本文整理汇总了Python中flask_principal.Permission方法的典型用法代码示例。如果您正苦于以下问题:Python flask_principal.Permission方法的具体用法?Python flask_principal.Permission怎么用?Python flask_principal.Permission使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类flask_principal的用法示例。
在下文中一共展示了flask_principal.Permission方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: roles_required
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def roles_required(*roles):
"""Decorator which specifies that a user must have all the specified roles.
Example::
@app.route('/dashboard')
@roles_required('admin', 'editor')
def dashboard():
return 'Dashboard'
The current user must have both the `admin` role and `editor` role in order
to view the page.
:param roles: The required roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(RoleNeed(role)) for role in roles]
for perm in perms:
if not perm.can():
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(roles_required, list(roles))
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例2: roles_accepted
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def roles_accepted(*roles):
"""Decorator which specifies that a user must have at least one of the
specified roles. Example::
@app.route('/create_post')
@roles_accepted('editor', 'author')
def create_post():
return 'Create Post'
The current user must have either the `editor` role or `author` role in
order to view the page.
:param roles: The possible roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[RoleNeed(role) for role in roles])
if perm.can():
return fn(*args, **kwargs)
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(roles_accepted, list(roles))
return decorated_view
return wrapper 示例3: permissions_required
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def permissions_required(*fsperms):
"""Decorator which specifies that a user must have all the specified permissions.
Example::
@app.route('/dashboard')
@permissions_required('admin-write', 'editor-write')
def dashboard():
return 'Dashboard'
The current user must have BOTH permissions (via the roles it has)
to view the page.
N.B. Don't confuse these permissions with flask-principle Permission()!
:param fsperms: The required permissions.
.. versionadded:: 3.3.0
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(FsPermNeed(fsperm)) for fsperm in fsperms]
for perm in perms:
if not perm.can():
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(
permissions_required, list(fsperms)
)
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例4: permissions_accepted
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def permissions_accepted(*fsperms):
"""Decorator which specifies that a user must have at least one of the
specified permissions. Example::
@app.route('/create_post')
@permissions_accepted('editor-write', 'author-wrote')
def create_post():
return 'Create Post'
The current user must have one of the permissions (via the roles it has)
to view the page.
N.B. Don't confuse these permissions with flask-principle Permission()!
:param fsperms: The possible permissions.
.. versionadded:: 3.3.0
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[FsPermNeed(fsperm) for fsperm in fsperms])
if perm.can():
return fn(*args, **kwargs)
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(permissions_accepted, list(fsperms))
return decorated_view
return wrapper 示例5: blogger_permission
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def blogger_permission(self):
if self._blogger_permission is None:
if self.config.get("BLOGGING_PERMISSIONS", False):
self._blogger_permission = Permission(RoleNeed(
self.config.get("BLOGGING_PERMISSIONNAME", "blogger")))
else:
self._blogger_permission = Permission()
return self._blogger_permission 示例6: roles_accepted
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def roles_accepted(*roles):
"""
Decorator which specifies that a user must have at least one of the
specified roles.
Aborts with HTTP: 403 if the user doesn't have at least one of the roles.
Example::
@app.route('/create_post')
@roles_accepted('ROLE_ADMIN', 'ROLE_EDITOR')
def create_post():
return 'Create Post'
The current user must have either the `ROLE_ADMIN` role or `ROLE_EDITOR`
role in order to view the page.
:param roles: The possible roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[RoleNeed(role) for role in roles])
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例7: roles_required
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def roles_required(*roles):
"""
Decorator which specifies that a user must have all the specified roles.
Aborts with HTTP 403: Forbidden if the user doesn't have the required roles.
Example::
@app.route('/dashboard')
@roles_required('ROLE_ADMIN', 'ROLE_EDITOR')
def dashboard():
return 'Dashboard'
The current user must have both the `ROLE_ADMIN` and `ROLE_EDITOR` roles
in order to view the page.
