| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123 |
- #!/usr/bin/env python
- # -*- coding=UTF-8 -*-
- # **************************************************************************
- # Copyright © 2016 jianglin
- # File Name: permission.py
- # Author: jianglin
- # Email: xiyang0807@gmail.com
- # Created: 2016-07-16 16:40:53 (CST)
- # Last Update:星期六 2016-7-30 22:2:39 (CST)
- # By:
- # Description:
- # **************************************************************************
- from flask import (redirect, url_for, flash, request, jsonify, g)
- from flask_login import login_required, current_user
- from maple.permission.base import RestBase
- from maple.permission.permission import EditTopicNeed
- from flask_principal import Permission, RoleNeed
- from flask_babelex import gettext as _
- from functools import wraps
- from .models import Topic
- def ask_permission(func):
- @wraps(func)
- def decorator(*args, **kwargs):
- permission = Permission(RoleNeed('confirmed'))
- if not permission.can():
- flash(
- _("You haven't confirm your account,Please confirmed"),
- 'warning')
- return redirect(url_for('user.user',
- user_url=current_user.username))
- return func(*args, **kwargs)
- return decorator
- def edit_permission(func):
- @wraps(func)
- def decorator(*args, **kwargs):
- topicId = kwargs.get('topicId')
- topic = Topic.query.filter_by(uid=topicId).first_or_404()
- permission = Permission(EditTopicNeed(topic.id))
- if not permission.can():
- flash(_('You have no permission'), 'warning')
- return redirect(url_for('topic.topic', topicId=topicId))
- return func(*args, **kwargs)
- return decorator
- def vote_permission(func):
- @wraps(func)
- def decorator(*args, **kwargs):
- if not g.user.is_authenticated:
- topicId = kwargs.get('topicId')
- return jsonify(judge=False,
- url=url_for('auth.login',
- next=url_for('topic.topic',
- topicId=topicId)))
- return func(*args, **kwargs)
- return decorator
- class TopicPermission(RestBase):
- def get(self, topicId):
- order = request.args.get('orderby')
- if topicId is None:
- if order:
- return True
- else:
- if order and order not in ['time', 'like']:
- return True
- @login_required
- def post(self):
- def callback():
- flash(
- _("You haven't confirm your account,Please confirmed"),
- 'warning')
- return redirect(url_for('user.user',
- user_url=current_user.username))
- permission = Permission(RoleNeed('confirmed'))
- if not permission.can():
- self.callback = callback
- return True
- @login_required
- @edit_permission
- def put(self, topicId):
- def callback():
- return jsonify(judge=False, error=_('You have no permission'))
- topic = Topic.query.filter_by(uid=topicId).first_or_404()
- permission = Permission(EditTopicNeed(topic.id))
- if not permission.can():
- self.callback = callback
- return True
- @login_required
- def delete(self, topicId):
- return True
- class ReplyPermission(RestBase):
- decorators = [login_required]
- def post(self, topicId):
- permission = Permission(RoleNeed('confirmed'))
- if not permission.can():
- return True
- def callback(self):
- flash(
- _("You haven't confirm your account,Please confirmed"), 'warning')
- return redirect(url_for('user.user', user_url=current_user.username))
- preview_permission = ask_permission
- topic_permission = TopicPermission()
- reply_permission = ReplyPermission()
|
