28 lines
1.2 KiB
Python
28 lines
1.2 KiB
Python
from fastapi import (
|
|
HTTPException,
|
|
status,
|
|
)
|
|
from api.db.logic.account import get_user_by_login
|
|
from api.db.tables.account import AccountRole
|
|
|
|
|
|
async def db_user_role_validation(connection, current_user):
|
|
authorize_user = await get_user_by_login(connection, current_user)
|
|
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
|
|
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="You do not have enough permissions")
|
|
return authorize_user
|
|
|
|
async def db_user_role_validation_for_listevents_by_listevent_id(connection, current_user,current_listevents_creator_id):
|
|
authorize_user = await get_user_by_login(connection, current_user)
|
|
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
|
|
if authorize_user.id != current_listevents_creator_id:
|
|
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="You do not have enough permissions")
|
|
return authorize_user
|
|
|
|
async def db_user_role_validation_for_listevents(connection, current_user):
|
|
authorize_user = await get_user_by_login(connection, current_user)
|
|
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
|
|
return authorize_user,False
|
|
else:
|
|
return authorize_user,True
|