def decorated(*args, **kwargs):
user_role_repo = UserRoleRepo()
permission_repo = PermissionRepo()
user_id = Auth.user('sub')
user_role = user_role_repo.find_first(**{'user_id': user_id})
if not user_id:
return make_response(jsonify({'msg': 'Missing user ID in token'})), 400
if not user_role:
return make_response(jsonify({'msg': 'Access Error - No Role Granted'})), 400
user_perms = permission_repo.get_unpaginated(**{'role_id': user_role.role_id})
perms = [perm.name for perm in user_perms]
if len(perms) == 0:
return make_response(jsonify({'msg': 'Access Error - No Permission Granted'})), 400
if permission not in perms:
return make_response(jsonify({'msg': 'Access Error - Permission Denied'})), 400
return f(*args, **kwargs)
def decorated(*args, **kwargs):
user_role_repo = UserRoleRepo()
role_repo = RoleRepo()
user_id = Auth.user('id')
user_role = user_role_repo.find_first(**{'user_id': user_id})
if not user_id:
return make_response(
jsonify({'msg': 'Missing User ID in token'})), 401
if not user_role:
return make_response(
jsonify({'msg':
'Access Error - No Role Granted'})), 401
if role_repo.get(user_role.role_id).name != role:
return make_response(
jsonify({
'msg':
'Access Error - This role does not have the access rights'
})), 401
return f(*args, **kwargs)