From 518ba194ae2e77b3cbfd7296af63a3005d996f5a Mon Sep 17 00:00:00 2001 From: "MH.Dmitrii" Date: Sat, 7 Mar 2026 01:01:28 +0300 Subject: [PATCH] final --- run.py | 2 +- .../alembic/alembic/versions/1e2bd98e74a5_.py | 32 +++++++++++++++++++ server/backend/endpoints/endpoints.py | 5 ++- 3 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 server/backend/database/alembic/alembic/versions/1e2bd98e74a5_.py diff --git a/run.py b/run.py index df026d8..f0c9763 100644 --- a/run.py +++ b/run.py @@ -35,7 +35,7 @@ async def arguments(args): "surname": args.user_name, "admin": True } - users = await list_users() or [] + users = await list_users() label = any(u.admin for u in users) if not label: await create_user(UserCreate(**admin_user)) diff --git a/server/backend/database/alembic/alembic/versions/1e2bd98e74a5_.py b/server/backend/database/alembic/alembic/versions/1e2bd98e74a5_.py new file mode 100644 index 0000000..80f3774 --- /dev/null +++ b/server/backend/database/alembic/alembic/versions/1e2bd98e74a5_.py @@ -0,0 +1,32 @@ +"""empty message + +Revision ID: 1e2bd98e74a5 +Revises: 4ffe643b7d40 +Create Date: 2026-03-07 00:44:25.427515 + +""" +from typing import Sequence, Union + +from alembic import op +import sqlalchemy as sa + + +# revision identifiers, used by Alembic. +revision: str = '1e2bd98e74a5' +down_revision: Union[str, Sequence[str], None] = '4ffe643b7d40' +branch_labels: Union[str, Sequence[str], None] = None +depends_on: Union[str, Sequence[str], None] = None + + +def upgrade() -> None: + """Upgrade schema.""" + # ### commands auto generated by Alembic - please adjust! ### + pass + # ### end Alembic commands ### + + +def downgrade() -> None: + """Downgrade schema.""" + # ### commands auto generated by Alembic - please adjust! ### + pass + # ### end Alembic commands ### diff --git a/server/backend/endpoints/endpoints.py b/server/backend/endpoints/endpoints.py index 6206b85..6b6f2e6 100644 --- a/server/backend/endpoints/endpoints.py +++ b/server/backend/endpoints/endpoints.py @@ -13,7 +13,10 @@ async def get_current_user(credentials: HTTPAuthorizationCredentials = Depends(s raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token") return user async def check_roles(user=Depends(get_current_user)): - if user.get("admin") != True: + user_check = await db.list_user(user["user_id"]) + if not user_check: + raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found") + if user_check.admin != True: raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Access denied") return user