linuxrouter/docker/routlin-dash/app/auth.py

from flask import session, redirect, flash
from functools import wraps

LEVEL_RANK = {'nothing': 0, 'viewer': 1, 'administrator': 2, 'manager': 3}


def require_level(minimum):
    """Decorator that enforces a minimum access level on an action route."""
    def decorator(f):
        @wraps(f)
        def wrapper(*args, **kwargs):
            current = session.get('access_level', 'nothing')
            if LEVEL_RANK.get(current, 0) < LEVEL_RANK.get(minimum, 0):
                if current == 'nothing':
                    flash('Please log in to continue.', 'error')
                    return redirect('/accountlogin')
                flash('You do not have permission to perform this action.', 'error')
                return redirect('/overview')
            return f(*args, **kwargs)
        return wrapper
    return decorator