def user_has(ability, get_user=import_user):
"""
Takes an ability (a string name of either a role or an ability) and returns the function if the user has that ability
"""
def wrapper(func):
@wraps(func)
def inner(*args, **kwargs):
desired_ability = Ability.query.filter_by(
name=ability).first()
user_abilities = []
current_identity = get_user()
for group in current_identity._groups:
user_abilities += group.abilities
if desired_ability.id in user_abilities or current_identity.admin:
return func(*args, **kwargs)
else:
raise Forbidden("You do not have access")
return inner
return wrapper
评论列表
文章目录
