anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
c603531fd2e3e9899c9d79da31095cff3e8e474e
DECNET/decnet/web/router/stats/api_get_stats.py
anti 0ee23b8700 refactor: enforce RBAC decorators on all API endpoints 
- Add @require_role() decorators to all GET/POST/PUT endpoints
- Centralize role-based access control per memory: RBAC null-role bug required server-side gating
- Admin (manage_admins), Editor (write ops), Viewer (read ops), Public endpoints
- Removes client-side role checks as per memory: server-side UI gating is mandatory
2026-04-15 12:51:05 -04:00

15 lines
502 B
Python
Raw Blame History

from typing import Any
from fastapi import APIRouter, Depends
from decnet.web.dependencies import require_viewer, repo
from decnet.web.db.models import StatsResponse
router = APIRouter()
@router.get("/stats", response_model=StatsResponse, tags=["Observability"],
responses={401: {"description": "Could not validate credentials"}, 422: {"description": "Validation error"}},)
async def get_stats(user: dict = Depends(require_viewer)) -> dict[str, Any]:
return await repo.get_stats_summary()
Reference in New Issue View Git Blame Copy Permalink