本文整理汇总了Python中flask_login.current_user.is_admin方法的典型用法代码示例。如果您正苦于以下问题:Python current_user.is_admin方法的具体用法?Python current_user.is_admin怎么用?Python current_user.is_admin使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类flask_login.current_user
的用法示例。
在下文中一共展示了current_user.is_admin方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: register
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def register():
"""
Register new user.
"""
form = RegisterForm(request.form)
if form.validate_on_submit():
user_cnt = db.session.query(User).count()
u = User.create(
username=form.username.data,
email=form.email.data,
password=form.password.data,
first_name=form.first_name.data,
last_name=form.last_name.data,
active=True,
is_admin=True if user_cnt == 0 else False,
)
flash("Thanks for registering! You're now logged in.", "success")
login_user(u)
return redirect(url_for("public.home"))
else:
flash_errors(form)
return render_template("public/register.html", form=form)
示例2: project_edit
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def project_edit(project_id):
project = Project.query.filter_by(id=project_id).first_or_404()
event = project.event
starred = IsProjectStarred(project, current_user)
allow_edit = starred or (not current_user.is_anonymous and current_user.is_admin)
if not allow_edit:
flash('You do not have access to edit this project.', 'warning')
return project_action(project_id, None)
form = ProjectForm(obj=project, next=request.args.get('next'))
form.category_id.choices = [(c.id, c.name) for c in project.categories_all()]
form.category_id.choices.insert(0, (-1, ''))
if form.validate_on_submit():
del form.id
form.populate_obj(project)
project.update()
db.session.add(project)
db.session.commit()
cache.clear()
flash('Project updated.', 'success')
project_action(project_id, 'update', False)
return redirect(url_for('public.project', project_id=project.id))
return render_template('public/projectedit.html', current_event=event, project=project, form=form)
示例3: project_post
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def project_post(project_id):
project = Project.query.filter_by(id=project_id).first_or_404()
event = project.event
starred = IsProjectStarred(project, current_user)
allow_edit = starred or (not current_user.is_anonymous and current_user.is_admin)
if not allow_edit:
flash('You do not have access to edit this project.', 'warning')
return project_action(project_id, None)
form = ProjectPost(obj=project, next=request.args.get('next'))
form.progress.choices = projectProgressList(event.has_started or event.has_finished)
if not form.note.data:
form.note.data = "---\n`%s` " % datetime.utcnow().strftime("%d.%m.%Y %H:%M")
if form.validate_on_submit():
del form.id
form.populate_obj(project)
project.longtext += "\n\n" + form.note.data
project.update()
db.session.add(project)
db.session.commit()
cache.clear()
flash('Project updated.', 'success')
project_action(project_id, 'update', False)
return redirect(url_for('public.project', project_id=project.id))
return render_template('public/projectpost.html', current_event=event, project=project, form=form)
示例4: project_action
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def project_action(project_id, of_type, as_view=True, then_redirect=False):
project = Project.query.filter_by(id=project_id).first_or_404()
event = project.event
if of_type is not None:
ProjectActivity(project, of_type, current_user)
if not as_view:
return True
starred = IsProjectStarred(project, current_user)
allow_edit = starred or (not current_user.is_anonymous and current_user.is_admin)
allow_edit = allow_edit and not event.lock_editing
project_stars = GetProjectTeam(project)
latest_activity = project.latest_activity()
if then_redirect:
return redirect(url_for('public.project', project_id=project.id))
return render_template('public/project.html', current_event=event, project=project,
project_starred=starred, project_stars=project_stars,
allow_edit=allow_edit, latest_activity=latest_activity)
示例5: monitor_requests
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def monitor_requests(function):
@wraps(function)
def decorated_function(*args, **kwargs):
if not current_user.is_authenticated:
client_address = request.environ.get(
"HTTP_X_FORWARDED_FOR", request.environ["REMOTE_ADDR"]
)
app.log(
"warning",
(
f"Unauthorized {request.method} request from "
f"'{client_address}' calling the endpoint '{request.url}'"
),
)
return redirect(url_for("blueprint.route", page="login"))
else:
if (
not current_user.is_admin
and request.method == "GET"
and request.path not in current_user.get_requests
):
return render_template("error.html", error=403), 403
return function(*args, **kwargs)
return decorated_function
示例6: configure_authentication
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def configure_authentication(self):
@self.auth.verify_password
def verify_password(username, password):
user = app.authenticate_user(name=username, password=password)
if user:
request_type = f"{request.method.lower()}_requests"
endpoint = "/".join(request.path.split("/")[:3])
authorized_endpoint = endpoint in getattr(user, request_type)
if user.is_admin or authorized_endpoint:
login_user(user)
return True
g.status = 403
else:
g.status = 401
@self.auth.get_password
def get_password(username):
return getattr(db.fetch("user", name=username), "password", False)
@self.auth.error_handler
def unauthorized():
message = f"{'Wrong' if g.status == 401 else 'Insufficient'} credentials"
return make_response(jsonify({"message": message}), g.status)
示例7: create_user
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def create_user():
form = UserCreateForm()
if not form.validate_on_submit():
abort(400)
if User.get(form.username.data) is not None:
flash({
"class": "danger",
"text": lazy_gettext("A user with this name already exists")
})
return redirect(url_for("admin.index"))
else:
user = User(
form.username.data, form.password.data, form.can_visit.data,
form.can_edit.data, form.is_admin.data, False
)
db.session.add(user)
db.session.commit()
flash({
"class": "success",
"text": lazy_gettext("The new user has been created successfully.")
