From 8f960cf359044fc3e20cacae5dec5e02d943b38b Mon Sep 17 00:00:00 2001 From: Patrick Jentsch Date: Thu, 11 Apr 2024 15:46:58 +0200 Subject: [PATCH] explicitly set permissions to false for anonymous users --- app/models/__init__.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/app/models/__init__.py b/app/models/__init__.py index 26f85217..b1001355 100644 --- a/app/models/__init__.py +++ b/app/models/__init__.py @@ -1,4 +1,5 @@ from enum import Enum +from flask_login import AnonymousUserMixin from app import db, login, mail, socketio from app.email import create_message from .avatar import * @@ -141,6 +142,16 @@ def job_after_update_handler(mapper, connection, job): mail.send(msg) +class AnonymousUser(AnonymousUserMixin): + def can(self, permissions): + return False + + @property + def is_administrator(self): + return False + +login.anonymous_user = AnonymousUser + @login.user_loader def load_user(user_id):