apioforum/permissions.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

from flask import (
	g, redirect, url_for, flash
)
import functools
import click
from flask.cli import with_appcontext
from .db import get_db

def is_admin():
	if g.user_info is None:
		return False
	else:
		return g.user_info['admin'] > 0

def admin_required(view):
	@functools.wraps(view)
	def wrapped(**kwargs):
		if is_admin():
			return view(**kwargs)
		else:
			flash("you must be an admin to do that")
			return redirect(url_for("index"))
	return wrapped

@click.command("make_admin")
@click.argument("username")
@with_appcontext
def make_admin(username):
	"""makes a user an admin user"""
	db = get_db()
	cur = db.cursor()
	cur.execute("UPDATE users SET admin = 1 WHERE username = ?",(username,))
	if cur.rowcount == 0:
		click.echo("no such user found")
	else:
		click.echo("ok")
	db.commit()

def init_app(app):
	app.cli.add_command(make_admin)
	app.context_processor(lambda: dict(is_admin=is_admin()))