From 20ea1b580a85473324c3e2a8cf8611bdb3fd7a59 Mon Sep 17 00:00:00 2001 From: Cizz22 Date: Tue, 26 May 2026 11:09:12 +0700 Subject: [PATCH] feat: implement admin_required dependency and restrict gantt spreadsheet updates to admin users --- src/auth/service.py | 9 ++++++++- src/overhaul_gantt/router.py | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/auth/service.py b/src/auth/service.py index 120e1c8..78abc8e 100644 --- a/src/auth/service.py +++ b/src/auth/service.py @@ -240,8 +240,15 @@ def notify_admin_on_rate_limit_sync( log.error(f"Error notifying admin: {str(e)}") return {"status": False, "message": str(e), "data": payload} - +async def admin_required(request: Request): + user = await get_current_user(request) + if user.role != "Admin" or user.role != "Superadmin": + raise HTTPException( + status_code=403, detail="Invalid authorization code." + ) + return user +Admin = Annotated[UserBase, Depends(admin_required)] CurrentUser = Annotated[UserBase, Depends(get_current_user)] Token = Annotated[str, Depends(get_token)] InternalKey = Annotated[str, Depends(internal_key)] \ No newline at end of file diff --git a/src/overhaul_gantt/router.py b/src/overhaul_gantt/router.py index 08e704e..3fa2999 100644 --- a/src/overhaul_gantt/router.py +++ b/src/overhaul_gantt/router.py @@ -67,7 +67,7 @@ async def get_gantt_spreadsheet(db_session: DbSession): @router.post( "/spreadsheet", response_model=StandardResponse[dict], dependencies=[Depends(csrf_protect)] ) -async def update_gantt_spreadsheet(db_session: DbSession, spreadsheet_in: OverhaulGanttIn): +async def update_gantt_spreadsheet(db_session: DbSession, spreadsheet_in: OverhaulGanttIn, admin: Admin): """Get all scope pagination.""" # return