cyberra
Reputation: 599
How to use Flask-admin with flask-principal(security) to handle users by roles?
I already have custom adminindex with flask-login and I have some sqlalchemy modelviews. I just use is_accessible() to handle what to show: login form or modelviews.
class BaseAdminController(ModelView):
column_exclude_list = ('created_on','modified_on')
def is_accessible(self):
return login.current_user.is_authenticated()
For example I have two user types - Moderator and User. How to show some views only for User and all other for Moderator?
Upvotes: 0
Views: 545
Answers (1)
Eugene Prikazchikov
Reputation: 1904
To make some view accessible for moderator only, you can do something like
def is_accessible(self):
if not login.current_user.is_authenticated():
return False
if not is_moderator(login.current_user):
return False
return True
and then in is_moderator you check that user is of "moderator" type. You did not mention how you store the user type in you data models, so I cannot help you with is_moderator function.
Upvotes: 1
Related Questions
- How to implement role based access control in Flask?
- flask admin: How to make a query according to the current user's id and role?
- Using Flask-Security Roles with Flask-JWT REST API
- Role based authorization in flask-login
- Flask-Admin Role Based Access - Modify access based on role
- Flask-Admin permissions for adding user with specific role
- Flask-Admin with Custom Security
- Flask Security- check what Roles a User has
- Flask-Admin Role based resource permissions
- Combining RoleNeed's with Flask Principal