feat: refactor RBAC authorization functions to include usergroups

2025-12-19 04:19:25 +00:00 · 2024-03-26 19:56:14 +00:00 · 2024-03-26 19:56:14 +00:00 · 0df250c729
commit 0df250c729
parent e1b3b62e40
14 changed files with 392 additions and 37 deletions
--- a/apps/api/src/services/courses/chapters.py
+++ b/apps/api/src/services/courses/chapters.py
@ -4,7 +4,7 @@ from uuid import uuid4
 from sqlmodel import Session, select
 from src.db.users import AnonymousUser
 from src.security.rbac.rbac import (
-    authorization_verify_based_on_roles_and_authorship,
+    authorization_verify_based_on_roles_and_authorship_and_usergroups,
    authorization_verify_if_element_is_public,
    authorization_verify_if_user_is_anon,
 )
@ -562,14 +562,14 @@ async def rbac_check(
            print("res", res)
            return res
        else:
-            res = await authorization_verify_based_on_roles_and_authorship(
+            res = await authorization_verify_based_on_roles_and_authorship_and_usergroups(
                request, current_user.id, action, course_uuid, db_session
            )
            return res
    else:
        await authorization_verify_if_user_is_anon(current_user.id)

-        await authorization_verify_based_on_roles_and_authorship(
+        await authorization_verify_based_on_roles_and_authorship_and_usergroups(
            request,
            current_user.id,
            action,