})
return redirect(url_for("admin.index"))
示例8: activate_case
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def activate_case(store, institute_obj, case_obj, current_user):
""" Activate case when visited for the first time.
Args:
store(adapter.MongoAdapter)
institute_obj(dict) a scout institutet object
case_obj(dict) a scout case object
current_user(UserMixin): a scout user
"""
# update status of case if visited for the first time
if case_obj["status"] == "inactive" and not current_user.is_admin:
flash("You just activated this case!", "info")
user_obj = store.user(current_user.email)
case_link = url_for(
"cases.case", institute_id=institute_obj["_id"], case_name=case_obj["display_name"],
)
store.update_status(institute_obj, case_obj, user_obj, "active", case_link)
示例9: get
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def get(self, user, key=None):
if key is None:
restful.abort(405)
try:
bid = decode_id(key)
except (ValueError, TypeError):
restful.abort(404)
backup = self.model.query.filter_by(id=bid).first()
if not backup:
if user.is_admin:
return restful.abort(404)
return restful.abort(403)
if not self.model.can(backup, user, 'view'):
return restful.abort(403)
backup.group = [models.User.get_by_id(uid) for uid in backup.owners()]
return backup
示例10: is_oauth_client_owner
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def is_oauth_client_owner(oauth_client_id_arg):
""" A decorator for OAuth client management routes to ensure the user owns
the OAuth client or is an admin."""
def decorator(func):
@wraps(func)
def wrapper(*args, **kwargs):
if current_user.is_authenticated:
if current_user.is_admin:
return func(*args, **kwargs)
oauth_client_id = kwargs[oauth_client_id_arg]
clients = Client.query.filter_by(user_id=current_user.id)
if clients.count() > 0:
if oauth_client_id in [c.client_id for c in clients]:
return func(*args, **kwargs)
flash("You do not have access to this OAuth client", "warning")
return redirect(url_for("admin.clients"))
return login_required(wrapper)
return decorator
示例11: clients
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def clients():
courses, current_course = get_courses()
clients = Client.query.order_by(Client.active).all()
my_clients = [client for client in clients if client.user_id == current_user.id]
form = forms.ClientForm(client_secret=utils.generate_secret_key())
if form.validate_on_submit():
client = Client(
user=current_user,
active=True if current_user.is_admin else False)
form.populate_obj(client)
db.session.add(client)
db.session.commit()
flash('OAuth client "{}" added'.format(client.name), "success")
return redirect(url_for(".clients"))
return render_template('staff/clients.html',
clients=clients,
my_clients=my_clients,
form=form,
courses=courses)
示例12: authorized_access_only
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def authorized_access_only(dataset=None):
''' Decorates views that require authentication if the department is not public
'''
def check_authorized(view_function):
@wraps(view_function)
def decorated_function(*args, **kwargs):
try:
department = Department.query.filter_by(short_name=kwargs["short_name"].upper()).first()
except KeyError:
department = Department.query.filter_by(id=kwargs["department_id"]).first()
# check whether the current dataset is public
dataset_is_public = True
if dataset:
try:
dataset_is_public = getattr(department, "is_public_{}".format(dataset))
except ValueError:
dataset_is_public = True
# check whether the user has access to this department
if current_user.is_authenticated():
user_has_dept_access = current_user.has_department(department.id) or current_user.is_admin()
else:
user_has_dept_access = False
# abort with a 403 Forbidden if the department or dataset's not public and the user's not authorized to access it
if (not department.is_public or not dataset_is_public) and (not current_user.is_authenticated() or not user_has_dept_access):
abort(403)
return view_function(*args, **kwargs)
return decorated_function
return check_authorized
示例13: admin_or_department_required
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def admin_or_department_required():
'''
Reads department from current_user and checks whether the user
has access to that department or is an admin
'''
def check_department(view_function):
@wraps(view_function)
def decorated_function(*args, **kwargs):
if current_user.has_department(kwargs["department_id"]) or current_user.is_admin():
return view_function(*args, **kwargs)
flash('You do not have sufficient permissions to do that', 'alert alert-danger')
return redirect(request.args.get('next') or '/')
return decorated_function
return check_department
示例14: index
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def index(self):
if not current_user.is_authenticated or not current_user.is_admin:
return redirect(url_for("auth.login", next=request.url))
return super(SLAdminIndexView, self).index()
示例15: manage_users
# 需要导入模块: from flask_login import current_user [as 别名]
# 或者: from flask_login.current_user import is_admin [as 别名]
def manage_users():
if not current_user.is_admin:
abort(403)
else:
users_data = db.session.query(User).all()
form = AdminForm()
return render_template(
"users/manage_users.html", users_data=users_data, form=form
)