Add access control for non-admin users

(cherry picked from commit 6e5b704)
2025-07-03 04:37:46 +00:00 · 2017-10-20 12:53:03 +02:00
parent b6ed658cbd
commit 9a4021d5e5
2 changed files with 49 additions and 28 deletions
--- a/app/models.py
+++ b/app/models.py
@ -314,6 +314,13 @@ class User(db.Model):
            user_domains.append(q[2])
        return user_domains

+    def can_access_domain(self, domain_name):
+        if self.role.name == "Administrator":
+            return True
+
+        query = self.get_domain_query().filter(Domain.name == domain_name)
+        return query.count() >= 1
+
    def delete(self):
        """
        Delete a user