27 lines
826 B
Python
27 lines
826 B
Python
from flask_admin.contrib.sqla import ModelView as _ModelView
|
|
from flask_admin import BaseView as _BaseView
|
|
from flask_security import current_user
|
|
from flask_principal import RoleNeed, Permission
|
|
|
|
|
|
# FIXME admin homepage is always accessible
|
|
class AdminProtect(object):
|
|
roles = []
|
|
|
|
def is_accessible(self):
|
|
return current_user.is_authenticated() and \
|
|
(current_user.is_superuser or
|
|
(self.roles and
|
|
Permission(*[RoleNeed(r) for r in self.roles]).can()))
|
|
|
|
|
|
class ModelView(AdminProtect, _ModelView):
|
|
def __init__(self, model, *args, **kwargs):
|
|
kwargs.setdefault('endpoint', model.__name__.lower() + '_model')
|
|
return super(ModelView, self).__init__(model, *args, **kwargs)
|
|
named_filter_urls = True
|
|
|
|
|
|
class BaseView(AdminProtect, _BaseView):
|
|
pass
|