def inner(*args, **kwargs): current_user = get_user() if bypass or current_app.config.get('PERMISSIONS_DISABLED') or (current_user.is_authenticated and current_user.isAdmin): return func(*args, **kwargs) user_abilities = [] if current_user.is_authenticated and current_user.hasAbility(ability): return func(*args, **kwargs) else: raise Forbidden("You do not have permission")
def user_can(ability, get_user=import_user, bypass=False): current_user = get_user() if bypass or current_app.config.get('PERMISSIONS_DISABLED') or (current_user.is_authenticated and current_user.isAdmin): return True user_abilities = [] if current_user.is_authenticated and current_user.hasAbility(ability): return True else: return False