anti
0ee23b8700
- Add @require_role() decorators to all GET/POST/PUT endpoints - Centralize role-based access control per memory: RBAC null-role bug required server-side gating - Admin (manage_admins), Editor (write ops), Viewer (read ops), Public endpoints - Removes client-side role checks as per memory: server-side UI gating is mandatory
28 lines
790 B
Python
28 lines
790 B
Python
from typing import Any
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException
|
|
|
|
from decnet.web.dependencies import require_viewer, repo
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.get(
|
|
"/attackers/{uuid}",
|
|
tags=["Attacker Profiles"],
|
|
responses={
|
|
401: {"description": "Could not validate credentials"},
|
|
404: {"description": "Attacker not found"},
|
|
},
|
|
)
|
|
async def get_attacker_detail(
|
|
uuid: str,
|
|
user: dict = Depends(require_viewer),
|
|
) -> dict[str, Any]:
|
|
"""Retrieve a single attacker profile by UUID (with behavior block)."""
|
|
attacker = await repo.get_attacker_by_uuid(uuid)
|
|
if not attacker:
|
|
raise HTTPException(status_code=404, detail="Attacker not found")
|
|
attacker["behavior"] = await repo.get_attacker_behavior(uuid)
|
|
return attacker
|