def decorated_view(*args, **kwargs):
login_disabled = os.getenv('LOGIN_DISABLED') == 'True'
user = User(current_user.get_id())
if (login_disabled or user.get_role() == Role.Writer):
log.debug(
f'User "{current_user.get_id()}" is authorised and has write permissions'
)
return func(*args, **kwargs)
else:
log.debug(
f'User "{current_user.get_id()}" does not have write permissions'
)
abort(403, "User is unauthorised to perform this action...")
def index():
user = User(current_user.get_id())
reader = (not login_disabled) and user.get_role() == Role.Reader
items = get_all_items(collection)
return render_template('index.html',
view_model=ViewModel(items, reader))