Endpoint role-checking was redundantly applied but FastAPI provides a nice abstraction mechanic...so I applied it. There should be no logical changes in this code; only simpler, cleaner ways for doing the same thing.

2024-02-08 18:05:01 -06:00 · 2024-02-08 18:05:01 -06:00 · 08e8e922fd
commit 08e8e922fd
parent 46d0eff218
11 changed files with 127 additions and 251 deletions
--- a/backend/apps/web/routers/configs.py
+++ b/backend/apps/web/routers/configs.py
@ -10,7 +10,7 @@ import uuid

 from apps.web.models.users import Users

-from utils.utils import get_password_hash, get_current_user, create_token
+from utils.utils import get_password_hash, get_current_user, get_admin_user, create_token
 from utils.misc import get_gravatar_url, validate_email_format
 from constants import ERROR_MESSAGES

@ -37,30 +37,19 @@ class SetDefaultSuggestionsForm(BaseModel):

@router.post("/default/models", response_model=str)
 async def set_global_default_models(
-    request: Request, form_data: SetDefaultModelsForm, user=Depends(get_current_user)
+    request: Request, form_data: SetDefaultModelsForm, user=Depends(get_admin_user)
 ):
-    if user.role == "admin":
-        request.app.state.DEFAULT_MODELS = form_data.models
-        return request.app.state.DEFAULT_MODELS
-    else:
-        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
-        )
+    request.app.state.DEFAULT_MODELS = form_data.models
+    return request.app.state.DEFAULT_MODELS
+


@router.post("/default/suggestions", response_model=List[PromptSuggestion])
 async def set_global_default_suggestions(
    request: Request,
    form_data: SetDefaultSuggestionsForm,
-    user=Depends(get_current_user),
+    user=Depends(get_admin_user),
 ):
-    if user.role == "admin":
-        data = form_data.model_dump()
-        request.app.state.DEFAULT_PROMPT_SUGGESTIONS = data["suggestions"]
-        return request.app.state.DEFAULT_PROMPT_SUGGESTIONS
-    else:
-        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
-        )
+    data = form_data.model_dump()
+    request.app.state.DEFAULT_PROMPT_SUGGESTIONS = data["suggestions"]
+    return request.app.state.DEFAULT_PROMPT_SUGGESTIONS