mish/evo-sync
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity

fix: grant admin role full access to logs, roles, delete, and role changes

Browse Source 
Previously these actions were restricted to system role only. Admin and
system are now treated equally across: API logs view, user role editing,
user deletion, and role/permissions management. Regular users remain blocked.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
mguschin
2026-05-24 17:13:48 +03:00
parent 04ca914971
commit a597639aa7
2 changed files with 5 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
web/routes/logs.py
View File

@@ -8,6 +8,7 @@ from sqlalchemy.orm import Session
from web.auth.session import get_current_user
from web.database import get_db
from web.models.connections import ApiLog
from web.models.user import UserRoleEnum
from web.templates_env import templates
router = APIRouter()
@@ -34,6 +35,8 @@ async def admin_logs(
user = get_current_user(request, db)
except Exception:
return RedirectResponse("/login", 303)
if user.role not in (UserRoleEnum.admin, UserRoleEnum.system):
return RedirectResponse("/login", 303)
since = datetime.utcnow() - timedelta(hours=hours)
query = db.query(ApiLog).filter(ApiLog.created_at >= since)