def _authenticate(self):
app = self.get_app()
assert app, "Please initialize your application into Flask-RBAC."
assert self._role_model, "Please set role model before authenticate."
assert self._user_model, "Please set user model before authenticate."
assert self._user_loader, "Please set user loader before authenticate."
current_user = self._user_loader()
if not isinstance(current_user, self._user_model):
raise TypeError("%s is not an instance of %s" %
(current_user, self._user_model.__class__))
endpoint = request.endpoint
resource = app.view_functions.get(endpoint, None)
if not resource:
abort(404)
method = request.method
if not hasattr(current_user, 'get_roles'):
roles = [anonymous]
else:
roles = current_user.get_roles()
permit = self._check_permission(roles, method, resource)
if not permit:
return self._deny_hook()
def home():
return render_template(
'current_user/profile.html',
user=current_user,
debug=bool(DEBUG),
unverified='unverified' in current_user.get_roles()
)
def _authenticate(self):
app = self.get_app()
assert app, "Please initialize your application into Flask-RBAC."
assert self._role_model, "Please set role model before authenticate."
assert self._user_model, "Please set user model before authenticate."
assert self._user_loader, "Please set user loader before authenticate."
current_user = self._user_loader()
if not isinstance(current_user, self._user_model):
raise TypeError(
"%s is not an instance of %s" %
(current_user, self._user_model.__class__))
endpoint = request.endpoint
resource = app.view_functions.get(endpoint, None)
if not resource:
abort(404)
method = request.method
if not hasattr(current_user, 'get_roles'):
roles = [anonymous]
else:
roles = current_user.get_roles()
permit = self._check_permission(roles, method, resource)
if not permit:
return self._deny_hook()
def wrapped(*args, **kwargs):
if not current_user.is_authenticated() or \
not any([True for role in current_user.get_roles() if role in
roles]):
return jsonify(success=False,
errors=["Not authorized: requires role " +
roles[0]])
return f(*args, **kwargs)
def wrapped(*args, **kwargs):
if not current_user.is_authenticated() or \
not any([True for role in current_user.get_roles() if role in
roles]):
flash(u'You are not authorized to view this page.',
'danger')
return redirect(url_for('users.login', next=request.path))
return f(*args, **kwargs)
def on_identity_loaded(sender, identity):
identity.user = current_user
if hasattr(current_user, "pk"):
identity.provides.add(UserNeed(current_user.get_id()))
if hasattr(current_user, "roles"):
for role in current_user.get_roles():
identity.provides.add(RoleNeed(role.name))
def on_identity_loaded(sender, identity):
identity.user = current_user
if current_user.is_anonymous():
return False
if hasattr(current_user, 'uid'):
identity.provides.add(UserNeed(current_user.uid))
if current_user.is_admin():
for role in ACTIVE_ROLES:
identity.provides.add(RoleNeed(role))
else:
groupPermissions = current_user.get_roles()
for permission in groupPermissions:
if permission in ACTIVE_ROLES:
identity.provides.add(RoleNeed(permission))
def run():
errors = []
json = request.get_json(force=True)
try:
position = Position.query.get(json['position_id'])
except DataError:
position = None
if position is None:
errors.append('Position does not exist.')
if not errors:
for j_ans in json['answers']:
question = Question.query.filter_by(prompt=j_ans['prompt']).first()
if question is None or 'response' not in j_ans.keys() \
or not j_ans['response']:
errors.append('Invalid response.')
continue
answer = Answer(question_id=question.id,
user_id=current_user.id,
position_id=position.id,
answer=j_ans['response'])
db.session.add(answer)
if not errors:
current_user.name = json['name']
current_user.year = json['year']
if not errors and len(current_user.positions) >= 2:
errors.append('You cannot run for more than 2 positions.')
if not errors and position.name == 'Branch President' and \
'officer' not in current_user.get_roles():
errors.append('You must be a current officer to run for President')
if not errors:
current_user.positions.append(position)
db.session.commit()
return jsonify(success=not errors, errors=errors)
def is_accessible(self):
return current_user.is_authenticated() \
and 'webmaster' in current_user.get_roles()
