|
|
@@ -91,7 +91,7 @@ def update_user( |
|
|
|
db: Session = Depends(get_db), |
|
|
|
current_user: User = Depends(get_current_user), |
|
|
|
): |
|
|
|
if current_user.Role != "Admin" or current_user.id != user_id: |
|
|
|
if current_user.Role != "Admin" and current_user.id != user_id: |
|
|
|
print(current_user.Role, current_user.id, user_id) |
|
|
|
raise HTTPException( |
|
|
|
status_code=403, detail="You are not authorized to perform this action" |
|
|
|