Combine RoleNeed with a Flask

Question

Combine RoleNeed with a Flask

I am trying to create a permission that requires the user to have role A or role B.

According to the Python Principal Documentation , the following line creates a permission that requires the user to have role A and roleB.

combined_permission = Permission(RoleNeed('roleA'), RoleNeed('roleB'))

Do you know how to create permission based on OR instead of AND?

+4

python flask permissions acl

Derek Apr 7 '15 at 20:06

source share

1 answer

Sean Vieira · Accepted Answer · 2015-04-08T01:19:49+0000

As at present, the needs of the combined permission are checked using OR. Quoting from the documentation :

flask_principal. (* needs)
,

AND Permission allows, , :

class RequiresAll(Permission):
    def allows(self, identity):
        if not has_all(self.needs, identity.provides):
            return False

        if self.excludes and self.excludes.intersection(identity.provides):
            return False

        return True

def has_all(needed=None, provided=None):
    if needed is None:
        return True

    if provided is None:
        provided = set()

    shared = needed.intersection(provided)
    return shared == needed

Combine RoleNeed with a Flask

More articles: