aboutsummaryrefslogtreecommitdiffstats
path: root/backend/routes
diff options
context:
space:
mode:
Diffstat (limited to 'backend/routes')
-rw-r--r--backend/routes/admin.py41
1 files changed, 41 insertions, 0 deletions
diff --git a/backend/routes/admin.py b/backend/routes/admin.py
new file mode 100644
index 0000000..5254f8b
--- /dev/null
+++ b/backend/routes/admin.py
@@ -0,0 +1,41 @@
+"""
+Adds new admin user.
+"""
+from pydantic import BaseModel, Field
+from spectree import Response
+from starlette.authentication import requires
+from starlette.requests import Request
+from starlette.responses import JSONResponse
+
+from backend.route import Route
+from backend.validation import ErrorMessage, OkayResponse, api
+
+
+class AdminModel(BaseModel):
+ id: str = Field(alias="_id")
+
+
+class AdminRoute(Route):
+ """Adds new admin user."""
+
+ name = "admin"
+ path = "/admin"
+
+ @requires(["authenticated", "admin"])
+ @api.validate(
+ json=AdminModel,
+ resp=Response(HTTP_200=OkayResponse, HTTP_400=ErrorMessage),
+ tags=["admin"]
+ )
+ async def post(self, request: Request) -> JSONResponse:
+ """Grant a user administrator privileges."""
+ data = await request.json()
+ admin = AdminModel(**data)
+
+ if await request.state.db.admins.find_one(
+ {"_id": admin.id}
+ ):
+ return JSONResponse({"error": "already_exists"}, status_code=400)
+
+ await request.state.db.admins.insert_one(admin.dict(by_alias=True))
+ return JSONResponse({"status": "ok"})
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 17:40:34 +0000