18 lines
679 B
Python
18 lines
679 B
Python
# modules/auth/dependencies.py
|
|
from fastapi import Depends
|
|
from modules.auth.security import get_current_user
|
|
from modules.auth.schemas import UserRole
|
|
from modules.auth.models import User
|
|
from core.exceptions import forbidden_exception
|
|
|
|
class RoleChecker:
|
|
def __init__(self, allowed_roles: list[UserRole]):
|
|
self.allowed_roles = allowed_roles
|
|
|
|
def __call__(self, user: User = Depends(get_current_user)):
|
|
if user.role not in self.allowed_roles:
|
|
raise forbidden_exception("You do not have permission to perform this action.")
|
|
return user
|
|
|
|
admin_only = RoleChecker([UserRole.ADMIN])
|
|
any_user = RoleChecker([UserRole.ADMIN, UserRole.USER]) |