Add user roles

2026-03-26 15:56:56 -04:00
parent 511e8ebde4
commit 1c9fbbda6c
7 changed files with 207 additions and 36 deletions
@@ -85,9 +85,19 @@ def get_current_user(authorization: Optional[str] = Header(None), db: Session =

 def get_current_admin_user(current_user: User = Depends(get_current_user)) -> User:
    """Get the current user and verify they are an admin"""
-    if not current_user.is_admin:
+    if current_user.role != "admin":
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="Not enough permissions. Admin access required."
        )
    return current_user
+
+
+def get_current_non_readonly_user(current_user: User = Depends(get_current_user)) -> User:
+    """Get the current user and verify they are not read-only"""
+    if current_user.role == "readonly":
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Read-only users cannot perform this action."
+        )
+    return current_user