archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

Load user capabilities from Pillar config and allow extensions to extend.

Browse Source 
Default caps can be overridden using the USER_CAPABILITIES name in
config_local.py. These can be extended by Pillar Extensions.
This commit is contained in:
Sybren A. Stüvel
2017-08-22 11:31:17 +02:00
parent 566f2a4835
commit 2b09711eb0
6 changed files with 123 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
pillar/auth/__init__.py
View File

@@ -9,6 +9,8 @@ import flask_login
import flask_oauthlib.client
from werkzeug.local import LocalProxy
from pillar import current_app
import bson
from ..api import utils
@@ -85,10 +87,14 @@ class UserClass(flask_login.UserMixin):
return default
def collect_capabilities(self):
"""Constructs the capabilities set given the user's current roles."""
"""Constructs the capabilities set given the user's current roles.
self.capabilities = set().union(*(CAPABILITIES.get(role, frozenset())
for role in self.roles))
Requires an application context to be active.
"""
app_caps = current_app.user_caps
self.capabilities = set().union(*(app_caps[role] for role in self.roles))
def has_role(self, *roles):
"""Returns True iff the user has one or more of the given roles."""