【问题标题】:flask-security roles_required with pluggable views带有可插入视图的烧瓶安全角色要求
【发布时间】:2016-08-18 03:45:03
【问题描述】:

我试图要求一个角色来访问我定义为 MethodView 的视图。但是,我似乎无法正确命名路线。

如果我只需要使用装饰器登录,一切正常:

activities = Blueprint("activities", __name__, url_prefix="/activities")

class ActivitiesView(MethodView):
    def get():
        pass

    def post():
        pass

view = login_required(ActivitiesView.as_view("activities"))
activities.add_url_rule('/', view_func=view)

我得到了想要的路由名称,即activities.activities

>>> current_app.url_map
Map([...
 <Rule '/activities/' (HEAD, POST, OPTIONS, GET) -> activities.activities>,
...])

但是,当我尝试使用 roles_required 时,路由的名称被破坏并且不再列出 POST 方法:

view = roles_required("experimenter", ActivitiesView.as_view("activities"))
activities.add_url_rule('/', view_func=view)

>>> current_app.url_map
Map([...
 <Rule '/activities/' (HEAD, OPTIONS, GET) -> activities.wrapper>,
...])

将参数切换为add_url_rule 不会改变任何东西。如何使用roles_required而不弄乱路由名称?

这样做会修复路由名称,但不会修复丢失的 POST 方法:

view = roles_required("experimenter", endpoint="activities", ActivitiesView.as_view("activities"))
activities.add_url_rule('/', view_func=view)

【问题讨论】:

    标签: python flask flask-security


    【解决方案1】:

    解决办法是调用装饰器:

    view = roles_required("experimenter")(ActivitiesView.as_view("activities"))
    activities.add_url_rule('/', view_func=view)
    

    或者:

    decorators = [roles_required("experimenter")]
    

    感谢这篇文章:

    http://scottlobdell.me/2015/04/decorators-arguments-python/

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 2021-06-22
      • 2013-06-13
      • 2019-01-04
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2021-09-07
      • 2019-09-18
      相关资源
      最近更新 更多