resources_api/app/admin.py at 4339c3eb3ddd02e928f3a067b79cea54c5f2970f · OperationCode/resources_api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
from flask_admin import Admin, AdminIndexView
from flask_admin.contrib.sqla import ModelView
from flask import url_for, redirect, request, abort
from app import db
from .models import Resource, Category, Language, User, Role
from flask_security import current_user


class AdminView(ModelView):
    def is_accessible(self):
        return (current_user.is_active and
                current_user.is_authenticated and current_user.has_role('admin'))

    def _handle_view(self, name, **kwargs):
        """ Override builtin _handle_view in order to redirect users when a view
        is not accessible.
        """
        if not self.is_accessible():
            if current_user.is_authenticated:
                # permission denied
                abort(403)
            else:
                # login
                return redirect(url_for('security.login', next=request.url))


class HomeAdminView(AdminIndexView):
    def is_accessible(self):
        return current_user.has_role('admin')

    def inaccessible_callback(self, name):
        return redirect(url_for('security.login', next=request.url))


def run_flask_admin(app):
    """Creates the admin object and defines which views will be visible"""
    admin_obj = Admin(app, name='Resources_api', url='/',
                      base_template='my_master.html',
                      index_view=HomeAdminView(name='Home'))
    admin_obj.add_view(AdminView(Role, db.session))
    admin_obj.add_view(AdminView(User, db.session))
    admin_obj.add_view(AdminView(Resource, db.session))
    admin_obj.add_view(AdminView(Category, db.session))
    admin_obj.add_view(AdminView(Language, db.session))
    return admin_obj