mirror of
https://github.com/MODSetter/SurfSense.git
synced 2026-06-30 21:59:46 +02:00
fix(authz):add zero context authorization checks
This commit is contained in:
parent
08c1d12eb1
commit
7241a7a894
3 changed files with 136 additions and 0 deletions
29
surfsense_backend/app/routes/zero_context_routes.py
Normal file
29
surfsense_backend/app/routes/zero_context_routes.py
Normal file
|
|
@ -0,0 +1,29 @@
|
|||
"""Zero sync authentication context routes."""
|
||||
|
||||
from pydantic import BaseModel
|
||||
from fastapi import APIRouter, Depends
|
||||
from sqlalchemy.ext.asyncio import AsyncSession
|
||||
|
||||
from app.auth.context import AuthContext
|
||||
from app.db import get_async_session
|
||||
from app.users import get_auth_context
|
||||
from app.utils.rbac import get_allowed_read_space_ids
|
||||
|
||||
router = APIRouter(prefix="/zero", tags=["zero"])
|
||||
|
||||
|
||||
class ZeroContextResponse(BaseModel):
|
||||
userId: str
|
||||
allowedSpaceIds: list[int]
|
||||
|
||||
|
||||
@router.get("/context", response_model=ZeroContextResponse)
|
||||
async def get_zero_context(
|
||||
auth: AuthContext = Depends(get_auth_context),
|
||||
session: AsyncSession = Depends(get_async_session),
|
||||
) -> ZeroContextResponse:
|
||||
allowed_space_ids = await get_allowed_read_space_ids(session, auth)
|
||||
return ZeroContextResponse(
|
||||
userId=str(auth.user.id),
|
||||
allowedSpaceIds=allowed_space_ids,
|
||||
)
|
||||
Loading…
Add table
Add a link
Reference in a new issue