17 lines
564 B
Python
17 lines
564 B
Python
from functools import wraps
|
|
from flask import abort
|
|
from flask_login import current_user
|
|
|
|
def permission_required(permission):
|
|
def decorator(f):
|
|
@wraps(f)
|
|
def decorated_function(*args, **kwargs):
|
|
if not current_user.is_authenticated:
|
|
abort(403)
|
|
user_permissions = current_user.get_all_permissions()
|
|
if permission not in [p.name for p in user_permissions]:
|
|
abort(403)
|
|
return f(*args, **kwargs)
|
|
return decorated_function
|
|
return decorator
|