fix(authz):add zero context authorization checks

This commit is contained in:
Anish Sarkar 2026-06-23 12:53:44 +05:30
parent 08c1d12eb1
commit 7241a7a894
3 changed files with 136 additions and 0 deletions

View file

@ -0,0 +1,29 @@
"""Zero sync authentication context routes."""
from pydantic import BaseModel
from fastapi import APIRouter, Depends
from sqlalchemy.ext.asyncio import AsyncSession
from app.auth.context import AuthContext
from app.db import get_async_session
from app.users import get_auth_context
from app.utils.rbac import get_allowed_read_space_ids
router = APIRouter(prefix="/zero", tags=["zero"])
class ZeroContextResponse(BaseModel):
userId: str
allowedSpaceIds: list[int]
@router.get("/context", response_model=ZeroContextResponse)
async def get_zero_context(
auth: AuthContext = Depends(get_auth_context),
session: AsyncSession = Depends(get_async_session),
) -> ZeroContextResponse:
allowed_space_ids = await get_allowed_read_space_ids(session, auth)
return ZeroContextResponse(
userId=str(auth.user.id),
allowedSpaceIds=allowed_space_ids,
)