passsword mod

app/apis/v1/route_user.py

@@ -91,7 +91,7 @@ def update_user(
     db: Session = Depends(get_db),
     current_user: User = Depends(get_current_user),
 ):
-    if current_user.Role != "Admin":
+    if current_user.Role != "Admin" or current_user.id != user_id:
         raise HTTPException(
             status_code=403, detail="You are not authorized to perform this action"
         )

app/db/repository/user.py

@@ -33,6 +33,7 @@ def create_new_driver(driver: DriverCreate, db: Session):
     print("Creating new driver" + str(driver))
     if get_user_by_email(driver.Email, db):
         return "userExists"
+
     driver_object = User(
         Email=driver.Email,
         Name=driver.Name,
@@ -124,7 +125,10 @@ def replace_user_data(user_id: int, user_data: UserCreate, db: Session):
     user.Address = user_data.Address
     user.ContactNumber = user_data.ContactNumber
     user.Role = user_data.Role
-    user.HashedPassword = Hasher.get_password_hash(user_data.Password)
+    if user_data.Password == "":
+        print("Password not changed")
+    else:
+        user.HashedPassword = Hasher.get_password_hash(user_data.Password)
     db.commit()
     db.refresh(user)
     return user