university-projects
/
university-final-iot-backend
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
university-final-iot-backend/app/api/permission_protection.py

33 lines
922 B
Python
Raw Normal View History

Remove code from api __init__.py into separate modules
2018-10-06 12:07:40 +00:00
from flask import g
from flask_restful import abort
from functools import wraps
Add list of possible permissions
2018-10-06 12:18:04 +00:00
valid_permissions = [
'CREATE_DEVICE_TYPE',
'CREATE_ROLE',
'ASSIGN_ROLE',
'CREATE_DEVICE',
'CREATE_DASHBOARD',
'READ_DEVICE_TYPES',
'READ_ROLES']
Remove code from api __init__.py into separate modules
2018-10-06 12:07:40 +00:00
def requires_permission(permission, action_name='Action'):
Add list of possible permissions
2018-10-06 12:18:04 +00:00
if permission not in valid_permissions:
raise ValueError('Permission ' + str(permission) + ' does not exist!')
Remove code from api __init__.py into separate modules
2018-10-06 12:07:40 +00:00
def requires_permission_decorator(func):
@wraps(func)
def permission_protected_function(*args, **kwargs):
if permission not in g.current_account.role.permissions:
abort(403,
message=(action_name+' is not allowed'),
status='error')
return func(*args, **kwargs)
return permission_protected_function
return requires_permission_decorator