feat: admin settings

2024-02-14 01:17:43 -08:00 · 2024-02-14 01:17:43 -08:00 · 511e939b5d
commit 511e939b5d
parent b0a07e5265
13 changed files with 526 additions and 51 deletions
--- a/backend/apps/web/routers/auths.py
+++ b/backend/apps/web/routers/auths.py
@ -19,7 +19,12 @@ from apps.web.models.auths import (
 )
 from apps.web.models.users import Users

-from utils.utils import get_password_hash, get_current_user, get_admin_user, create_token
+from utils.utils import (
+    get_password_hash,
+    get_current_user,
+    get_admin_user,
+    create_token,
+)
 from utils.misc import get_gravatar_url, validate_email_format
 from constants import ERROR_MESSAGES

@ -116,16 +121,24 @@ async def signin(form_data: SigninForm):
@router.post("/signup", response_model=SigninResponse)
 async def signup(request: Request, form_data: SignupForm):
    if not request.app.state.ENABLE_SIGNUP:
-        raise HTTPException(status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED)
+        raise HTTPException(
+            status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED
+        )

    if not validate_email_format(form_data.email.lower()):
-        raise HTTPException(status.HTTP_400_BAD_REQUEST, detail=ERROR_MESSAGES.INVALID_EMAIL_FORMAT)
+        raise HTTPException(
+            status.HTTP_400_BAD_REQUEST, detail=ERROR_MESSAGES.INVALID_EMAIL_FORMAT
+        )

    if Users.get_user_by_email(form_data.email.lower()):
        raise HTTPException(400, detail=ERROR_MESSAGES.EMAIL_TAKEN)

    try:
-        role = "admin" if Users.get_num_users() == 0 else "pending"
+        role = (
+            "admin"
+            if Users.get_num_users() == 0
+            else request.app.state.DEFAULT_USER_ROLE
+        )
        hashed = get_password_hash(form_data.password)
        user = Auths.insert_new_auth(
            form_data.email.lower(), hashed, form_data.name, role
@ -164,3 +177,26 @@ async def get_sign_up_status(request: Request, user=Depends(get_admin_user)):
 async def toggle_sign_up(request: Request, user=Depends(get_admin_user)):
    request.app.state.ENABLE_SIGNUP = not request.app.state.ENABLE_SIGNUP
    return request.app.state.ENABLE_SIGNUP
+
+
+############################
+# Default User Role
+############################
+
+
+@router.get("/signup/user/role")
+async def get_default_user_role(request: Request, user=Depends(get_admin_user)):
+    return request.app.state.DEFAULT_USER_ROLE
+
+
+class UpdateRoleForm(BaseModel):
+    role: str
+
+
+@router.post("/signup/user/role")
+async def update_default_user_role(
+    request: Request, form_data: UpdateRoleForm, user=Depends(get_admin_user)
+):
+    if form_data.role in ["pending", "user", "admin"]:
+        request.app.state.DEFAULT_USER_ROLE = form_data.role
+    return request.app.state.DEFAULT_USER_ROLE