charity_id是否有一种允许角色的方式,如charity_id[:3]的前3个字符(即<div class="customContainer">
<table class="customTable">
<thead class="customHead">
<tr class="customRow">
<th class="customHead2">Product</th>
<th class="customHead2">Quantity</th>
<th class="customHead2">Price</th>
<th class="customHead2">Total</th>
<th class="customHead2">Remove</th>
</tr>
</thead>
<tbody class="customBody">
var model = Model.ToList();
@foreach (var itemList in model)
{
@{
var index = model.IndexOf(itemList);
}
<tr class="customRow">
<td class="customData">@itemList.Name</td>
<td class="customData">@itemList.Quantity</td>
<td class="customData">@itemList.Price</td>
<td class="customData">@itemList.Total</td>
<td class="customData"><button data-delete-id="@index" class="btn-dark">Delete</button></td>
</tr>
}
</tbody>
</table>
</div>
)所定义。目前,如果注释行未注释,则charity_id尚未定义,因此不起作用。
我正试图允许角色为“ admin”或“ charity_id [:3]”的用户进入页面。每个用户都在烧瓶安全协议中分配了一个角色。我正在尝试根据页面ID(即string:charity_id
)测试人员是否允许进入该页面非常感谢
答案 0 :(得分:0)
我不知道它是做什么的,但是as you can see @roles_accepted装饰器仅适用于角色,并且仅在perm.can()时运行端点。
您可以创建自定义decorator(仅作为示例):
def custom_roles(roles: list, path_param: str):
def wrapper(fn):
@roles_accepted(*roles) # just roles like in docs
@wraps(fn)
def decorated_view(*args, **kwargs):
# try to open /100-test/glc
sub_charity_id = kwargs.get(path_param)[:3] # 100
# call route using roles_accepted decorator and path param
fn2 = roles_accepted(*[sub_charity_id])(fn)
return fn2(*args, **kwargs)
return decorated_view
return wrapper
@app.route('/<string:charity_id>/glc')
@custom_roles(roles=['admin'], path_param='charity_id')
def glc(charity_id):
return 'test'
或在路由内致电roles_accepted:
def do_something(charity_id: str):
return charity_id
@app.route('/<string:charity_id>/glc')
@roles_accepted('admin', 'editor')
def glc(charity_id):
fn = roles_accepted(*[charity_id[:3]])(do_something)
return fn(charity_id)
希望这会有所帮助。