From 68cfccedee96fac055ed4da9398cc02e946bd2e9 Mon Sep 17 00:00:00 2001
From: "Timothy J. Baek" <timothyjrbeck@gmail.com>
Date: Wed, 1 May 2024 19:59:05 -0700
Subject: [PATCH] feat: super-admin (first one to signup)

---
 backend/apps/web/models/users.py  | 7 +++++++
 backend/apps/web/routers/users.py | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/backend/apps/web/models/users.py b/backend/apps/web/models/users.py
index 1a127a778..450dd9187 100644
--- a/backend/apps/web/models/users.py
+++ b/backend/apps/web/models/users.py
@@ -123,6 +123,13 @@ class UsersTable:
     def get_num_users(self) -> Optional[int]:
         return User.select().count()
 
+    def get_first_user(self) -> UserModel:
+        try:
+            user = User.select().order_by(User.created_at).first()
+            return UserModel(**model_to_dict(user))
+        except:
+            return None
+
     def update_user_role_by_id(self, id: str, role: str) -> Optional[UserModel]:
         try:
             query = User.update(role=role).where(User.id == id)
diff --git a/backend/apps/web/routers/users.py b/backend/apps/web/routers/users.py
index 6f1020ec7..59f6c21b7 100644
--- a/backend/apps/web/routers/users.py
+++ b/backend/apps/web/routers/users.py
@@ -58,7 +58,7 @@ async def update_user_permissions(
 @router.post("/update/role", response_model=Optional[UserModel])
 async def update_user_role(form_data: UserRoleUpdateForm, user=Depends(get_admin_user)):
 
-    if user.id != form_data.id:
+    if user.id != form_data.id and form_data.id != Users.get_first_user().id:
         return Users.update_user_role_by_id(form_data.id, form_data.role)
 
     raise HTTPException(