feat: implement role-based access control for miniapp
All checks were successful
CI / lint-and-test (push) Successful in 22s
All checks were successful
CI / lint-and-test (push) Successful in 22s
- Introduced a new roles table in the database to manage user roles ('user' and 'admin') for access control.
- Updated the user model to include a foreign key reference to the roles table, allowing for role assignment.
- Enhanced command handlers to support the `/set_role` command for admins to assign roles to users.
- Refactored access control logic to utilize role checks instead of username/phone allowlists, improving security and maintainability.
- Updated documentation to reflect changes in access control mechanisms and role management.
- Added unit tests to ensure correct functionality of role assignment and access checks.
This commit is contained in:
@@ -22,6 +22,11 @@ MESSAGES: dict[str, dict[str, str]] = {
|
||||
),
|
||||
"calendar_link.error": "Could not generate link. Please try again later.",
|
||||
"help.import_schedule": "/import_duty_schedule — Import duty schedule (JSON)",
|
||||
"help.set_role": "/set_role — Set user role (user | admin)",
|
||||
"set_role.usage": "Usage: /set_role @username user|admin or reply to a message and send /set_role user|admin",
|
||||
"set_role.user_not_found": "User not found.",
|
||||
"set_role.done": "Role set: {name} → {role}",
|
||||
"set_role.error": "Could not set role.",
|
||||
"errors.generic": "An error occurred. Please try again later.",
|
||||
"pin_duty.group_only": "The /pin_duty command works only in groups.",
|
||||
"pin_duty.no_message": "There is no duty message in this chat yet. Add the bot to the group — it will create one automatically.",
|
||||
@@ -81,6 +86,11 @@ MESSAGES: dict[str, dict[str, str]] = {
|
||||
"calendar_link.help_hint": "Подпишитесь на эту ссылку в Google Календаре, Календаре Apple или Outlook, чтобы видеть только свои дежурства.",
|
||||
"calendar_link.error": "Не удалось сформировать ссылку. Попробуйте позже.",
|
||||
"help.import_schedule": "/import_duty_schedule — Импорт расписания дежурств (JSON)",
|
||||
"help.set_role": "/set_role — Выдать роль пользователю (user | admin)",
|
||||
"set_role.usage": "Использование: /set_role @username user|admin или ответьте на сообщение и отправьте /set_role user|admin",
|
||||
"set_role.user_not_found": "Пользователь не найден.",
|
||||
"set_role.done": "Роль установлена: {name} → {role}",
|
||||
"set_role.error": "Не удалось установить роль.",
|
||||
"errors.generic": "Произошла ошибка. Попробуйте позже.",
|
||||
"pin_duty.group_only": "Команда /pin_duty работает только в группах.",
|
||||
"pin_duty.no_message": "В этом чате ещё нет сообщения о дежурстве. Добавьте бота в группу — оно создастся автоматически.",
|
||||
|
||||
Reference in New Issue
Block a user