final

2026-03-07 01:01:28 +03:00
parent 10fdda3ec1
commit 518ba194ae
3 changed files with 37 additions and 2 deletions
--- a/server/backend/database/alembic/alembic/versions/1e2bd98e74a5_.py
+++ b/server/backend/database/alembic/alembic/versions/1e2bd98e74a5_.py
@@ -0,0 +1,32 @@
+"""empty message
+
+Revision ID: 1e2bd98e74a5
+Revises: 4ffe643b7d40
+Create Date: 2026-03-07 00:44:25.427515
+
+"""
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision: str = '1e2bd98e74a5'
+down_revision: Union[str, Sequence[str], None] = '4ffe643b7d40'
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    """Upgrade schema."""
+    # ### commands auto generated by Alembic - please adjust! ###
+    pass
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    """Downgrade schema."""
+    # ### commands auto generated by Alembic - please adjust! ###
+    pass
+    # ### end Alembic commands ###
--- a/server/backend/endpoints/endpoints.py
+++ b/server/backend/endpoints/endpoints.py
@@ -13,7 +13,10 @@ async def get_current_user(credentials: HTTPAuthorizationCredentials = Depends(s
        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token")
    return user
 async def check_roles(user=Depends(get_current_user)):
-    if user.get("admin") != True:
+    user_check = await db.list_user(user["user_id"])
+    if not user_check:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found")
+    if user_check.admin != True:
        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Access denied")
    return user