diff --git a/docs/docs/tutorials/auth/resource_auth.md b/docs/docs/tutorials/auth/resource_auth.md index b233dc249..6e9583943 100644 --- a/docs/docs/tutorials/auth/resource_auth.md +++ b/docs/docs/tutorials/auth/resource_auth.md @@ -103,6 +103,10 @@ bob = get_client( headers={"Authorization": "Bearer user2-token"} ) +# Alice creates an assistant +alice_assistant = await alice.assistants.create() +print(f"✅ Alice created assistant: {alice_assistant['assistant_id']}") + # Alice creates a thread and chats alice_thread = await alice.threads.create() print(f"✅ Alice created thread: {alice_thread['thread_id']}") @@ -134,12 +138,12 @@ alice_threads = await alice.threads.list() bob_threads = await bob.threads.list() print(f"✅ Alice sees {len(alice_threads)} thread") print(f"✅ Bob sees {len(bob_threads)} thread") - ``` Run the test code and you should see output like this: ```bash +✅ Alice created assistant: fc50fb08-78da-45a9-93cc-1d3928a3fc37 ✅ Alice created thread: 533179b7-05bc-4d48-b47a-a83cbdb5781d ✅ Bob correctly denied access: Client error '404 Not Found' for url 'http://localhost:2024/threads/533179b7-05bc-4d48-b47a-a83cbdb5781d' For more information check: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/404 @@ -209,6 +213,18 @@ async def on_run_create( This ensures only thread owners can create runs on their threads. """ return {"owner": ctx.user.identity} + +@auth.on.assistants +async def on_assistants( + ctx: Auth.types.AuthContext, + value: Auth.types.on.assistants.value, +): + # For illustration purposes, we will deny all requests + # that touch the assistants resource + raise Auth.exceptions.HTTPException( + status_code=403, + detail="User lacks the required permissions.", + ) ``` Notice that instead of one global handler, we now have specific handlers for: @@ -237,6 +253,10 @@ try: print("❌ Alice shouldn't be able to search assistants!") except Exception as e: print("✅ Alice correctly denied access to searching assistants:", e) + +# Alice can still create threads +alice_thread = await alice.threads.create() +print(f"✅ Alice created thread: {alice_thread['thread_id']}") ``` And then run the test code again: