Python flask_principal.Permission() Examples
The following are 11
code examples of flask_principal.Permission().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
flask_principal
, or try the search function
.
.
Example #1
| Source File: decorators.py From flask-security with MIT License | 5 votes |
|
def roles_required(*roles):
"""Decorator which specifies that a user must have all the specified roles.
Example::
@app.route('/dashboard')
@roles_required('admin', 'editor')
def dashboard():
return 'Dashboard'
The current user must have both the `admin` role and `editor` role in order
to view the page.
:param roles: The required roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(RoleNeed(role)) for role in roles]
for perm in perms:
if not perm.can():
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(roles_required, list(roles))
return fn(*args, **kwargs)
return decorated_view
return wrapper
Example #2
| Source File: decorators.py From flask-security with MIT License | 5 votes |
|
def roles_accepted(*roles):
"""Decorator which specifies that a user must have at least one of the
specified roles. Example::
@app.route('/create_post')
@roles_accepted('editor', 'author')
def create_post():
return 'Create Post'
The current user must have either the `editor` role or `author` role in
order to view the page.
:param roles: The possible roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[RoleNeed(role) for role in roles])
if perm.can():
return fn(*args, **kwargs)
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(roles_accepted, list(roles))
return decorated_view
return wrapper
Example #3
| Source File: decorators.py From flask-security with MIT License | 5 votes |
|
def permissions_required(*fsperms):
"""Decorator which specifies that a user must have all the specified permissions.
Example::
@app.route('/dashboard')
@permissions_required('admin-write', 'editor-write')
def dashboard():
return 'Dashboard'
The current user must have BOTH permissions (via the roles it has)
to view the page.
N.B. Don't confuse these permissions with flask-principle Permission()!
:param fsperms: The required permissions.
.. versionadded:: 3.3.0
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(FsPermNeed(fsperm)) for fsperm in fsperms]
for perm in perms:
if not perm.can():
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(
permissions_required, list(fsperms)
)
return fn(*args, **kwargs)
return decorated_view
return wrapper
Example #4
| Source File: decorators.py From flask-security with MIT License | 5 votes |
|
def permissions_accepted(*fsperms):
"""Decorator which specifies that a user must have at least one of the
specified permissions. Example::
@app.route('/create_post')
@permissions_accepted('editor-write', 'author-wrote')
def create_post():
return 'Create Post'
The current user must have one of the permissions (via the roles it has)
to view the page.
N.B. Don't confuse these permissions with flask-principle Permission()!
:param fsperms: The possible permissions.
.. versionadded:: 3.3.0
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[FsPermNeed(fsperm) for fsperm in fsperms])
if perm.can():
return fn(*args, **kwargs)
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(permissions_accepted, list(fsperms))
return decorated_view
return wrapper
Example #5
| Source File: engine.py From Flask-Blogging with MIT License | 5 votes |
|
def blogger_permission(self):
if self._blogger_permission is None:
if self.config.get("BLOGGING_PERMISSIONS", False):
self._blogger_permission = Permission(RoleNeed(
self.config.get("BLOGGING_PERMISSIONNAME", "blogger")))
else:
self._blogger_permission = Permission()
return self._blogger_permission
Example #6
| Source File: roles_accepted.py From flask-unchained with MIT License | 5 votes |
|
def roles_accepted(*roles):
"""
Decorator which specifies that a user must have at least one of the
specified roles.
Aborts with HTTP: 403 if the user doesn't have at least one of the roles.
Example::
@app.route('/create_post')
@roles_accepted('ROLE_ADMIN', 'ROLE_EDITOR')
def create_post():
return 'Create Post'
The current user must have either the `ROLE_ADMIN` role or `ROLE_EDITOR`
role in order to view the page.
:param roles: The possible roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[RoleNeed(role) for role in roles])
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper
Example #7
| Source File: roles_required.py From flask-unchained with MIT License | 5 votes |
|
def roles_required(*roles):
"""
Decorator which specifies that a user must have all the specified roles.
Aborts with HTTP 403: Forbidden if the user doesn't have the required roles.
Example::
@app.route('/dashboard')
@roles_required('ROLE_ADMIN', 'ROLE_EDITOR')
def dashboard():
return 'Dashboard'
The current user must have both the `ROLE_ADMIN` and `ROLE_EDITOR` roles
in order to view the page.
