实现方式
使用装饰器的形式,将权限判断加在视图上
声明接口需要什么权限,用户访问接口的时候,判断用户是否有此权限
权限判断,接收权限
def permission_required(permission):
def outter(func):
@wraps(func)
def inner(*args, **kwargs):
user = g.cms_user
if user.has_permission(permission):
return func(*args, **kwargs)
else:
return redirect(url_for('cms.index'))
return inner
return outter
声明接口需要的权限
@bp.route('/posts/')
@login_required
@permission_required(CMSPersmission.POSTER)
def posts():
return render_template('cms/cms_posts.html')
@bp.route('/comments/')
@login_required
@permission_required(CMSPersmission.COMMENTER)
def comments():
return render_template('cms/cms_comments.html')
@bp.route('/boards/')
@login_required
@permission_required(CMSPersmission.BOARDER)
def boards():
return render_template('cms/cms_boards.html')
@bp.route('/fusers/')
@login_required
@permission_required(CMSPersmission.FRONTUSER)
def fusers():
return render_template('cms/cms_fusers.html')
@bp.route('/cusers/')
@login_required
@permission_required(CMSPersmission.CMSUSER)
def cusers():
return render_template('cms/cms_cusers.html')
