forked from open-webui/open-webui
fix: update role
This commit is contained in:
parent
fb0c64379d
commit
e441875af7
1 changed files with 24 additions and 0 deletions
|
@ -31,6 +31,30 @@ async def get_users(skip: int = 0, limit: int = 50, user=Depends(get_current_use
|
||||||
return Users.get_users(skip, limit)
|
return Users.get_users(skip, limit)
|
||||||
|
|
||||||
|
|
||||||
|
############################
|
||||||
|
# UpdateUserRole
|
||||||
|
############################
|
||||||
|
|
||||||
|
|
||||||
|
@router.post("/update/role", response_model=Optional[UserModel])
|
||||||
|
async def update_user_role(
|
||||||
|
form_data: UserRoleUpdateForm, user=Depends(get_current_user)
|
||||||
|
):
|
||||||
|
if user.role != "admin":
|
||||||
|
raise HTTPException(
|
||||||
|
status_code=status.HTTP_403_FORBIDDEN,
|
||||||
|
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
|
||||||
|
)
|
||||||
|
|
||||||
|
if user.id != form_data.id:
|
||||||
|
return Users.update_user_role_by_id(form_data.id, form_data.role)
|
||||||
|
else:
|
||||||
|
raise HTTPException(
|
||||||
|
status_code=status.HTTP_403_FORBIDDEN,
|
||||||
|
detail=ERROR_MESSAGES.ACTION_PROHIBITED,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
############################
|
############################
|
||||||
# UpdateUserById
|
# UpdateUserById
|
||||||
############################
|
############################
|
||||||
|
|
Loading…
Reference in a new issue