Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
beeMapsoftwebinc
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Softweb Inc
beeMapsoftwebinc
Merge requests
!45
Staging
Code
Review changes
Check out branch
Download
Patches
Plain diff
Merged
Staging
staging
into
master
Overview
0
Commits
38
Pipelines
1
Changes
19
Merged
eeonaaah
requested to merge
staging
into
master
4 years ago
Overview
0
Commits
38
Pipelines
1
Changes
19
Expand
0
0
Merge request reports
Compare
master
master (base)
and
latest version
latest version
c5a4ea46
38 commits,
4 years ago
19 files
+
274
−
62
Inline
Compare changes
Side-by-side
Inline
Show whitespace changes
Show one file at a time
Files
19
Search (e.g. *.vue) (Ctrl+P)
api/decorators/
roles_allowed
.py
→
api/decorators/
auth
.py
+
43
−
0
Options
from
flask
import
session
,
re
direc
t
,
Response
,
url_for
from
flask
import
session
,
re
ques
t
,
Response
,
url_for
,
redirect
from
typing
import
List
from
functools
import
wraps
from
api.utils.errors
import
AuthenticationError
import
logging
def
roles_allowed
(
roles
:
List
[
str
]):
@@ -11,17 +12,32 @@ def roles_allowed(roles: List[str]):
def
wrapper
(
*
args
,
**
kwargs
):
user
=
session
.
get
(
'
user
'
)
logging
.
debug
(
"
Secured page requested.
"
)
if
not
user
:
logging
.
debug
(
"
Redirecting to login page
"
)
return
redirect
(
url_for
(
'
login
'
))
if
user
:
logging
.
warning
(
f
"
Unauthorized request from:
{
request
.
remote_addr
}
"
)
return
Response
(
"
Not authorized
"
,
401
)
if
any
(
role
in
user
[
'
roles
'
]
for
role
in
roles
):
# User has a required role, route request back to the original handler
logging
.
debug
(
f
"
Access granted to user:
{
user
[
'
email
'
]
}
"
)
return
func
(
*
args
,
**
kwargs
)
logging
.
debug
(
"
Unauthorized request
"
)
return
Response
(
"
Not authorized
"
,
403
)
else
:
logging
.
warning
(
f
"
Forbidden request from:
{
request
.
remote_addr
}
"
)
return
Response
(
"
Not authorized
"
,
403
)
return
wrapper
return
decorator
\ No newline at end of file
return
decorator
def
prompt_login
(
func
):
"""
Decorator that redirects the user to a login page if they are not logged in
"""
@wraps
(
func
)
def
wrapper
(
*
args
,
**
kwargs
):
user
=
session
.
get
(
'
user
'
)
if
user
:
# User is logged in, route request back to the original handler
return
func
(
*
args
,
**
kwargs
)
return
redirect
(
url_for
(
'
login
'
))
return
wrapper
\ No newline at end of file
Loading