dashboard/helpers/auth_guard.py

from functools import wraps

from areas.roles.role_service import RoleService

from flask_jwt_extended import verify_jwt_in_request
from flask_jwt_extended import get_jwt
from helpers import Unauthorized

def admin_required():
    def wrapper(fn):
        @wraps(fn)
        def decorator(*args, **kwargs):
            verify_jwt_in_request()
            claims = get_jwt()
            user_id = claims["user_id"]
            is_admin = RoleService.is_user_admin(user_id)
            if is_admin:
                return fn(*args, **kwargs)
            else:
                raise Unauthorized("You need to have admin permissions.")

        return decorator

    return wrapper
add permission layer for admins for backend API 2022-06-08 21:41:59 +02:00			`from functools import wraps`

			`from areas.roles.role_service import RoleService`

			`from flask_jwt_extended import verify_jwt_in_request`
			`from flask_jwt_extended import get_jwt`
MR comments - added error handler for unauthorized 2022-06-09 12:21:47 +02:00			`from helpers import Unauthorized`
add permission layer for admins for backend API 2022-06-08 21:41:59 +02:00
			`def admin_required():`
			`def wrapper(fn):`
			`@wraps(fn)`
			`def decorator(args, *kwargs):`
			`verify_jwt_in_request()`
			`claims = get_jwt()`
changed variable names to snake case 2022-06-10 11:34:33 +02:00			`user_id = claims["user_id"]`
			`is_admin = RoleService.is_user_admin(user_id)`
			`if is_admin:`
add permission layer for admins for backend API 2022-06-08 21:41:59 +02:00			`return fn(args, *kwargs)`
			`else:`
MR comments - added error handler for unauthorized 2022-06-09 12:21:47 +02:00			`raise Unauthorized("You need to have admin permissions.")`
add permission layer for admins for backend API 2022-06-08 21:41:59 +02:00
			`return decorator`

			`return wrapper`