rzmk/learnhouse
1
0
Fork 0
mirror of https://github.com/rzmk/learnhouse.git synced 2025-12-19 04:19:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: init public endpoints

Browse source
This commit is contained in:
swve 2023-04-08 23:23:07 +02:00
parent 88b064410f
commit 46f13fac87
5 changed files with 33 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/security/security.py
View file

@ -38,6 +38,18 @@ async def verify_user_rights_with_roles(request: Request, action: str, user_id:
roles = request.app.db["roles"]
users = request.app.db["users"]
user = await users.find_one({"user_id": user_id})
# Check if user is available
if not user and user_id != "anonymous":
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
# Check if user is anonymous
if user_id == "anonymous":
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN, detail="The ressource you are trying to access is not publicly available")
# Check if the user is an admin
user: UserInDB = UserInDB(**await users.find_one({"user_id": user_id}))