def is_accessible(self):
if current_user and current_user.is_authenticated:
self.can_delete = current_user.is_allowed('/admin/ : delete')
self.can_edit = current_user.is_allowed('/admin/ : edit')
self.can_create = current_user.is_allowed('/admin/ : create')
# print(self.endpoint)
# print(current_user.is_authenticated() and current_user.is_allowed("/admin/"))
return current_user.is_authenticated and current_user.is_allowed("/admin/%s"%self.endpoint)
def decorator_function(*args, **kwargs):
if not current_user.is_allowed(access_level):
flash('You do not have permission to view this page')
return redirect(url_for('auth.login'))
return f(*args, **kwargs)
def decorated(*args, **kwargs):
enabled = FEATURES[feature]["enabled"]
allowed = current_user.is_allowed(feature)
if enabled and allowed:
return view_function(*args, **kwargs)
return jsonify({
'success': False,
'message': 'You dont have permission to do this'
})
def decorated(*args, **kwargs):
enabled = FEATURES[feature]["enabled"]
allowed = current_user.is_allowed(feature)
if enabled and allowed:
return view_function(*args, **kwargs)
return jsonify({
'success': False,
'message': 'You dont have permission to do this'
})
def decorator(func, *args, **kwargs):
if current_user.is_allowed(permission):
# print(func, args, kwargs)
print("ACCESS GRANTED")
def wrapper(*args, **kwargs):
return func(*args, **kwargs)
return wrapper
else:
print("ACCESS DENIED")
raise AuthValidationError("User does not have permission")
def is_accessible(self):
return current_user.is_allowed(current_user.role.Permission.ADMINISTER)
def before_request() -> None:
"Function for what has to be done before a request"
if current_user.is_anonymous() or not current_user.is_allowed():
abort(401)
def before_request():
if current_user.is_anonymous() or not current_user.is_allowed():
abort(401)
def is_accessible(self):
return current_user.is_authenticated and current_user.is_allowed(
current_user.role.Permission.MODERATE)