La version 5 de Planète Casio. Regroupe le forum, les programmes, les tutoriel, les sprites et tous les autres outils développés par nos soins.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

priv_required.py 1.4KB

123456789101112131415161718192021222324252627282930313233343536373839
  1. from functools import wraps
  2. from flask import redirect, url_for, request, flash, abort
  3. from flask_login import current_user
  4. from flask_login.config import EXEMPT_METHODS
  5. from app import app
  6. def priv_required(*perms):
  7. """
  8. Requires the user to be an authenticated member with privileges [perms].
  9. Calls :attr:`LoginManager.unauthorized` if the user is not authenticated,
  10. and a 403 if some of the privileges are missing.
  11. Example:
  12. @app.route('/admin')
  13. @priv_required('access-admin-board')
  14. def admin_board():
  15. pass
  16. It can be convenient to globally turn off authentication when unit testing.
  17. Setting the `LOGIN_DISABLED` configuration variable to `True` will silence
  18. this decorator.
  19. """
  20. def decorated_view(func):
  21. @wraps(func)
  22. def wrapped(*args, **kwargs):
  23. if request.method in EXEMPT_METHODS:
  24. return func(*args, **kwargs)
  25. elif app.config.get('LOGIN_DISABLED'):
  26. return func(*args, **kwargs)
  27. elif not current_user.is_authenticated:
  28. return app.login_manager.unauthorized()
  29. else:
  30. for p in perms:
  31. if not current_user.priv(p):
  32. # TODO: Add error message and privilege name
  33. abort(403)
  34. return func(*args, **kwargs)
  35. return wrapped
  36. return decorated_view