Home Explore Help
Sign In
root
/
mybeacon-backend
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Fix tunnels API authentication

Replace non-existent require_permission with get_current_superadmin
from app.api.deps. Backend now starts successfully.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
root 1 month ago
parent
cb84953e10
commit
17c188b723
1 changed files with 7 additions and 8 deletions
Split View Show Diff Stats
  1. 7 8
      backend/app/api/v1/superadmin/tunnels.py

+ 7 - 8
backend/app/api/v1/superadmin/tunnels.py
View File 

@@ -2,18 +2,18 @@
 
 Superadmin tunnel management API endpoints.
 
 """
 
 
-from typing import Optional
 
+from typing import Annotated, Optional
 
 
 from fastapi import APIRouter, Depends, HTTPException, status
 
 from sqlalchemy.ext.asyncio import AsyncSession
 
 from pydantic import BaseModel
 
+from sqlalchemy import select
 
 
+from app.api.deps import get_current_superadmin
 
 from app.core.database import get_db
 
-from app.core.permissions import require_permission
 
 from app.models.device import Device
 
 from app.models.user import User
 
 from app.services.tunnel_service import tunnel_service
 
-from sqlalchemy import select
 
 
 
 router = APIRouter(prefix="/tunnels", tags=["superadmin-tunnels"])
 
@@ -37,12 +37,11 @@ class TunnelStatusResponse(BaseModel):
 
 
 
 @router.post("/devices/{device_id}/{tunnel_type}")
 
-@require_permission("devices", "manage")
 
 async def enable_tunnel(
 
     device_id: int,
 
     tunnel_type: str,
 
-    current_user: User = Depends(require_permission("devices", "manage")),
 
-    db: AsyncSession = Depends(get_db)
 
+    db: Annotated[AsyncSession, Depends(get_db)],
 
+    current_user: Annotated[User, Depends(get_current_superadmin)]
 
 ) -> TunnelEnableResponse:
 
     """
 
     Enable SSH or Dashboard tunnel for device.
 
@@ -107,7 +106,7 @@ async def enable_tunnel(
 
 @router.get("/sessions/{session_uuid}/status")
 
 async def get_tunnel_status(
 
     session_uuid: str,
 
-    current_user: User = Depends(require_permission("devices", "view"))
 
+    current_user: Annotated[User, Depends(get_current_superadmin)]
 
 ) -> TunnelStatusResponse:
 
     """
 
     Poll tunnel session status.
 
@@ -157,7 +156,7 @@ async def get_tunnel_status(
 
 @router.post("/sessions/{session_uuid}/heartbeat")
 
 async def session_heartbeat(
 
     session_uuid: str,
 
-    current_user: User = Depends(require_permission("devices", "view"))
 
+    current_user: Annotated[User, Depends(get_current_superadmin)]
 
 ):
 
     """
 
     Browser sends heartbeat every 30 seconds to keep session alive.