cardosofelipe/syndarix
1
0
Fork 0
forked from cardosofelipe/fast-next-template
Code Issues 18 Pull Requests Wiki Activity

Mark dead code in users API related to is_superuser checks with # pragma: no cover

Browse Source
This commit is contained in:
Felipe Cardoso
2025-11-01 15:54:58 +01:00
parent e2a8656f81
commit 189ad948ac
1 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
backend/app/api/routes/users.py
View File

@@ -146,9 +146,10 @@ async def update_current_user(
Users cannot elevate their own permissions (is_superuser). Users cannot elevate their own permissions (is_superuser).
""" """
# Prevent users from making themselves superuser # Prevent users from making themselves superuser
if getattr(user_update, 'is_superuser', None) is not None: # NOTE: UserUpdate schema doesn't include is_superuser, so this is dead code
logger.warning(f"User {current_user.id} attempted to modify is_superuser field") if getattr(user_update, 'is_superuser', None) is not None: # pragma: no cover
raise AuthorizationError( logger.warning(f"User {current_user.id} attempted to modify is_superuser field") # pragma: no cover
raise AuthorizationError( # pragma: no cover
message="Cannot modify superuser status", message="Cannot modify superuser status",
error_code=ErrorCode.INSUFFICIENT_PERMISSIONS error_code=ErrorCode.INSUFFICIENT_PERMISSIONS
) )
@@ -265,9 +266,10 @@ async def update_user(
) )
# Prevent non-superusers from modifying superuser status # Prevent non-superusers from modifying superuser status
if getattr(user_update, 'is_superuser', None) is not None and not current_user.is_superuser: # NOTE: UserUpdate schema doesn't include is_superuser, so this is dead code
logger.warning(f"User {current_user.id} attempted to modify is_superuser field") if getattr(user_update, 'is_superuser', None) is not None and not current_user.is_superuser: # pragma: no cover
raise AuthorizationError( logger.warning(f"User {current_user.id} attempted to modify is_superuser field") # pragma: no cover
raise AuthorizationError( # pragma: no cover
message="Cannot modify superuser status", message="Cannot modify superuser status",
error_code=ErrorCode.INSUFFICIENT_PERMISSIONS error_code=ErrorCode.INSUFFICIENT_PERMISSIONS
) )