backend/app/services/admin_access.py

"""Access control helpers for actor-type checks."""

from __future__ import annotations

from typing import TYPE_CHECKING

from fastapi import HTTPException, status

if TYPE_CHECKING:
    from app.core.auth import AuthContext


def require_user_actor(auth: AuthContext) -> None:
    """Raise HTTP 403 unless the authenticated actor is a human user (not an agent).

    NOTE: This is an actor-type check, NOT a privilege/role check.
    For admin privilege enforcement, use ``require_org_admin`` (organization-level)
    or check ``user.is_super_admin`` (global-level).
    """
    if auth.actor_type != "user" or auth.user is None:
        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)
security: rename misleading require_admin to require_user_actor The function only checked that the caller was an authenticated user (not an agent) but its name implied privilege enforcement. Rename to require_user_actor and add docstring clarifying the distinction between actor-type checks and privilege/role checks (require_org_admin, is_super_admin). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-03 13:31:07 -07:00			`"""Access control helpers for actor-type checks."""`
refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30
feat: add boards and tasks management endpoints 2026-02-04 02:28:51 +05:30			`from __future__ import annotations`

refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`from typing import TYPE_CHECKING`

feat: add boards and tasks management endpoints 2026-02-04 02:28:51 +05:30			`from fastapi import HTTPException, status`

refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`if TYPE_CHECKING:`
			`from app.core.auth import AuthContext`
feat: add boards and tasks management endpoints 2026-02-04 02:28:51 +05:30

security: rename misleading require_admin to require_user_actor The function only checked that the caller was an authenticated user (not an agent) but its name implied privilege enforcement. Rename to require_user_actor and add docstring clarifying the distinction between actor-type checks and privilege/role checks (require_org_admin, is_super_admin). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-03 13:31:07 -07:00			`def require_user_actor(auth: AuthContext) -> None:`
			`"""Raise HTTP 403 unless the authenticated actor is a human user (not an agent).`

			`NOTE: This is an actor-type check, NOT a privilege/role check.`
			For admin privilege enforcement, use ``require_org_admin`` (organization-level)
			or check ``user.is_super_admin`` (global-level).
			`"""`
feat: add boards and tasks management endpoints 2026-02-04 02:28:51 +05:30			`if auth.actor_type != "user" or auth.user is None:`
			`raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)`