:param roles: The required roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(RoleNeed(role)) for role in roles]
for perm in perms:
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例8: auth_required_same_user
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def auth_required_same_user(*args, **kwargs):
"""Decorator for requiring an authenticated user to be the same as the
user in the URL parameters. By default the user url parameter name to
lookup is 'id', but this can be customized by passing an argument:
@auth_require_same_user('user_id')
@bp.route('/users/<int:user_id>/foo/<int:id>')
def get(user_id, id):
# do stuff
Any keyword arguments are passed along to the @auth_required decorator,
so roles can also be specified in the same was as it, eg:
@auth_required_same_user('user_id', role='ROLE_ADMIN')
Aborts with HTTP 403: Forbidden if the user-check fails
"""
auth_kwargs = {}
user_id_parameter_name = 'id'
if not was_decorated_without_parenthesis(args):
auth_kwargs = kwargs
if args and isinstance(args[0], str):
user_id_parameter_name = args[0]
def wrapper(fn):
@wraps(fn)
@auth_required(**auth_kwargs)
def decorated(*args, **kwargs):
try:
user_id = request.view_args[user_id_parameter_name]
except KeyError:
raise KeyError('Unable to find the user lookup parameter '
f'{user_id_parameter_name} in the url args')
if not Permission(UserNeed(user_id)).can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated
if was_decorated_without_parenthesis(args):
return wrapper(args[0])
return wrapper 示例9: roles_required
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def roles_required(*roles):
"""Decorator which specifies that a user must have all the specified roles.
Aborts with HTTP 403: Forbidden if the user doesn't have the required roles
Example::
@app.route('/dashboard')
@roles_required('ROLE_ADMIN', 'ROLE_EDITOR')
def dashboard():
return 'Dashboard'
The current user must have both the `ROLE_ADMIN` and `ROLE_EDITOR` roles
in order to view the page.
:param args: The required roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(RoleNeed(role)) for role in roles]
for perm in perms:
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例10: roles_accepted
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def roles_accepted(*roles):
"""Decorator which specifies that a user must have at least one of the
specified roles.
Aborts with HTTP: 403 if the user doesn't have at least one of the roles
Example::
@app.route('/create_post')
@roles_accepted('ROLE_ADMIN', 'ROLE_EDITOR')
def create_post():
return 'Create Post'
The current user must have either the `ROLE_ADMIN` role or `ROLE_EDITOR`
role in order to view the page.
:param args: The possible roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[RoleNeed(role) for role in roles])
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例11: auth_required_same_user
# 需要导入模块: import flask_principal [as 别名]
# 或者: from flask_principal import Permission [as 别名]
def auth_required_same_user(*args, **kwargs):
"""
Decorator for requiring an authenticated user to be the same as the
user in the URL parameters. By default the user url parameter name to
lookup is ``id``, but this can be customized by passing an argument::
@auth_require_same_user('user_id')
@bp.route('/users/<int:user_id>/foo/<int:id>')
def get(user_id, id):
# do stuff
Any keyword arguments are passed along to the @auth_required decorator,
so roles can also be specified in the same was as it, eg::
@auth_required_same_user('user_id', role='ROLE_ADMIN')
Aborts with ``HTTP 403: Forbidden`` if the user-check fails.
"""
auth_kwargs = {}
user_id_parameter_name = 'id'
if not (args and callable(args[0])):
auth_kwargs = kwargs
if args and isinstance(args[0], str):
user_id_parameter_name = args[0]
def wrapper(fn):
@wraps(fn)
@auth_required(**auth_kwargs)
def decorated(*args, **kwargs):
try:
user_id = request.view_args[user_id_parameter_name]
except KeyError:
raise KeyError('Unable to find the user lookup parameter '
f'{user_id_parameter_name} in the url args')
if not Permission(UserNeed(user_id)).can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated
if args and callable(args[0]):
return wrapper(args[0])
return wrapper