permissions 1.1 and hash_password issue solve

2025-10-05 14:43:25 +03:00
parent 6db14b2329
commit f7b39da624
6 changed files with 136 additions and 31 deletions
--- a/server/backend/permissions.py
+++ b/server/backend/permissions.py
@@ -0,0 +1,30 @@
+from fastapi import Depends, HTTPException, status, Path, Request
+from . import JWT
+from server.database import db
+
+def check_permission(required: str):
+    async def wrapper(
+        request: Request,
+        current_user = Depends(JWT.current_user),
+    ):
+        requested_email = request.path_params.get("email")
+        user = await db.get_user_by_email(current_user)
+        perms = user.permissions[0]
+        # если админ → разрешено всегда
+        if perms.is_admin:
+            return user
+        # проверяем, что у пользователя есть нужное право
+        if not getattr(perms, required, False):
+            raise HTTPException(
+                status_code=status.HTTP_403_FORBIDDEN,
+                detail=f"You don't have a permission"
+            )
+        # проверяем, что работает только со своим email
+        if current_user.lower() != requested_email.lower():
+            raise HTTPException(
+                status_code=status.HTTP_403_FORBIDDEN,
+                detail=f"You can only do this with your own account"
+            )
+
+        return user
+    return wrapper