实现此目的的一种方法是创建多个视图类,并针对它们的适当角色注册这些视图类。有关如何将角色注册到视图的信息
例如,假设我们有一个实现Flask-Security mixin的用户表,并且我们希望角色“ admin”能够读取/设置活动字段,而希望任何具有角色“
user”的人都看不到该字段。该类
AdminView在参考答案中定义。
class AdminUserView(AdminView): column_list = ['first_name', 'last_name', 'email', 'roles', 'active'] form_columns = ['first_name', 'last_name', 'email', 'active', 'roles'] # Other common functionality hereclass UserView(AdminUserView): # Just redefine the columns that can be seen/edited column_list = ['first_name', 'last_name', 'email', 'roles'] form_columns = ['first_name', 'last_name', 'email', 'roles']# register your views and remember to set a unique endpoint as we are using the same model in multiple viewsadmin.add_view(AdminUserView(model=User, session=db.session, category="Accounts", name="Users", endpoint="users_admin", roles_accepted=["admin"]))admin.add_view(UserView(model=User, session=db.session, category="Accounts", name="Users", endpoint="users_user", roles_accepted=["user"]))
