本文整理匯總了Python中flask_principal.Permission方法的典型用法代碼示例。如果您正苦於以下問題:Python flask_principal.Permission方法的具體用法?Python flask_principal.Permission怎麽用?Python flask_principal.Permission使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類flask_principal的用法示例。
在下文中一共展示了flask_principal.Permission方法的11個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: roles_required
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def roles_required(*roles):
"""Decorator which specifies that a user must have all the specified roles.
Example::
@app.route('/dashboard')
@roles_required('admin', 'editor')
def dashboard():
return 'Dashboard'
The current user must have both the `admin` role and `editor` role in order
to view the page.
:param roles: The required roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(RoleNeed(role)) for role in roles]
for perm in perms:
if not perm.can():
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(roles_required, list(roles))
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例2: roles_accepted
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def roles_accepted(*roles):
"""Decorator which specifies that a user must have at least one of the
specified roles. Example::
@app.route('/create_post')
@roles_accepted('editor', 'author')
def create_post():
return 'Create Post'
The current user must have either the `editor` role or `author` role in
order to view the page.
:param roles: The possible roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[RoleNeed(role) for role in roles])
if perm.can():
return fn(*args, **kwargs)
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(roles_accepted, list(roles))
return decorated_view
return wrapper 示例3: permissions_required
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def permissions_required(*fsperms):
"""Decorator which specifies that a user must have all the specified permissions.
Example::
@app.route('/dashboard')
@permissions_required('admin-write', 'editor-write')
def dashboard():
return 'Dashboard'
The current user must have BOTH permissions (via the roles it has)
to view the page.
N.B. Don't confuse these permissions with flask-principle Permission()!
:param fsperms: The required permissions.
.. versionadded:: 3.3.0
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(FsPermNeed(fsperm)) for fsperm in fsperms]
for perm in perms:
if not perm.can():
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(
permissions_required, list(fsperms)
)
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例4: permissions_accepted
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def permissions_accepted(*fsperms):
"""Decorator which specifies that a user must have at least one of the
specified permissions. Example::
@app.route('/create_post')
@permissions_accepted('editor-write', 'author-wrote')
def create_post():
return 'Create Post'
The current user must have one of the permissions (via the roles it has)
to view the page.
N.B. Don't confuse these permissions with flask-principle Permission()!
:param fsperms: The possible permissions.
.. versionadded:: 3.3.0
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[FsPermNeed(fsperm) for fsperm in fsperms])
if perm.can():
return fn(*args, **kwargs)
if _security._unauthorized_callback:
# Backwards compat - deprecated
return _security._unauthorized_callback()
return _security._unauthz_handler(permissions_accepted, list(fsperms))
return decorated_view
return wrapper 示例5: blogger_permission
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def blogger_permission(self):
if self._blogger_permission is None:
if self.config.get("BLOGGING_PERMISSIONS", False):
self._blogger_permission = Permission(RoleNeed(
self.config.get("BLOGGING_PERMISSIONNAME", "blogger")))
else:
self._blogger_permission = Permission()
return self._blogger_permission 示例6: roles_accepted
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def roles_accepted(*roles):
"""
Decorator which specifies that a user must have at least one of the
specified roles.
Aborts with HTTP: 403 if the user doesn't have at least one of the roles.
Example::
@app.route('/create_post')
@roles_accepted('ROLE_ADMIN', 'ROLE_EDITOR')
def create_post():
return 'Create Post'
The current user must have either the `ROLE_ADMIN` role or `ROLE_EDITOR`
role in order to view the page.
:param roles: The possible roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[RoleNeed(role) for role in roles])
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例7: roles_required
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def roles_required(*roles):
"""
Decorator which specifies that a user must have all the specified roles.
Aborts with HTTP 403: Forbidden if the user doesn't have the required roles.
Example::
@app.route('/dashboard')
@roles_required('ROLE_ADMIN', 'ROLE_EDITOR')
def dashboard():
return 'Dashboard'
The current user must have both the `ROLE_ADMIN` and `ROLE_EDITOR` roles
in order to view the page.
