def can(action, subject): current_user = _bouncer.get_current_user() ability = Ability(current_user) ability.authorization_method = _bouncer.get_authorization_method() ability.aliased_actions = _bouncer.alias_actions request._authorized = ability.can(action, subject) return request._authorized
def ensure(action, subject): current_user = current_app.bouncer.get_current_user() ability = Ability(current_user) ability.authorization_method = current_app.bouncer.get_authorization_method() ability.aliased_actions = current_app.bouncer.alias_actions if ability.cannot(action, subject): msg = "{} does not have {} access to {}".format(current_user, action, subject) raise Unauthorized(msg)
def ensure(action, subject): request._authorized = True current_user = _bouncer.get_current_user() ability = Ability(current_user) ability.authorization_method = _bouncer.get_authorization_method() ability.aliased_actions = _bouncer.alias_actions if ability.cannot(action, subject): msg = "{0} does not have {1} access to {2}".format(current_user, action, subject) raise Unauthorized(msg)
def ensure(action, subject): request._authorized = True current_user = _bouncer.get_current_user() ability = Ability(current_user) ability.authorization_method = _bouncer.get_authorization_method() ability.aliased_actions = _bouncer.alias_actions if ability.cannot(action, subject): msg = "{0} does not have {1} access to {2}".format( current_user, action, subject) raise Unauthorized(msg)