Commit 10105215 authored by colmoneill's avatar colmoneill

admin button attempt, and protect the eventbrite admin management route with role rights

parent 64994e53
......@@ -421,6 +421,14 @@ class RoleView(ModelView):
# redirect to login page if user doesn't have access
return redirect(url_for('security.login', next=request.url))
class EventView(ModelView):
def is_accessible(self):
return current_user.has_role('admin')
def inaccessible_callback(self, name, **kwargs):
# redirect to login page if user doesn't have access
return redirect(url_for('security.login', next=request.url))
# APP RUN
......@@ -429,5 +437,5 @@ if __name__ == '__main__':
admin.add_view(UserView(User))
admin.add_view(RoleView(Role))
# admin.add_view(ModelView(Badge))
admin.add_view(ModelView(Events))
admin.add_view(EventView(Events))
app.run(host='0.0.0.0', debug=True)
......@@ -49,6 +49,10 @@
<li class="item"><a href="/contact">{{_("contact")}}</a><span class="deco"></li>
<li><hr></li>
{% if current_user.is_authenticated %}
{#{% if current_user.role admin %}
<li><a href="/admin">{{_("Administration")}}</a></li>
{% endif %}#}
<li><a href="/dashboard">{{_("Dashboard")}}</a></li>
<li><a href="{{ url_for('security.logout') }}">Logout</a></li>
{% else %}
......@@ -56,4 +60,5 @@
{% endif %}
<li class="item"><a href="#">FR/NL</a></li>
</ul>
{{current_user.first_name}}
</nav>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment