50 lines
1.4 KiB
Python
50 lines
1.4 KiB
Python
from functools import wraps
|
|
from flask_login import current_user
|
|
from flask import abort
|
|
|
|
USER_LEVELS = {"viewer": 1, "user": 2, "operator": 3, "developer": 4, "admin": 5}
|
|
|
|
|
|
def require_permission(required_level):
|
|
"""Decorator to require specific user permission level."""
|
|
|
|
def decorator(func):
|
|
@wraps(func)
|
|
def wrapper(*args, **kwargs):
|
|
if not current_user.is_authenticated:
|
|
abort(401)
|
|
|
|
user_level_value = USER_LEVELS.get(current_user.user_level, 0)
|
|
required_level_value = USER_LEVELS.get(required_level, 5)
|
|
|
|
if user_level_value < required_level_value:
|
|
abort(403)
|
|
|
|
return func(*args, **kwargs)
|
|
|
|
return wrapper
|
|
|
|
return decorator
|
|
|
|
|
|
def can_edit_metadata(user_level):
|
|
"""Check if user can edit script metadata."""
|
|
return user_level in ["developer", "admin"]
|
|
|
|
|
|
def can_access_script(user_level, required_level):
|
|
"""Check if user can access a script based on required level."""
|
|
user_value = USER_LEVELS.get(user_level, 0)
|
|
required_value = USER_LEVELS.get(required_level, 5)
|
|
return user_value >= required_value
|
|
|
|
|
|
def is_admin(user_level):
|
|
"""Check if user is admin."""
|
|
return user_level == "admin"
|
|
|
|
|
|
def is_developer_or_admin(user_level):
|
|
"""Check if user is developer or admin."""
|
|
return user_level in ["developer", "admin"]
|