python - Flask Principal granular resource on demand -
i've been looking @ post: http://pythonhosted.org/flask-principal/#granular-resource-protection
now while there nothing wrong how working can't see usable since @ time of login posts read , editblogpostneed
added identity.
imagine if have been writing more normal number of posts long term not strategy check post access view /posts/<post_id>
.
is there way check on each request view using flask principal
?
i can of course around lazy relationship query , filter want use flask principal
.
not sure understand question entirely, might help. in flask app, i'm using flask-principal role permission such admin , editor, , i'm using granular resource protection described in flask-principal docs. in case i'm checking if user has permission access particular account. in each view identity loaded , permission checked.
in view:
@login_required def call_list(id, page=1): dept = models.department.query.get_or_404(id) view_permission = auth.viewaccountpermission(dept.office.account_id) if view_permission.can(): #
the custom permission:
viewaccount = namedtuple('view', ['method', 'value']) viewaccountneed = partial(viewaccount, 'view') class viewaccountpermission(permission): def __init__(self, account_id): need = viewaccountneed(unicode(account_id)) super(viewaccountpermission, self).__init__(need)
and in identity loader function:
if hasattr(current_user, 'assigned_accounts'): account_id in current_user.assigned_accounts(): identity.provides.add(auth.viewaccountneed(unicode(account_id)))
Comments
Post a Comment