Added admin view stuffs

2020-11-29 01:57:07 +01:00
parent d28cc70519
commit 116ef34a9a
5 changed files with 72 additions and 5 deletions
--- a/src/utils/security.py
+++ b/src/utils/security.py
@@ -1,9 +1,12 @@
 #!/usr/bin/env python3
-
-from flask_security import Security, SQLAlchemyUserDatastore
+from flask import abort
+from flask_security import Security, SQLAlchemyUserDatastore, current_user
 from flask_security.forms import RegisterForm, Required
 from wtforms import StringField

+from flask_admin.contrib.sqla import ModelView
+from flask_admin import AdminIndexView
+
 from models import db, User, Role

 """
@@ -26,3 +29,29 @@ security = Security()  # Will be initiated at init_app

 def init_security_real_good(app):
    security.init_app(app, datastore=user_datastore, register_form=ExtendedRegisterForm)
+
+
+class AuthenticatedModelView(ModelView):
+    def is_accessible(self):
+        return (
+                current_user.is_active and
+                current_user.is_authenticated and
+                current_user.has_role('administrator')
+        )
+
+    def _handle_view(self, name):
+        if not self.is_accessible():
+            abort(401)
+
+
+class AuthenticatedAdminIndexView(AdminIndexView):
+    def is_accessible(self):
+        return (
+                current_user.is_active and
+                current_user.is_authenticated and
+                current_user.has_role('administrator')
+        )
+
+    def _handle_view(self, name):
+        if not self.is_accessible():
+            abort(401)