From 60c4fe2e239d8fef7726cac769711c8fcce789eb Mon Sep 17 00:00:00 2001 From: Fringg Date: Wed, 25 Feb 2026 04:42:32 +0300 Subject: [PATCH] feat: add granular user permissions (balance, subscription, promo_group, referral, send_offer) Split users:edit into fine-grained permissions for balance management, subscription actions, promo group editing, referral commission, and sending promo offers. --- app/cabinet/routes/admin_users.py | 12 ++++++------ app/services/permission_service.py | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/app/cabinet/routes/admin_users.py b/app/cabinet/routes/admin_users.py index 36e7d7fe..528e79fb 100644 --- a/app/cabinet/routes/admin_users.py +++ b/app/cabinet/routes/admin_users.py @@ -829,7 +829,7 @@ async def get_user_node_usage( async def update_user_balance( user_id: int, request: UpdateBalanceRequest, - admin: User = Depends(require_permission('users:edit')), + admin: User = Depends(require_permission('users:balance')), db: AsyncSession = Depends(get_cabinet_db), ): """ @@ -906,7 +906,7 @@ async def update_user_balance( async def update_user_subscription( user_id: int, request: UpdateSubscriptionRequest, - admin: User = Depends(require_permission('users:edit')), + admin: User = Depends(require_permission('users:subscription')), db: AsyncSession = Depends(get_cabinet_db), ): """ @@ -1490,7 +1490,7 @@ async def update_user_restrictions( async def update_user_promo_group( user_id: int, request: UpdatePromoGroupRequest, - admin: User = Depends(require_permission('users:edit')), + admin: User = Depends(require_permission('users:promo_group')), db: AsyncSession = Depends(get_cabinet_db), ): """Update user promo group.""" @@ -1545,7 +1545,7 @@ async def update_user_promo_group( async def update_user_referral_commission( user_id: int, request: UpdateReferralCommissionRequest, - admin: User = Depends(require_permission('users:edit')), + admin: User = Depends(require_permission('users:referral')), db: AsyncSession = Depends(get_cabinet_db), ): """Update user's individual referral commission percentage.""" @@ -1803,7 +1803,7 @@ async def full_delete_user( async def reset_user_trial( user_id: int, request: ResetTrialRequest = ResetTrialRequest(), - admin: User = Depends(require_permission('users:edit')), + admin: User = Depends(require_permission('users:subscription')), db: AsyncSession = Depends(get_cabinet_db), ): """ @@ -1874,7 +1874,7 @@ async def reset_user_trial( async def reset_user_subscription( user_id: int, request: ResetSubscriptionRequest = ResetSubscriptionRequest(), - admin: User = Depends(require_permission('users:edit')), + admin: User = Depends(require_permission('users:subscription')), db: AsyncSession = Depends(get_cabinet_db), ): """ diff --git a/app/services/permission_service.py b/app/services/permission_service.py index 13b0a34f..1d33bb11 100644 --- a/app/services/permission_service.py +++ b/app/services/permission_service.py @@ -41,7 +41,7 @@ def _is_legacy_admin(user: User) -> bool: # --------------------------------------------------------------------------- PERMISSION_REGISTRY: dict[str, list[str]] = { - 'users': ['read', 'edit', 'block', 'delete', 'sync'], + 'users': ['read', 'edit', 'block', 'delete', 'sync', 'promo_group', 'balance', 'subscription', 'send_offer', 'referral'], 'tickets': ['read', 'reply', 'close', 'settings'], 'stats': ['read', 'export'], 'broadcasts': ['read', 'create', 'edit', 'delete', 'send'],