from functools import wraps
from flask import redirect, url_for, request, flash
from flask_login import current_user
from flask_login.config import EXEMPT_METHODS
from app import app
from config import V5Config

def priv_required(*perms):
    """
    If you decorate a view with this, it will ensure that the current user is
    authenticated and has required permissions before calling the actual view.
    (If they are not, it calls the :attr:`LoginManager.unauthorized` callback.)
    For example::

        @app.route('/admin')
        @priv_required('access-admin-board')
        def admin_board():
            pass

    It can be convenient to globally turn off authentication when unit testing.
    To enable this, if the application configuration variable `LOGIN_DISABLED`
    is set to `True`, this decorator will be ignored.
    """
    def decorated_view(func):
        @wraps(func)
        def wrapped(*args, **kwargs):
            if request.method in EXEMPT_METHODS:
                return func(*args, **kwargs)
            elif app.config.get('LOGIN_DISABLED'):
            #if app.config.get('LOGIN_DISABLED'):
                return func(*args, **kwargs)
            elif not current_user.is_authenticated:
                return app.login_manager.unauthorized()
            else:
                for p in perms:
                    if not current_user.priv(p):
                        flash(V5Config.UNAUTHORIZED_MSG, 'error')
                        return redirect(url_for('index'))
            return func(*args, **kwargs)
        return wrapped
    return decorated_view