add permission check for form productor and product

2026-03-04 23:36:17 +01:00
parent 6679107b13
commit 5e413b11e0
8 changed files with 164 additions and 59 deletions
--- a/backend/src/productors/service.py
+++ b/backend/src/productors/service.py
@@ -92,3 +92,19 @@ def delete_one(session: Session, id: int) -> models.ProductorPublic:
    session.delete(productor)
    session.commit()
    return result
+
+def is_allowed(
+    session: Session, 
+    user: models.User, 
+    _id: int, 
+    productor: models.ProductorCreate
+) -> bool:
+    if not _id:
+        return productor.type in [r.name for r in user.roles]
+    statement = (
+        select(models.Productor)
+        .where(models.Productor.id == _id)
+        .where(models.Productor.type.in_([r.name for r in user.roles]))
+        .distinct()
+    )
+    return len(session.exec(statement).all()) > 0