CODEWITHSUNDEEP
pythonflaskflask-sqlalchemyflask-admin
asdfgthereisnocowlevel
asdfgthereisnocowlevel

Reputation: 23

Flask-Admin modelview function

I have a flask app with Flask-Admin to manage the users with the /admin/userview modelview. I wanted it to show the page when a user that is in the DB with the correct group navigates to /admin/userview, and return plain text "not admin" if they are not. Fortunately I got the last part to work, but unfortunately I cannot seem to get the first part (continuing to show the page if they are in the correct group). Here's the relevant code:

class MyView(ModelView):
    @expose('/', methods = ['GET', 'POST'])
    def index(self):
    ## grab kerberos username (PROD)
        secuser = request.environ.get('REMOTE_USER')

        adminresult = User.query.filter_by(usrlevel='admin').all()
        adminresult = str(adminresult)
        adminresult = adminresult.strip('[]')

        managerresult = User.query.filter_by(usrlevel='manager').all()
        managerresult = str(managerresult)
        managerresult = managerresult.strip('[]')    

        if secuser in adminresult:
            pass         <---------------\
        elif secuser in managerresult:    |- if a user is apart of either, this gives a ValueError
            pass         <---------------/
        else:
            return "NOT ADMIN" <--------- This works!

##ADMIN
admin = Admin(flaskapp, index_view=MyHomeView(), name="test APP")
admin.add_view(MyView(User, db.session, "Edit Users"))

Here's the traceback that I get when a user is in adminresult or in managerresult:

Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1836, in __call__
    return self.wsgi_app(environ, start_response)
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1820, in wsgi_app
    response = self.make_response(self.handle_exception(e))
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1403, in handle_exception
   reraise(exc_type, exc_value, tb)
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1817, in wsgi_app
    response = self.full_dispatch_request()
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1478, in full_dispatch_request
    response = self.make_response(rv)
  File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1566, in make_response
    raise ValueError('View function did not return a response')
ValueError: View function did not return a response

How do I get the ModelView "User" to display it's contents if the user is in either group, and to just return "not admin" text if they are not? I think I got half of that done, just continuing seems to be an issue...

Thanks!

Upvotes: 0

Views: 1172

Answers (1)

Sean Vieira
Sean Vieira

Reputation: 159855

You should actually put the check in is_accessible:

class MyView(ModelView):
    def is_accessible(self):
        # grab kerberos username (PROD)
        secuser = request.environ.get('REMOTE_USER')

        admins_and_managers = User.query
                                  .filter(User.usrlevel.in_('admin', 'manager'))
                                  # Better yet, filter again on `secuser`
                                  # to avoid loading *every* admin and manager
                                  # on *every* request for this resource
                                  # and then use `.first` or `.one`
                                  .all()

        return secuser in admins_and_managers

Upvotes: 1

Related Questions