La version 5 de Planète Casio. Regroupe le forum, les programmes, les tutoriel, les sprites et tous les autres outils développés par nos soins.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

39 lines
1.4 KiB

from functools import wraps
from flask import redirect, url_for, request, flash, abort
from flask_login import current_user
from flask_login.config import EXEMPT_METHODS
from app import app
def priv_required(*perms):
"""
Requires the user to be an authenticated member with privileges [perms].
Calls :attr:`LoginManager.unauthorized` if the user is not authenticated,
and a 403 if some of the privileges are missing.
Example:
@app.route('/admin')
@priv_required('access-admin-board')
def admin_board():
pass
It can be convenient to globally turn off authentication when unit testing.
Setting the `LOGIN_DISABLED` configuration variable to `True` will silence
this decorator.
"""
def decorated_view(func):
@wraps(func)
def wrapped(*args, **kwargs):
if request.method in EXEMPT_METHODS:
return func(*args, **kwargs)
elif app.config.get('LOGIN_DISABLED'):
return func(*args, **kwargs)
elif not current_user.is_authenticated:
return app.login_manager.unauthorized()
else:
for p in perms:
if not current_user.priv(p):
# TODO: Add error message and privilege name
abort(403)
return func(*args, **kwargs)
return wrapped
return decorated_view