Added a web_admin role

UW-Macrostrat · Oct 16, 2024 · 0caefd4 · 0caefd4
1 parent cbf0b77
commit 0caefd4
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 8 deletions.
diff --git a/.gitignore b/.gitignore
@@ -153,10 +153,7 @@ dmypy.json
 # Cython debug symbols
 cython_debug/
 
-# PyCharm
-#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
-#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
-#  and can be added to the global gitignore or merged into this file.  For a more nuclear
-#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
-#.idea/
+# PyCharm and IntelliJ files
+.idea/
+
 
diff --git a/api/routes/security.py b/api/routes/security.py
@@ -267,12 +267,19 @@ async def redirect_callback(code: str, state: Optional[str] = None):
                     user_data.get('email', '')
                 )
 
+            names = [group.name for group in user.groups]
+
+            # Check if the user is in the admin group to set the appropriate database role
+            role = "web_user"
+            if "admin" in names:
+                role = "web_admin"
+
             access_token = create_access_token(
                 data={
                     "sub": user.sub,
-                    "role": "web_user",  # For PostgREST
+                    "role": role,  # For PostgREST
                     "groups": [group.id for group in user.groups],
-                    "group_names": [group.name for group in user.groups]
+                    "group_names": names
                 }
             )