Coverage for core/middleware/permission_middleware.py: 45.00%
20 statements
« prev ^ index » next coverage.py v7.10.7, created at 2025-10-13 18:58 +0000
1"""
2权限中间件
3"""
5from typing import List, Optional
7from fastapi import HTTPException, Request, status
9from core.middleware.auth_middleware import get_current_user
10from core.models.user import UserType
13class PermissionConfig:
14 """权限配置"""
16 # Admin权限路由列表
17 ADMIN_ROUTES = [
18 "/api/v1/users", # 用户管理API
19 "/settings/user-management", # 用户管理页面
20 ]
22 # Admin权限API前缀
23 ADMIN_API_PREFIXES = ["/api/v1/users"]
26def check_admin_permission(request: Request, current_user) -> bool:
27 """检查admin权限"""
28 if current_user.user_type != UserType.ADMIN:
29 return False
31 # 检查路由权限
32 path = request.url.path
34 # 检查API前缀
35 for prefix in PermissionConfig.ADMIN_API_PREFIXES:
36 if path.startswith(prefix):
37 return True
39 return False
42async def require_admin_permission(request: Request):
43 """要求admin权限的依赖"""
44 # 获取当前用户
45 current_user = await get_current_user(
46 request.headers.get("Authorization", "").replace("Bearer ", "")
47 )
49 if not check_admin_permission(request, current_user):
50 raise HTTPException(
51 status_code=status.HTTP_403_FORBIDDEN, detail="需要管理员权限"
52 )
54 return current_user