def users_get():
if not PermissionCache.user_has_permissions(session['current_user']['id'], ['View Users'], g.uow) and \
not PermissionCache.user_has_permissions(session['current_user']['id'], ['Manage Users'], g.uow):
return ""
query_parameters = QueryParameters(parseqs.parse(request.query_string))
query_result = g.uow.users.get_all(query_parameters)
return jsonify(query_result.to_dict())
def wrapped(*args, **kwargs):
current_user = session['current_user']
if not PermissionCache.user_has_permissions(current_user['id'], permissions, g.uow):
abort(403)
return
return f(*args, **kwargs)
