RBAC in the API

backend/app/crud/crud_user.py

@@ -1,7 +1,7 @@
-from typing import Optional
+from typing import List, Optional
 from sqlalchemy.orm import Session
 from app.models.ppr import User
-from app.schemas.ppr import UserCreate
+from app.schemas.ppr import UserCreate, UserUpdate
 from app.core.security import get_password_hash, verify_password
 
 
@@ -12,17 +12,32 @@ class CRUDUser:
     def get_by_username(self, db: Session, username: str) -> Optional[User]:
         return db.query(User).filter(User.username == username).first()
 
+    def get_multi(self, db: Session, skip: int = 0, limit: int = 100) -> List[User]:
+        return db.query(User).offset(skip).limit(limit).all()
+
     def create(self, db: Session, obj_in: UserCreate) -> User:
         hashed_password = get_password_hash(obj_in.password)
         db_obj = User(
             username=obj_in.username,
-            password=hashed_password
+            password=hashed_password,
+            role=obj_in.role
         )
         db.add(db_obj)
         db.commit()
         db.refresh(db_obj)
         return db_obj
 
+    def update(self, db: Session, db_obj: User, obj_in: UserUpdate) -> User:
+        update_data = obj_in.dict(exclude_unset=True)
+        if "password" in update_data:
+            update_data["password"] = get_password_hash(update_data["password"])
+        for field, value in update_data.items():
+            setattr(db_obj, field, value)
+        db.add(db_obj)
+        db.commit()
+        db.refresh(db_obj)
+        return db_obj
+
     def authenticate(self, db: Session, username: str, password: str) -> Optional[User]:
         user = self.get_by_username(db, username=username)
         if not user: