Fix: Use @require_admin decorator instead of @require_auth

The @require_auth decorator doesn't exist - should use @require_admin for admin-only endpoints. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-17 03:52:55 -04:00 · 2026-01-17 03:52:55 -04:00 · c35512dee9
parent 2c2707679f
commit c35512dee9
1 changed files with 4 additions and 4 deletions
--- a/src/cmdforge/registry/app.py
+++ b/src/cmdforge/registry/app.py
@ -1357,7 +1357,7 @@ def create_app() -> Flask:
    # -------------------------------------------------------------------------

    @app.route("/api/v1/admin/collections", methods=["GET"])
-    @require_auth
+    @require_admin
    def admin_list_collections() -> Response:
        """List all collections with full details (admin)."""
        user = get_current_user()
@ -1389,7 +1389,7 @@ def create_app() -> Flask:
        return jsonify({"data": data})

    @app.route("/api/v1/admin/collections", methods=["POST"])
-    @require_auth
+    @require_admin
    def admin_create_collection() -> Response:
        """Create a new collection (admin)."""
        user = get_current_user()
@ -1453,7 +1453,7 @@ def create_app() -> Flask:
            return error_response("SERVER_ERROR", str(e), 500)

    @app.route("/api/v1/admin/collections/<name>", methods=["PUT"])
-    @require_auth
+    @require_admin
    def admin_update_collection(name: str) -> Response:
        """Update a collection (admin)."""
        user = get_current_user()
@ -1523,7 +1523,7 @@ def create_app() -> Flask:
            return error_response("SERVER_ERROR", str(e), 500)

    @app.route("/api/v1/admin/collections/<name>", methods=["DELETE"])
-    @require_auth
+    @require_admin
    def admin_delete_collection(name: str) -> Response:
        """Delete a collection (admin)."""
        user = get_current_user()