librelist archives

« back to archive

multiple require for single route

multiple require for single route

From:
bibek chitrakar
Date:
2013-08-14 @ 13:36
I am using flask principal, the latest version Flask-Principal (0.4.0)
I have certain url route e.g. **gpsData, reports, entry** etc

individual route can be viewed by multiple user role
url------------Role
gpsData -- admin, reporter, client
reports -- admin, reporter
entry   -- admin, client, data_entry
e.g.

    @login_module.route('/gpsData')
    @admin.require()
    @reporter.require()
    @client.require()
    def gpsData():
        return "only admin, reporter and client can view"

    @login_module.route('/reports')
    @admin.require()
    @reporter.require()
    def reports():
        return "only admin and reporter can view"

    @identity_loaded.connect_via(app)
    def on_identity_loaded(sender, identity):
        #identity.provides.add(RoleNeed('report'))
        identity.provides.add(RoleNeed(identity.id))
Only one require at a time seems to works, like in this case the
"reporter.require" is only working. If logged in using admin id, it
genrates error.


Also in Template I just want to show urls that can be viewed by particular
user role only.




-- 
Regards,
Bibek Chitrakar

Re: [flask] multiple require for single route

From:
Nathan Kleekamp
Date:
2013-08-14 @ 14:27
You might take a look at this answer on SO:

http://stackoverflow.com/questions/16712321/unit-testing-a-flask-principal-application.
See the 'roles_accepted' decorator.


On Wed, Aug 14, 2013 at 9:36 AM, bibek chitrakar
<bibek.chitrakar@gmail.com>wrote:

> I am using flask principal, the latest version Flask-Principal (0.4.0)
> I have certain url route e.g. **gpsData, reports, entry** etc
>
> individual route can be viewed by multiple user role
> url------------Role
> gpsData -- admin, reporter, client
> reports -- admin, reporter
> entry   -- admin, client, data_entry
> e.g.
>
>     @login_module.route('/gpsData')
>     @admin.require()
>     @reporter.require()
>     @client.require()
>     def gpsData():
>         return "only admin, reporter and client can view"
>
>     @login_module.route('/reports')
>     @admin.require()
>     @reporter.require()
>     def reports():
>         return "only admin and reporter can view"
>
>     @identity_loaded.connect_via(app)
>     def on_identity_loaded(sender, identity):
>         #identity.provides.add(RoleNeed('report'))
>         identity.provides.add(RoleNeed(identity.id))
> Only one require at a time seems to works, like in this case the
> "reporter.require" is only working. If logged in using admin id, it
> genrates error.
>
>
> Also in Template I just want to show urls that can be viewed by particular
> user role only.
>
>
>
>
> --
> Regards,
> Bibek Chitrakar
>