33 lines
1.3 KiB
Python
33 lines
1.3 KiB
Python
from fastapi import (
|
|
HTTPException,
|
|
status,
|
|
)
|
|
from orm.tables.account import AccountRole
|
|
|
|
from api.db.logic.account import get_user_by_login
|
|
|
|
|
|
async def db_user_role_validation(connection, current_user):
|
|
authorize_user = await get_user_by_login(connection, current_user)
|
|
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
|
|
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="You do not have enough permissions")
|
|
return authorize_user
|
|
|
|
|
|
async def db_user_role_validation_for_list_events_and_process_schema_by_list_event_id(
|
|
connection, current_user, current_listevents_creator_id
|
|
):
|
|
authorize_user = await get_user_by_login(connection, current_user)
|
|
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
|
|
if authorize_user.id != current_listevents_creator_id:
|
|
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="You do not have enough permissions")
|
|
return authorize_user
|
|
|
|
|
|
async def db_user_role_validation_for_list_events_and_process_schema(connection, current_user):
|
|
authorize_user = await get_user_by_login(connection, current_user)
|
|
if authorize_user.role not in {AccountRole.OWNER, AccountRole.ADMIN}:
|
|
return authorize_user, False
|
|
else:
|
|
return authorize_user, True
|