feat: Implement user validation and ownership checks for image, reward, and task APIs
All checks were successful
Gitea Actions Demo / build-and-push (push) Successful in 36s
All checks were successful
Gitea Actions Demo / build-and-push (push) Successful in 36s
- Added `get_validated_user_id` utility function to validate user authentication across multiple APIs. - Updated image upload, request, and listing endpoints to ensure user ownership and proper error handling. - Enhanced reward management endpoints to include user validation and ownership checks. - Modified task management endpoints to enforce user authentication and ownership verification. - Updated models to include `user_id` for images, rewards, tasks, and children to track ownership. - Implemented frontend changes to ensure UI reflects the ownership of tasks and rewards. - Added a new feature specification to prevent deletion of system tasks and rewards.
This commit is contained in:
@@ -2,12 +2,14 @@
|
||||
from dataclasses import dataclass
|
||||
from models.base import BaseModel
|
||||
|
||||
|
||||
@dataclass
|
||||
class Image(BaseModel):
|
||||
type: int
|
||||
extension: str
|
||||
permanent: bool = False
|
||||
user: str | None = None
|
||||
user_id: str | None = None
|
||||
|
||||
|
||||
@classmethod
|
||||
def from_dict(cls, d: dict):
|
||||
@@ -19,7 +21,7 @@ class Image(BaseModel):
|
||||
id=d.get('id'),
|
||||
created_at=d.get('created_at'),
|
||||
updated_at=d.get('updated_at'),
|
||||
user=d.get('user')
|
||||
user_id=d.get('user_id') if 'user_id' in d else d.get('user')
|
||||
)
|
||||
|
||||
def to_dict(self):
|
||||
@@ -28,6 +30,6 @@ class Image(BaseModel):
|
||||
'type': self.type,
|
||||
'permanent': self.permanent,
|
||||
'extension': self.extension,
|
||||
'user': self.user
|
||||
'user_id': self.user_id
|
||||
})
|
||||
return base
|
||||
|
||||
Reference in New Issue
Block a user