Commit 10105215 authored by colmoneill's avatar colmoneill

admin button attempt, and protect the eventbrite admin management route with role rights

parent 64994e53
...@@ -421,6 +421,14 @@ class RoleView(ModelView): ...@@ -421,6 +421,14 @@ class RoleView(ModelView):
# redirect to login page if user doesn't have access # redirect to login page if user doesn't have access
return redirect(url_for('security.login', next=request.url)) return redirect(url_for('security.login', next=request.url))
class EventView(ModelView):
def is_accessible(self):
return current_user.has_role('admin')
def inaccessible_callback(self, name, **kwargs):
# redirect to login page if user doesn't have access
return redirect(url_for('security.login', next=request.url))
# APP RUN # APP RUN
...@@ -429,5 +437,5 @@ if __name__ == '__main__': ...@@ -429,5 +437,5 @@ if __name__ == '__main__':
admin.add_view(UserView(User)) admin.add_view(UserView(User))
admin.add_view(RoleView(Role)) admin.add_view(RoleView(Role))
# admin.add_view(ModelView(Badge)) # admin.add_view(ModelView(Badge))
admin.add_view(ModelView(Events)) admin.add_view(EventView(Events))
app.run(host='0.0.0.0', debug=True) app.run(host='0.0.0.0', debug=True)
...@@ -49,6 +49,10 @@ ...@@ -49,6 +49,10 @@
<li class="item"><a href="/contact">{{_("contact")}}</a><span class="deco"></li> <li class="item"><a href="/contact">{{_("contact")}}</a><span class="deco"></li>
<li><hr></li> <li><hr></li>
{% if current_user.is_authenticated %} {% if current_user.is_authenticated %}
{#{% if current_user.role admin %}
<li><a href="/admin">{{_("Administration")}}</a></li>
{% endif %}#}
<li><a href="/dashboard">{{_("Dashboard")}}</a></li> <li><a href="/dashboard">{{_("Dashboard")}}</a></li>
<li><a href="{{ url_for('security.logout') }}">Logout</a></li> <li><a href="{{ url_for('security.logout') }}">Logout</a></li>
{% else %} {% else %}
...@@ -56,4 +60,5 @@ ...@@ -56,4 +60,5 @@
{% endif %} {% endif %}
<li class="item"><a href="#">FR/NL</a></li> <li class="item"><a href="#">FR/NL</a></li>
</ul> </ul>
{{current_user.first_name}}
</nav> </nav>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment