feat: implement role-based access control for miniapp
All checks were successful
CI / lint-and-test (push) Successful in 22s
All checks were successful
CI / lint-and-test (push) Successful in 22s
- Introduced a new roles table in the database to manage user roles ('user' and 'admin') for access control.
- Updated the user model to include a foreign key reference to the roles table, allowing for role assignment.
- Enhanced command handlers to support the `/set_role` command for admins to assign roles to users.
- Refactored access control logic to utilize role checks instead of username/phone allowlists, improving security and maintainability.
- Updated documentation to reflect changes in access control mechanisms and role management.
- Added unit tests to ensure correct functionality of role assignment and access checks.
This commit is contained in:
@@ -9,5 +9,5 @@ def test_register_handlers_adds_all_handlers():
|
||||
"""register_handlers: adds command, import, group pin handlers and error handler."""
|
||||
mock_app = MagicMock()
|
||||
register_handlers(mock_app)
|
||||
assert mock_app.add_handler.call_count >= 9
|
||||
assert mock_app.add_handler.call_count >= 10
|
||||
assert mock_app.add_error_handler.call_count == 1
|
||||
|
||||
Reference in New Issue
Block a user