2026-05-17 03:26:01 -04:00
|
|
|
from flask import session, redirect, flash
|
|
|
|
|
from functools import wraps
|
|
|
|
|
|
|
|
|
|
LEVEL_RANK = {'nothing': 0, 'viewer': 1, 'administrator': 2, 'manager': 3}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def require_level(minimum):
|
|
|
|
|
"""Decorator that enforces a minimum access level on an action route."""
|
|
|
|
|
def decorator(f):
|
|
|
|
|
@wraps(f)
|
|
|
|
|
def wrapper(*args, **kwargs):
|
|
|
|
|
current = session.get('access_level', 'nothing')
|
|
|
|
|
if LEVEL_RANK.get(current, 0) < LEVEL_RANK.get(minimum, 0):
|
|
|
|
|
if current == 'nothing':
|
|
|
|
|
flash('Please log in to continue.', 'error')
|
2026-05-27 22:04:04 -04:00
|
|
|
return redirect('/accountlogin')
|
2026-05-17 03:26:01 -04:00
|
|
|
flash('You do not have permission to perform this action.', 'error')
|
2026-05-27 22:04:04 -04:00
|
|
|
return redirect('/overview')
|
2026-05-17 03:26:01 -04:00
|
|
|
return f(*args, **kwargs)
|
|
|
|
|
return wrapper
|
|
|
|
|
return decorator
|
