cloud-api/src/auth/dependencies.py

"""
Router dependencies for auth module

Classes:
 - List: Description
 - Classes: Description

Functions:
 - List: Description
 - Functions: Description
"""
from typing import Annotated
from fastapi import Depends

from src.user.dependencies import user_model_claims_dependency
from src.organisation.dependencies import org_model_query_dependency, org_model_body_dependency
from src.organisation.models import Organisation as Org

from src.auth.exceptions import UnauthorizedException


async def org_query_user_claims(org_model: org_model_query_dependency, user_model: user_model_claims_dependency):
	if user_model in org_model.user_rel:
		return True

	raise UnauthorizedException()


org_query_user_claims_dependency = Annotated[bool, Depends(org_query_user_claims)]


async def org_query_root_claims(user_model: user_model_claims_dependency, org_model: org_model_query_dependency):
	if org_model.root_user_id == user_model.id:
		return org_model

	raise UnauthorizedException()


org_model_root_claim_query_dependency = Annotated[type[Org], Depends(org_query_root_claims)]


async def org_body_root_claims(user_model: user_model_claims_dependency, org_model: org_model_body_dependency):
	if org_model.root_user_id == user_model.id:
		return org_model

	raise UnauthorizedException()


org_model_root_claim_body_dependency = Annotated[type[Org], Depends(org_body_root_claims)]


async def is_super_admin(user_model: user_model_claims_dependency):
	super_admin_emails = []
	if user_model.email not in super_admin_emails:
		raise UnauthorizedException()
	return True


super_admin_dependency = Annotated[bool, Depends(is_super_admin)]
Initial commit 2026-04-06 12:41:49 +01:00			`"""`
			`Router dependencies for auth module`

			`Classes:`
			`- List: Description`
			`- Classes: Description`

			`Functions:`
			`- List: Description`
			`- Functions: Description`
feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00			`"""`
fix: auth dependency return values and types Return values were all labelled as dicts instead of bools. Root user dependency now returns the org for which they are root user. 2026-05-27 15:22:32 +01:00			`from typing import Annotated`
feat: custom exceptions instead of direct fastapi.httpexceptions Resolves #2 2026-05-27 14:58:10 +01:00			`from fastapi import Depends`
feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00
			`from src.user.dependencies import user_model_claims_dependency`
feat: auth dependency for root user with org in body 2026-05-27 15:34:18 +01:00			`from src.organisation.dependencies import org_model_query_dependency, org_model_body_dependency`
fix: auth dependency return values and types Return values were all labelled as dicts instead of bools. Root user dependency now returns the org for which they are root user. 2026-05-27 15:22:32 +01:00			`from src.organisation.models import Organisation as Org`
feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00
feat: custom exceptions instead of direct fastapi.httpexceptions Resolves #2 2026-05-27 14:58:10 +01:00			`from src.auth.exceptions import UnauthorizedException`

feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00
			`async def org_query_user_claims(org_model: org_model_query_dependency, user_model: user_model_claims_dependency):`
			`if user_model in org_model.user_rel:`
			`return True`

feat: custom exceptions instead of direct fastapi.httpexceptions Resolves #2 2026-05-27 14:58:10 +01:00			`raise UnauthorizedException()`
feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00

fix: auth dependency return values and types Return values were all labelled as dicts instead of bools. Root user dependency now returns the org for which they are root user. 2026-05-27 15:22:32 +01:00			`org_query_user_claims_dependency = Annotated[bool, Depends(org_query_user_claims)]`
feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00

			`async def org_query_root_claims(user_model: user_model_claims_dependency, org_model: org_model_query_dependency):`
			`if org_model.root_user_id == user_model.id:`
fix: auth dependency return values and types Return values were all labelled as dicts instead of bools. Root user dependency now returns the org for which they are root user. 2026-05-27 15:22:32 +01:00			`return org_model`
feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00
feat: custom exceptions instead of direct fastapi.httpexceptions Resolves #2 2026-05-27 14:58:10 +01:00			`raise UnauthorizedException()`
feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00

fix: auth dependency return values and types Return values were all labelled as dicts instead of bools. Root user dependency now returns the org for which they are root user. 2026-05-27 15:22:32 +01:00			`org_model_root_claim_query_dependency = Annotated[type[Org], Depends(org_query_root_claims)]`
feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00

feat: auth dependency for root user with org in body 2026-05-27 15:34:18 +01:00			`async def org_body_root_claims(user_model: user_model_claims_dependency, org_model: org_model_body_dependency):`
			`if org_model.root_user_id == user_model.id:`
			`return org_model`

			`raise UnauthorizedException()`


			`org_model_root_claim_body_dependency = Annotated[type[Org], Depends(org_body_root_claims)]`


feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00			`async def is_super_admin(user_model: user_model_claims_dependency):`
			`super_admin_emails = []`
			`if user_model.email not in super_admin_emails:`
feat: custom exceptions instead of direct fastapi.httpexceptions Resolves #2 2026-05-27 14:58:10 +01:00			`raise UnauthorizedException()`
feat: auth dependencies These dependencies require `user_model_claims_dependency` which requires the `claims_dependency`. This caused an import loop error and therefore they must be defined in a different file from `claims_dependency`. Resolves #6 2026-05-27 14:27:51 +01:00			`return True`


fix: auth dependency return values and types Return values were all labelled as dicts instead of bools. Root user dependency now returns the org for which they are root user. 2026-05-27 15:22:32 +01:00			`super_admin_dependency = Annotated[bool, Depends(is_super_admin)]`