Coverage for src / mysingle / auth / deps / permissions.py: 0%
15 statements
« prev ^ index » next coverage.py v7.12.0, created at 2025-12-02 00:58 +0900
1from typing import List
3from fastapi import Request
5from ...core.logging import get_structured_logger
6from ..exceptions import AuthorizationFailed
7from ..models import User
8from .core import get_current_active_verified_user
10logger = get_structured_logger(__name__)
13def require_user_role(request: Request, required_roles: List[str]) -> User:
14 """역할 요구: 현재는 superuser 중심, 향후 확장 가능"""
15 user = get_current_active_verified_user(request)
17 # 간단한 관리자 권한 체크 (role 시스템 확장 전까지)
18 if (
19 any(role in ("admin", "superuser") for role in required_roles)
20 and not user.is_superuser
21 ):
22 logger.warning(f"User {user.id} lacks required roles: {required_roles}")
23 raise AuthorizationFailed(
24 f"Required roles: {required_roles}", user_id=str(user.id)
25 )
27 return user
30def require_admin_access(request: Request) -> User:
31 """관리자 권한 편의 함수"""
32 return require_user_role(request, ["admin", "superuser"])