OA/APP/decorators.py

17 lines
564 B
Python
Raw Normal View History

2024-10-14 14:12:37 +08:00
from functools import wraps
from flask import abort
from flask_login import current_user
def permission_required(permission):
def decorator(f):
@wraps(f)
def decorated_function(*args, **kwargs):
if not current_user.is_authenticated:
abort(403)
user_permissions = current_user.get_all_permissions()
if permission not in [p.name for p in user_permissions]:
abort(403)
return f(*args, **kwargs)
return decorated_function
return decorator