优化证书生成与正式部署配置
This commit is contained in:
@@ -8,6 +8,10 @@ from app.models import AdminUser
|
||||
|
||||
bearer_scheme = HTTPBearer(auto_error=False)
|
||||
|
||||
ROLE_ALIASES = {
|
||||
"admin": "system_admin",
|
||||
}
|
||||
|
||||
|
||||
def get_current_admin(
|
||||
credentials: HTTPAuthorizationCredentials | None = Depends(bearer_scheme),
|
||||
@@ -26,7 +30,8 @@ def get_current_admin(
|
||||
|
||||
def require_roles(*role_codes: str):
|
||||
def checker(admin: AdminUser = Depends(get_current_admin)) -> AdminUser:
|
||||
if admin.role_code not in role_codes:
|
||||
role_code = ROLE_ALIASES.get(admin.role_code, admin.role_code)
|
||||
if role_code not in role_codes:
|
||||
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Permission denied")
|
||||
return admin
|
||||
|
||||
|
||||
Reference in New Issue
Block a user