jamesp/ppr-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

RBAC in the API

Browse Source
This commit is contained in:
James Pattinson
2025-10-23 20:02:54 +00:00
parent 91b734426c
commit fb21329109
7 changed files with 131 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
backend/app/api/deps.py
View File

@@ -5,6 +5,7 @@ from sqlalchemy.orm import Session
from app.db.session import SessionLocal
from app.core.security import verify_token
from app.crud.crud_user import user as crud_user
from app.models.ppr import UserRole
security = HTTPBearer()
@@ -44,4 +45,29 @@ def get_current_active_user(
current_user = Depends(get_current_user),
):
"""Get current active user (for future use if we add user status)"""
return current_user
def get_current_admin_user(current_user = Depends(get_current_user)):
"""Get current user and ensure they are an administrator"""
if current_user.role != UserRole.ADMINISTRATOR:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Not enough permissions"
)
return current_user
def get_current_operator_user(current_user = Depends(get_current_user)):
"""Get current user and ensure they are an operator or administrator"""
if current_user.role not in [UserRole.OPERATOR, UserRole.ADMINISTRATOR]:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Not enough permissions"
)
return current_user
def get_current_read_user(current_user = Depends(get_current_user)):
"""Get current user (read-only or higher)"""
return current_user