:param roles: The required roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(RoleNeed(role)) for role in roles]
for perm in perms:
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper
Example #8
| Source File: decorators.py From flask-react-spa with MIT License | 5 votes |
|
def auth_required_same_user(*args, **kwargs):
"""Decorator for requiring an authenticated user to be the same as the
user in the URL parameters. By default the user url parameter name to
lookup is 'id', but this can be customized by passing an argument:
@auth_require_same_user('user_id')
@bp.route('/users/<int:user_id>/foo/<int:id>')
def get(user_id, id):
# do stuff
Any keyword arguments are passed along to the @auth_required decorator,
so roles can also be specified in the same was as it, eg:
@auth_required_same_user('user_id', role='ROLE_ADMIN')
Aborts with HTTP 403: Forbidden if the user-check fails
"""
auth_kwargs = {}
user_id_parameter_name = 'id'
if not was_decorated_without_parenthesis(args):
auth_kwargs = kwargs
if args and isinstance(args[0], str):
user_id_parameter_name = args[0]
def wrapper(fn):
@wraps(fn)
@auth_required(**auth_kwargs)
def decorated(*args, **kwargs):
try:
user_id = request.view_args[user_id_parameter_name]
except KeyError:
raise KeyError('Unable to find the user lookup parameter '
f'{user_id_parameter_name} in the url args')
if not Permission(UserNeed(user_id)).can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated
if was_decorated_without_parenthesis(args):
return wrapper(args[0])
return wrapper
Example #9
| Source File: decorators.py From flask-react-spa with MIT License | 5 votes |
|
def roles_required(*roles):
"""Decorator which specifies that a user must have all the specified roles.
Aborts with HTTP 403: Forbidden if the user doesn't have the required roles
Example::
@app.route('/dashboard')
@roles_required('ROLE_ADMIN', 'ROLE_EDITOR')
def dashboard():
return 'Dashboard'
The current user must have both the `ROLE_ADMIN` and `ROLE_EDITOR` roles
in order to view the page.
:param args: The required roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(RoleNeed(role)) for role in roles]
for perm in perms:
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper
Example #10
| Source File: decorators.py From flask-react-spa with MIT License | 5 votes |
|
def roles_accepted(*roles):
"""Decorator which specifies that a user must have at least one of the
specified roles.
Aborts with HTTP: 403 if the user doesn't have at least one of the roles
Example::
@app.route('/create_post')
@roles_accepted('ROLE_ADMIN', 'ROLE_EDITOR')
def create_post():
return 'Create Post'
The current user must have either the `ROLE_ADMIN` role or `ROLE_EDITOR`
role in order to view the page.
:param args: The possible roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[RoleNeed(role) for role in roles])
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper
Example #11
| Source File: auth_required_same_user.py From flask-unchained with MIT License | 4 votes |
|
def auth_required_same_user(*args, **kwargs):
"""
Decorator for requiring an authenticated user to be the same as the
user in the URL parameters. By default the user url parameter name to
lookup is ``id``, but this can be customized by passing an argument::
@auth_require_same_user('user_id')
@bp.route('/users/<int:user_id>/foo/<int:id>')
def get(user_id, id):
# do stuff
Any keyword arguments are passed along to the @auth_required decorator,
so roles can also be specified in the same was as it, eg::
@auth_required_same_user('user_id', role='ROLE_ADMIN')
Aborts with ``HTTP 403: Forbidden`` if the user-check fails.
"""
auth_kwargs = {}
user_id_parameter_name = 'id'
if not (args and callable(args[0])):
auth_kwargs = kwargs
if args and isinstance(args[0], str):
user_id_parameter_name = args[0]
def wrapper(fn):
@wraps(fn)
@auth_required(**auth_kwargs)
def decorated(*args, **kwargs):
try:
user_id = request.view_args[user_id_parameter_name]
except KeyError:
raise KeyError('Unable to find the user lookup parameter '
f'{user_id_parameter_name} in the url args')
if not Permission(UserNeed(user_id)).can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated
if args and callable(args[0]):
return wrapper(args[0])
return wrapper
