feat: root user dependencies also allow super admins

src/auth/dependencies.py

@@ -19,6 +19,13 @@ from src.organisation.models import Organisation as Org
 from src.auth.exceptions import UnauthorizedException
 
 
+def is_super_admin(user_model) -> bool:
+	super_admin_emails = ["chris@sr2.uk"]
+	if user_model.email not in super_admin_emails:
+		raise UnauthorizedException()
+	return True
+
+
 async def org_query_user_claims(org_model: org_model_query_dependency, user_model: user_model_claims_dependency):
 	if user_model in org_model.user_rel:
 		return True
@@ -33,6 +40,9 @@ async def org_query_root_claims(user_model: user_model_claims_dependency, org_mo
 	if org_model.root_user_id == user_model.id:
 		return org_model
 
+	if is_super_admin(user_model):
+		return org_model
+
 	raise UnauthorizedException()
 
 
@@ -43,17 +53,20 @@ async def org_body_root_claims(user_model: user_model_claims_dependency, org_mod
 	if org_model.root_user_id == user_model.id:
 		return org_model
 
+	if is_super_admin(user_model):
+		return org_model
+
 	raise UnauthorizedException()
 
 
 org_model_root_claim_body_dependency = Annotated[type[Org], Depends(org_body_root_claims)]
 
 
-async def is_super_admin(user_model: user_model_claims_dependency):
-	super_admin_emails = []
-	if user_model.email not in super_admin_emails:
-		raise UnauthorizedException()
-	return True
+async def user_model_super_admin(user_model: user_model_claims_dependency):
+	if is_super_admin(user_model):
+		return user_model
+
+	raise UnauthorizedException()
 
 
-super_admin_dependency = Annotated[bool, Depends(is_super_admin)]
+super_admin_dependency = Annotated[bool, Depends(user_model_super_admin)]