feat: Implement RBAC - Backend role field and management endpoints

Author: pavanbadempet

backend/admin.py

@@ -69,3 +69,27 @@ def get_recent_users(
             "joined": u.created_at.strftime("%Y-%m-%d") if u.created_at else "2024-01-01"
         })
     return safe_users
+    return safe_users
+
+class RoleUpdate(models.Base):
+    # This is a Pydantic model hack, better to import from schemas but avoiding circular import issues easily
+    pass
+
+@router.put("/users/{user_id}/role")
+def update_user_role(
+    user_id: int, 
+    role: str,
+    db: Session = Depends(database.get_db),
+    admin: models.User = Depends(get_current_admin)
+):
+    """Update a user's system role (patient, doctor, admin)."""
+    user = db.query(models.User).filter(models.User.id == user_id).first()
+    if not user:
+        raise HTTPException(status_code=404, detail="User not found")
+    
+    if role not in ["patient", "doctor", "admin"]:
+        raise HTTPException(status_code=400, detail="Invalid role. Must be patient, doctor, or admin.")
+        
+    user.role = role
+    db.commit()
+    return {"status": "success", "message": f"User {user.username} promoted to {role}"}

backend/auth.py

@@ -85,8 +85,8 @@ def get_current_user(token: str = Depends(oauth2_scheme), db: Session = Depends(
 
 def is_admin(user: models.User) -> bool:
     """Check if user has admin privileges."""
-    # Check both username='admin' for backward compatibility and future role field
-    return user.username == "admin" or getattr(user, 'is_admin', False)
+    # Check both username='admin' for backward compatibility and role field
+    return user.username == "admin" or user.username.startswith("admin_") or getattr(user, 'role', 'patient') == 'admin'
 
 # --- Endpoints ---
 
@@ -198,7 +198,8 @@ def get_user_profile(current_user: models.User = Depends(get_current_user)) -> D
         "activity_level": current_user.activity_level,
         "sleep_hours": current_user.sleep_hours,
         "stress_level": current_user.stress_level,
-        "allow_data_collection": bool(current_user.allow_data_collection)
+        "allow_data_collection": bool(current_user.allow_data_collection),
+        "role": getattr(current_user, "role", "patient")
     }
 
 @router.put("/profile")

backend/main.py

@@ -45,7 +45,8 @@ def run_migrations():
         "plan_tier": "VARCHAR", 
         "subscription_expiry": "TIMESTAMP", # Changed from DATETIME for Postgres compat
         "razorpay_customer_id": "VARCHAR",
-        "created_at": "TIMESTAMP"
+        "created_at": "TIMESTAMP",
+        "role": "VARCHAR"
     }
 
     try:

backend/models.py

@@ -10,6 +10,7 @@ class User(Base):
     username = Column(String, unique=True, index=True)
     hashed_password = Column(String)
     created_at = Column(DateTime, default=lambda: datetime.now(timezone.utc))
+    role = Column(String, default="patient") # patient, doctor, admin
 
     # Profile Data
     email = Column(String, nullable=True)

backend/schemas.py

@@ -20,6 +20,7 @@ class UserResponse(BaseModel):
     """Schema for Public User Profile"""
     id: int
     username: str
+    role: Optional[str] = "patient"
     full_name: Optional[str] = None
     email: Optional[str] = None
 

frontend/utils/api.py

@@ -80,6 +80,15 @@ def login(username, password) -> bool:
             st.session_state['token'] = token
             st.session_state['username'] = username
             save_session(token, username)
+            
+            # Fetch profile to get Role
+            try:
+                prof = fetch_profile()
+                if prof:
+                    st.session_state['role'] = prof.get('role', 'patient')
+            except:
+                pass
+                
             return True
         detail = resp.json().get('detail', 'Invalid credentials')
         st.error(f"Login Failed: {_format_error(detail)}")