文档含糊不清,有时使用GET_MANY和其他GET_COLLECTION。我需要制作一个预处理器来进行授权。 GET_SINGLE确实有效(返回401:forbiden),但是GET_MANY或GET_COLLECTION没有(返回200:ok)。
@
auth_token_required@ roles_accepted('admin', 'supervisor')
def auth_func( * args, * * kw):
print('@Juan: calling auth_func...')
pass
@ auth_token_required@ roles_accepted('adminxxx', 'supervisor')
def get_many(search_params = None, * * kw):
print('@Juan: calling get_many...')
pass
preprocessors = {
'GET_SINGLE': [auth_func],
'GET_MANY': [get_many]
}
api_manager = APIManager(app, flask_sqlalchemy_db = db)
api_manager.create_api(Person,
methods = ['GET', 'POST', 'DELETE', 'PUT'],
preprocessors = preprocessors)