Flask-Admin can_create = True only for a given user

https://stackoverflow.com/questions/17137601

31-05-2022
|

Question

I am using Flask-Admin in conjunction with Flask-Login and mongoengine.

I wish to customize views depending on users. Hereafter, an example with can_create, that allows model creation.

class MyModelView(ModelView):
    column_exclude_list = ['password']
    def is_accessible(self):
        if (login.current_user.login != 'admin'):
            can_create=False
        return login.current_user.is_authenticated()

Such a piece of code has no effect: all users can still create, no difference between admin and non-admin users.

Thanks a lot for any hint on how it's possible to allow model creation only to a given user.

Solution

Look like that you just created local variable can_create, so you can try self.can_create = False. But flask-admin create one instance of View and this can be problems with concurrency. However better separate logic for checking accessibility and changing view state. So probably better use next code:

class MyModelView(ModelView):
    column_exclude_list = ['password']

    def is_accessible(self):
        return login.current_user.is_authenticated()

    @property
    def can_create(self):
        return login.current_user.login == 'admin'

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow