async def update_user(user_id: str,
user_form: UserForm,
current_user: User = Depends(get_current_user)):
if not current_user.superuser and user_id != current_user.user_id:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN,
detail='Insufficient rights to resource')
user = models.update_user(user_id, **user_form.dict())
if not user:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND,
detail='User not found')
return user
