Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
__all__ = ["get_id", "require_login", "require_admin", "require_customer"]
from pylons.controllers.util import abort, redirect_to, url_for
from pylons import session
from decorator import decorator
_group_admin = ['admin']
_group_customer = ['admin','customer']
def get_id():
if 'user_id' in session:
return session['user_id']
else:
return None
def require_login(func, *args, **kwargs):
""" Checks to see if user_id is in session """
if not 'user_id' in session:
redirect_to('/auth/login')
return func(*args, **kwargs)
require_login = decorator(require_login)
def require_admin(func, *args, **kwargs):
_test_group(_group_admin)
return func(*args, **kwargs)
require_admin = decorator(require_admin)
def require_customer(func, *args, **kwargs):
_test_group(_group_customer)
return func(*args, **kwargs)
require_customer = decorator(require_customer)
def _test_group(group):
'Test current acl against a list of acl'
if not 'user_id' in session or session['user_id'] == None:
redirect_to('/auth/login')
return False
thisacl = session['user_acl'].lower()
for acl in group:
if acl == thisacl:
return True
redirect_to('/auth/no_access/' + thisacl)
return False
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.