def inner(*args, **kwargs):
current_user = get_user()
if bypass or current_app.config.get('PERMISSIONS_DISABLED') or (current_user.is_authenticated and current_user.isAdmin):
return func(*args, **kwargs)
user_abilities = []
if current_user.is_authenticated and current_user.hasAbility(ability):
return func(*args, **kwargs)
else:
raise Forbidden("You do not have permission")
def user_can(ability, get_user=import_user, bypass=False):
current_user = get_user()
if bypass or current_app.config.get('PERMISSIONS_DISABLED') or (current_user.is_authenticated and current_user.isAdmin):
return True
user_abilities = []
if current_user.is_authenticated and current_user.hasAbility(ability):
return True
else:
return False