:param roles: The required roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(RoleNeed(role)) for role in roles]
for perm in perms:
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例8: auth_required_same_user
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def auth_required_same_user(*args, **kwargs):
"""Decorator for requiring an authenticated user to be the same as the
user in the URL parameters. By default the user url parameter name to
lookup is 'id', but this can be customized by passing an argument:
@auth_require_same_user('user_id')
@bp.route('/users/<int:user_id>/foo/<int:id>')
def get(user_id, id):
# do stuff
Any keyword arguments are passed along to the @auth_required decorator,
so roles can also be specified in the same was as it, eg:
@auth_required_same_user('user_id', role='ROLE_ADMIN')
Aborts with HTTP 403: Forbidden if the user-check fails
"""
auth_kwargs = {}
user_id_parameter_name = 'id'
if not was_decorated_without_parenthesis(args):
auth_kwargs = kwargs
if args and isinstance(args[0], str):
user_id_parameter_name = args[0]
def wrapper(fn):
@wraps(fn)
@auth_required(**auth_kwargs)
def decorated(*args, **kwargs):
try:
user_id = request.view_args[user_id_parameter_name]
except KeyError:
raise KeyError('Unable to find the user lookup parameter '
f'{user_id_parameter_name} in the url args')
if not Permission(UserNeed(user_id)).can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated
if was_decorated_without_parenthesis(args):
return wrapper(args[0])
return wrapper 示例9: roles_required
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def roles_required(*roles):
"""Decorator which specifies that a user must have all the specified roles.
Aborts with HTTP 403: Forbidden if the user doesn't have the required roles
Example::
@app.route('/dashboard')
@roles_required('ROLE_ADMIN', 'ROLE_EDITOR')
def dashboard():
return 'Dashboard'
The current user must have both the `ROLE_ADMIN` and `ROLE_EDITOR` roles
in order to view the page.
:param args: The required roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perms = [Permission(RoleNeed(role)) for role in roles]
for perm in perms:
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例10: roles_accepted
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def roles_accepted(*roles):
"""Decorator which specifies that a user must have at least one of the
specified roles.
Aborts with HTTP: 403 if the user doesn't have at least one of the roles
Example::
@app.route('/create_post')
@roles_accepted('ROLE_ADMIN', 'ROLE_EDITOR')
def create_post():
return 'Create Post'
The current user must have either the `ROLE_ADMIN` role or `ROLE_EDITOR`
role in order to view the page.
:param args: The possible roles.
"""
def wrapper(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
perm = Permission(*[RoleNeed(role) for role in roles])
if not perm.can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated_view
return wrapper 示例11: auth_required_same_user
# 需要導入模塊: import flask_principal [as 別名]
# 或者: from flask_principal import Permission [as 別名]
def auth_required_same_user(*args, **kwargs):
"""
Decorator for requiring an authenticated user to be the same as the
user in the URL parameters. By default the user url parameter name to
lookup is ``id``, but this can be customized by passing an argument::
@auth_require_same_user('user_id')
@bp.route('/users/<int:user_id>/foo/<int:id>')
def get(user_id, id):
# do stuff
Any keyword arguments are passed along to the @auth_required decorator,
so roles can also be specified in the same was as it, eg::
@auth_required_same_user('user_id', role='ROLE_ADMIN')
Aborts with ``HTTP 403: Forbidden`` if the user-check fails.
"""
auth_kwargs = {}
user_id_parameter_name = 'id'
if not (args and callable(args[0])):
auth_kwargs = kwargs
if args and isinstance(args[0], str):
user_id_parameter_name = args[0]
def wrapper(fn):
@wraps(fn)
@auth_required(**auth_kwargs)
def decorated(*args, **kwargs):
try:
user_id = request.view_args[user_id_parameter_name]
except KeyError:
raise KeyError('Unable to find the user lookup parameter '
f'{user_id_parameter_name} in the url args')
if not Permission(UserNeed(user_id)).can():
abort(HTTPStatus.FORBIDDEN)
return fn(*args, **kwargs)
return decorated
if args and callable(args[0]):
return wrapper(args[0])
return wrapper