我有一个使用Flask-Admin的烧瓶应用程序来管理具有/admin/userview
模型视图的用户。
我希望它在具有正确组的数据库中的用户导航到/admin/userview
时显示页面,并返回纯文本"而不是管理员"如果他们不是。幸运的是,我得到了最后一部分工作,但不幸的是我似乎无法获得第一部分(如果他们在正确的组中继续显示页面)。这是相关代码:
class MyView(ModelView):
@expose('/', methods = ['GET', 'POST'])
def index(self):
## grab kerberos username (PROD)
secuser = request.environ.get('REMOTE_USER')
adminresult = User.query.filter_by(usrlevel='admin').all()
adminresult = str(adminresult)
adminresult = adminresult.strip('[]')
managerresult = User.query.filter_by(usrlevel='manager').all()
managerresult = str(managerresult)
managerresult = managerresult.strip('[]')
if secuser in adminresult:
pass <---------------\
elif secuser in managerresult: |- if a user is apart of either, this gives a ValueError
pass <---------------/
else:
return "NOT ADMIN" <--------- This works!
##ADMIN
admin = Admin(flaskapp, index_view=MyHomeView(), name="test APP")
admin.add_view(MyView(User, db.session, "Edit Users"))
以下是用户在adminresult
或managerresult
中时获得的追溯:
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1836, in __call__
return self.wsgi_app(environ, start_response)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1820, in wsgi_app
response = self.make_response(self.handle_exception(e))
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1403, in handle_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1817, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1478, in full_dispatch_request
response = self.make_response(rv)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1566, in make_response
raise ValueError('View function did not return a response')
ValueError: View function did not return a response
如何获得ModelView
&#34;用户&#34;如果用户在任一组中,则显示它的内容,并且只返回&#34;而不是admin&#34;文字,如果他们不是?我想我完成了一半,只是继续似乎是一个问题......
谢谢!
答案 0 :(得分:1)
您应该将支票放入is_accessible
:
class MyView(ModelView):
def is_accessible(self):
# grab kerberos username (PROD)
secuser = request.environ.get('REMOTE_USER')
admins_and_managers = User.query
.filter(User.usrlevel.in_('admin', 'manager'))
# Better yet, filter again on `secuser`
# to avoid loading *every* admin and manager
# on *every* request for this resource
# and then use `.first` or `.one`
.all()
return secuser in admins_and_managers