flask_more_smorest.perms.base_perms_model

Base permission-aware model for Flask-More-Smorest.

Classes

BasePermsModel(**kwargs)

Base model with permission checking.

class flask_more_smorest.perms.base_perms_model.BasePermsModel(**kwargs)

Base model with permission checking.

perms_disabled

Disable permission checks (default: False)

Example

>>> class Article(BasePermsModel):
...     title: Mapped[str] = mapped_column(sa.String(200))
...     def _can_write(self, user) -> bool:
...         return user is not None and self.user_id == user.id

perms_disabled = False

__init__(**kwargs)

Initialize model after checking sub-fields can be created.

classmethod bypass_perms(cls)

Temporarily disable permission checking for this model class.

Example

>>> with Article.bypass_perms():
...     article.delete()  # No permission check

Return type:

Iterator[None]

can_write(user=None)

Check if current user has write permission.

Return type:

bool

can_read(user=None)

Check if current user has read permission.

Return type:

bool

can_create(user=None)

Check if current user can create objects.

Return type:

bool

save(commit=True)

Extend BaseModel save with permission checks.

Return type:

Self

delete(commit=True)

Extend BaseModel delete with permission checks.

Return type:

None

classmethod get_by(**kwargs)

Get resource by field values with permission check.

Return type:

Optional[Self]

Returns:

Instance if found and can_read() is True None if not found None if found but can_read() is False and RETURN_404_ON_ACCESS_DENIED is True

Raises:

ForbiddenError – If found but can_read() is False

check_create(val, _visited=None)

Recursively check that all BaseModel instances can be created.

Parameters:

• val (list | set | tuple | object) – Value or collection of values to check

• _visited (set[int] | None) – Internal set of visited object IDs to prevent infinite recursion

Raises:

ForbiddenError – If any nested object cannot be created

Return type:

None