Add decorator that requirers the logged in user to be an instructor
This commit is contained in:
@@ -1,3 +1,4 @@
|
||||
from functools import wraps
|
||||
from flask_login import login_required, login_user, logout_user
|
||||
from app.bp import bp
|
||||
from flask import jsonify, request
|
||||
@@ -20,6 +21,17 @@ def check_data(data, required_fields):
|
||||
return None
|
||||
|
||||
|
||||
def instructor_required(func):
|
||||
@wraps(func)
|
||||
def dec(*args, **kwargs):
|
||||
print(current_user)
|
||||
if current_user.role != "instructor":
|
||||
return error_response(400, "User is not instructor!")
|
||||
return func(*args, **kwargs)
|
||||
|
||||
return dec
|
||||
|
||||
|
||||
@bp.route("/login", methods=["POST"])
|
||||
def login_route():
|
||||
data = request.get_json()
|
||||
@@ -88,7 +100,9 @@ def create_course():
|
||||
|
||||
c = Course.query.filter_by(course_code=data["course_code"]).first()
|
||||
if c:
|
||||
return error_response(400, f"Course with course code {data['course_code']} already exists")
|
||||
return error_response(
|
||||
400, f"Course with course code {data['course_code']} already exists"
|
||||
)
|
||||
|
||||
if u.role != "instructor":
|
||||
return error_response(400, "User is not instructor")
|
||||
@@ -114,6 +128,7 @@ def get_courses(id):
|
||||
|
||||
@bp.route("/user/<int:uid>/enroll/<int:cid>", methods=["POST", "DELETE"])
|
||||
@login_required
|
||||
@instructor_required
|
||||
def enroll_student(uid, cid):
|
||||
u = User.query.get(uid)
|
||||
if not u:
|
||||
@@ -125,7 +140,9 @@ def enroll_student(uid, cid):
|
||||
|
||||
if request.method == "POST":
|
||||
if not u.enroll(c):
|
||||
return error_response(400, f"User {uid} is already enrolled in course {cid}")
|
||||
return error_response(
|
||||
400, f"User {uid} is already enrolled in course {cid}"
|
||||
)
|
||||
|
||||
elif request.method == "DELETE":
|
||||
if not u.unenroll(c):
|
||||
|
||||
Reference in New Issue
Block a user