hzhang/HangmanLab.Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add 'agent' API key role (content CRUD + backup)

Browse Source 
- ALLOWED_API_KEY_ROLES (+ apikey_cli ALLOWED_ROLES) gain 'agent'.
- 'agent' added to require_auth on markdown/patch/path create/update/
  delete/move and backup get/load. apikey mint, /backup/convert, logs,
  config, webhook and permission/template settings stay admin-only.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
h z
2026-05-17 15:06:17 +01:00
parent 9383f8cb03
commit b31480bf25
6 changed files with 18 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/backup.py
View File

@@ -346,7 +346,7 @@ def convert_backup_endpoint():
backup_lock = threading.Lock()
@backup_bp.route('/', methods=['GET'])
@require_auth(roles=['admin'])
@require_auth(roles=['admin', 'agent'])
def get_backup():
"""
Create a backup of the application's data.
@@ -558,7 +558,7 @@ def traverse(path_id, paths):
@backup_bp.route('/load', methods=['POST'])
@require_auth(roles=['admin'])
@require_auth(roles=['admin', 'agent'])
def load_backup():
"""
Restore data from a backup file.