move socketio decorators

2025-10-14 02:31:58 +00:00 · 2024-05-04 14:55:05 +02:00
parent 882987ba68
commit e1cfd394fa
9 changed files with 44 additions and 70 deletions
--- a/app/decorators.py
+++ b/app/decorators.py
@@ -1,7 +1,6 @@
-from flask import abort, current_app, request
+from flask import abort, request
 from flask_login import current_user
 from functools import wraps
-from threading import Thread
 from typing import List, Union
 from werkzeug.exceptions import NotAcceptable
 from app.models import Permission
@@ -22,22 +21,28 @@ def admin_required(f):
    return permission_required(Permission.ADMINISTRATE)(f)


-def background(f):
-    '''
-    ' This decorator executes a function in a Thread.
-    ' Decorated functions need to be executed within a code block where an
-    ' app context exists.
-    '
-    ' NOTE: An app object is passed as a keyword argument to the decorated
-    '       function.
-    '''
+def socketio_login_required(f):
    @wraps(f)
-    def wrapped(*args, **kwargs):
-        kwargs['app'] = current_app._get_current_object()
-        thread = Thread(target=f, args=args, kwargs=kwargs)
-        thread.start()
-        return thread
-    return wrapped
+    def wrapper(*args, **kwargs):
+        if current_user.is_authenticated:
+            return f(*args, **kwargs)
+        return {'code': 401, 'body': 'Unauthorized'}
+    return wrapper
+
+
+def socketio_permission_required(permission):
+    def decorator(f):
+        @wraps(f)
+        def wrapper(*args, **kwargs):
+            if not current_user.can(permission):
+                return {'code': 403, 'body': 'Forbidden'}
+            return f(*args, **kwargs)
+        return wrapper
+    return decorator
+
+
+def socketio_admin_required(f):
+    return socketio_permission_required(Permission.ADMINISTRATE)(f)


 def content_negotiation(