rules to add a new tenant schema or dynamic scoping, ensure migrations are applied, and update prompts to reflect the new tenant model without altering global behavior.

Cursor Rules Template for Python FastAPI Tenant Maintenance Classification

Target User

Use Cases