实现此目的的一种方法是创建多个视图类,并针对它们的适当角色注册这些视图类。有关如何将角色注册到视图的信息
例如,假设我们有一个实现Flask-Security mixin的用户表,并且我们希望角色“ admin”能够读取/设置活动字段,而希望任何具有角色“ user”的人都看不到该字段。该类AdminView
在参考答案中定义。
class AdminUserView(AdminView):
column_list = ['first_name', 'last_name', 'email', 'roles', 'active']
form_columns = ['first_name', 'last_name', 'email', 'active', 'roles']
# Other common functionality here
class UserView(AdminUserView):
# Just redefine the columns that can be seen/edited
column_list = ['first_name', 'last_name', 'email', 'roles']
form_columns = ['first_name', 'last_name', 'email', 'roles']
# register your views and remember to set a unique endpoint as we are using the same model in multiple views
admin.add_view(AdminUserView(model=User, session=db.session, category="Accounts", name="Users", endpoint="users_admin", roles_accepted=["admin"]))
admin.add_view(UserView(model=User, session=db.session, category="Accounts", name="Users", endpoint="users_user", roles_accepted=["user"]))