1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
from functools import wraps
from flask import flash, request, render_template, url_for
from flask import redirect as _redirect
from .login import current_user
def _gen_tpl(endpoint):
return endpoint.replace('.', '/') + '.jinja'
def templated(template=None):
fun = None
if template is not None and callable(template):
# a function was passed in
fun = template
template = None
def decorator(f):
@wraps(f)
def decorated_function(*args, **kwargs):
if template is None:
template_name = _gen_tpl(request.endpoint)
elif template[0] == '.' and request.blueprint is not None:
template_name = _gen_tpl(request.blueprint + template)
else:
template_name = template
ctx = f(*args, **kwargs)
if ctx is None:
ctx = {}
elif not isinstance(ctx, dict):
return ctx
return render_template(template_name, **ctx)
return decorated_function
if fun is None:
return decorator
else:
return decorator(fun)
def redirect (target, **kwargs):
code = kwargs.pop('_code', None)
url = url_for(target, **kwargs)
if code is None:
return _redirect(url)
else:
return _redirect(url, code)
def assert_authorisation(constructor, param):
def decorator(f):
@wraps(f)
def decorated_function(*args, **kwargs):
p = kwargs.get(param, None)
if p is None:
raise TypeError("Keyword %s expected but not received." % param)
obj = constructor(p)
if obj is None:
flash(u"Eintrag existiert nicht!", u'error')
return redirect('index')
if not hasattr(obj, 'user_id'):
return f(*args, **kwargs)
# explicitly use user_id to avoid having to load the user object
if obj.user_id != current_user.id:
flash(u"Nicht erlaubte Operation!", u'error')
return redirect('index')
else:
return f(*args, **kwargs)
return decorated_function
return decorator
|