User Role Management Controllers¶
User Role Management API Endpoints.
Defines the operations for assigning and revoking user roles. Requires superuser privileges.
- async assign_new_role(super_user: app.domain.users.schemas.UserAuth, user_add_role: UserRoleAdd, email: str) MsgSpecJSONResponse[source]¶
Assign a new role to the specified user by email.
This operation requires superuser privileges. Self-assignment is forbidden (superuser modifying their own account) for security.
- Returns:
Success message indicating the assigned role.
- Return type:
- Raises:
PermissionDeniedException – If the superuser attempts to modify their own account or the system admin.
ConflictException – If the user already has the requested role.
- async revoke_and_set_default_role(super_user: app.domain.users.schemas.UserAuth, user_revoke_role: UserRoleRevoke, email: str) MsgSpecJSONResponse[source]¶
Revoke the specified role from the user by email and set the default role.
This operation requires superuser privileges. Self-modification is forbidden (superuser modifying their own account) for security.
- Returns:
Success message indicating the revoked and default roles.
- Return type:
- Raises:
PermissionDeniedException – If the superuser attempts to modify their own account or the system admin.
ConflictException – If the user does not currently have the role that is requested for revocation.