ske087/quality_recticel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1afd09b88b2d8f38f50423efdae64b396ae22bb8
quality_recticel/py_app/app/access_control.py
Quality System Admin c96039542d updated control access
2025-10-16 02:36:32 +03:00

90 lines
3.4 KiB
Python
Raw Blame History

"""
Simple access control decorators for the 4-tier system
"""
from functools import wraps
from flask import session, redirect, url_for, flash, request
from .permissions_simple import check_access, ROLES
def requires_role(min_role_level=None, required_modules=None, page=None):
"""
Simple role-based access decorator
Args:
min_role_level (int): Minimum role level required (50, 70, 90, 100)
required_modules (list): Required modules for access
page (str): Page name for automatic access checking
"""
def decorator(f):
@wraps(f)
def decorated_function(*args, **kwargs):
# Check if user is logged in
if 'user' not in session:
flash('Please log in to access this page.')
return redirect(url_for('main.login'))
user_role = session.get('role')
user_modules = session.get('modules', [])
# If page is specified, use automatic access checking
if page:
if not check_access(user_role, user_modules, page):
flash('Access denied: You do not have permission to access this page.')
return redirect(url_for('main.dashboard'))
return f(*args, **kwargs)
# Manual role level checking
if min_role_level:
user_level = ROLES.get(user_role, {}).get('level', 0)
if user_level < min_role_level:
flash('Access denied: Insufficient privileges.')
return redirect(url_for('main.dashboard'))
# Module requirement checking
if required_modules:
if user_role in ['superadmin', 'admin']:
# Superadmin and admin have access to all modules
pass
else:
if not any(module in user_modules for module in required_modules):
flash('Access denied: You do not have access to this module.')
return redirect(url_for('main.dashboard'))
return f(*args, **kwargs)
return decorated_function
return decorator
def superadmin_only(f):
"""Decorator for superadmin-only pages"""
return requires_role(min_role_level=100)(f)
def admin_plus(f):
"""Decorator for admin and superadmin access"""
return requires_role(min_role_level=90)(f)
def manager_plus(f):
"""Decorator for manager, admin, and superadmin access"""
return requires_role(min_role_level=70)(f)
def requires_quality_module(f):
"""Decorator for quality module access"""
return requires_role(required_modules=['quality'])(f)
def requires_warehouse_module(f):
"""Decorator for warehouse module access"""
return requires_role(required_modules=['warehouse'])(f)
def requires_labels_module(f):
"""Decorator for labels module access"""
return requires_role(required_modules=['labels'])(f)
def quality_manager_plus(f):
"""Decorator for quality module manager+ access"""
return requires_role(min_role_level=70, required_modules=['quality'])(f)
def warehouse_manager_plus(f):
"""Decorator for warehouse module manager+ access"""
return requires_role(min_role_level=70, required_modules=['warehouse'])(f)
def labels_manager_plus(f):
"""Decorator for labels module manager+ access"""
return requires_role(min_role_level=70, required_modules=['labels'])(f)
Reference in New Issue View Git Blame Copy Permalink