feat: hide user nav links for admin, redirect admin to /admin/users on login

Connections/Catalog/VK/Sync nav links only shown for regular users or when admin is viewing as a user. Admin/system users land on /admin/users after login. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-13 20:48:02 +03:00
parent 5e7be16755
commit 8549e98f8d
2 changed files with 12 additions and 2 deletions
--- a/web/main.py
+++ b/web/main.py
@@ -1,6 +1,6 @@
 import logging

-from fastapi import FastAPI, Request
+from fastapi import Depends, FastAPI, Request
 from fastapi.responses import HTMLResponse
 from fastapi.staticfiles import StaticFiles
 from starlette.middleware.sessions import SessionMiddleware
@@ -40,6 +40,8 @@ from web.routes.connections import router as connections_router  # noqa: E402
 from web.routes.vk_catalog import router as vk_catalog_router  # noqa: E402
 from web.routes.logs import router as logs_router  # noqa: E402
 from web.routes.sync import router as sync_router  # noqa: E402
+from web.database import get_db  # noqa: E402
+from web.models.user import User  # noqa: E402

 app.include_router(auth_router)
 app.include_router(reset_router)
@@ -69,10 +71,14 @@ async def health():

 # ── Root redirect ─────────────────────────────────────────────────────────────
@app.get("/")
-async def root(request: Request):
+async def root(request: Request, db=Depends(get_db)):
    from fastapi.responses import RedirectResponse
+    from web.models.user import UserRoleEnum
    user_id = request.session.get("user_id")
    if user_id:
+        user = db.get(User, user_id)
+        if user and user.role in (UserRoleEnum.admin, UserRoleEnum.system):
+            return RedirectResponse("/admin/users", 303)
        return RedirectResponse("/profile", 303)
    return RedirectResponse("/login", 303)

--- a/web/templates/base.html
+++ b/web/templates/base.html
@@ -16,10 +16,12 @@
            </ul>
            <ul class="nav-links">
                {% if user %}
+                    {% if user.role not in ('admin', 'system') or viewed_user %}
                    <li><a href="/connections">Подключения</a></li>
                    <li><a href="/catalog">Каталог Эвотор</a></li>
                    <li><a href="/vk-catalog/albums">Каталог ВК</a></li>
                    <li><a href="/sync">Синхронизация</a></li>
+                    {% endif %}
                    {% if user.role in ('admin', 'system') %}
                    <li><a href="/admin/users"><i class="bi bi-shield-lock"></i> Админ</a></li>
                    <li><a href="/admin/logs"><i class="bi bi-journal-text"></i> Логи</a></li>
@@ -34,10 +36,12 @@
            <details class="mobile-menu">
                <summary role="button" class="outline secondary icon-btn"><i class="bi bi-list"></i></summary>
                <ul>
+                    {% if user.role not in ('admin', 'system') or viewed_user %}
                    <li><a href="/connections">Подключения</a></li>
                    <li><a href="/catalog">Каталог Эвотор</a></li>
                    <li><a href="/vk-catalog/albums">Каталог ВК</a></li>
                    <li><a href="/sync">Синхронизация</a></li>
+                    {% endif %}
                    {% if user.role in ('admin', 'system') %}
                    <li><a href="/admin/users">Админ</a></li>
                    <li><a href="/admin/logs">Логи</a></li>