from functools import wraps
from flask import abort
from flask_login import current_user

def permission_required(permission):
    def decorator(f):
        @wraps(f)
        def decorated_function(*args, **kwargs):
            if not current_user.is_authenticated:
                abort(403)
            user_permissions = current_user.get_all_permissions()
            if permission not in [p.name for p in user_permissions]:
                abort(403)
            return f(*args, **kwargs)
        return decorated_function
    return decorator