|
@@ -70,7 +70,9 @@ async def get_channel_by_id(id: str, user=Depends(get_verified_user)):
|
|
|
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
|
|
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
|
|
|
)
|
|
)
|
|
|
|
|
|
|
|
- if not has_access(user.id, type="read", access_control=channel.access_control):
|
|
|
|
|
|
|
+ if user.role != "admin" and not has_access(
|
|
|
|
|
+ user.id, type="read", access_control=channel.access_control
|
|
|
|
|
+ ):
|
|
|
raise HTTPException(
|
|
raise HTTPException(
|
|
|
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
|
|
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
|
|
|
)
|
|
)
|
|
@@ -145,7 +147,9 @@ async def get_channel_messages(
|
|
|
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
|
|
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
|
|
|
)
|
|
)
|
|
|
|
|
|
|
|
- if not has_access(user.id, type="read", access_control=channel.access_control):
|
|
|
|
|
|
|
+ if user.role != "admin" and not has_access(
|
|
|
|
|
+ user.id, type="read", access_control=channel.access_control
|
|
|
|
|
+ ):
|
|
|
raise HTTPException(
|
|
raise HTTPException(
|
|
|
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
|
|
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
|
|
|
)
|
|
)
|
|
@@ -186,7 +190,9 @@ async def post_new_message(
|
|
|
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
|
|
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
|
|
|
)
|
|
)
|
|
|
|
|
|
|
|
- if not has_access(user.id, type="read", access_control=channel.access_control):
|
|
|
|
|
|
|
+ if user.role != "admin" and not has_access(
|
|
|
|
|
+ user.id, type="read", access_control=channel.access_control
|
|
|
|
|
+ ):
|
|
|
raise HTTPException(
|
|
raise HTTPException(
|
|
|
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
|
|
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
|
|
|
)
|
|
)
|
|
@@ -236,7 +242,9 @@ async def update_message_by_id(
|
|
|
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
|
|
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
|
|
|
)
|
|
)
|
|
|
|
|
|
|
|
- if not has_access(user.id, type="read", access_control=channel.access_control):
|
|
|
|
|
|
|
+ if user.role != "admin" and not has_access(
|
|
|
|
|
+ user.id, type="read", access_control=channel.access_control
|
|
|
|
|
+ ):
|
|
|
raise HTTPException(
|
|
raise HTTPException(
|
|
|
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
|
|
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
|
|
|
)
|
|
)
|
|
@@ -294,7 +302,9 @@ async def delete_message_by_id(
|
|
|
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
|
|
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
|
|
|
)
|
|
)
|
|
|
|
|
|
|
|
- if not has_access(user.id, type="read", access_control=channel.access_control):
|
|
|
|
|
|
|
+ if user.role != "admin" and not has_access(
|
|
|
|
|
+ user.id, type="read", access_control=channel.access_control
|
|
|
|
|
+ ):
|
|
|
raise HTTPException(
|
|
raise HTTPException(
|
|
|
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
|
|
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
|
|
|
)
|
|
)
|
Timothy Jaeryang Baek