用户表和角色表是多对多的关系,需要定义一个用于关系的中间表,对于这种表强烈建议不要使用模型,而采用一个实际的表:
roles_users = db.Table(
'roles_users',
db.Column('user_id', db.Integer,
db.ForeignKey('user.id')),
db.Column('role_id', db.Integer, db.ForeignKey('role.id')))
class Role(db.Model, RoleMixin):
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(255), unique=True)
permissions = db.Column(db.Integer, default=Permission.LOGIN)
description = db.Column(db.String(255))
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
email = db.Column(db.String(255), unique=True)
password = db.Column(db.String(255))
active = db.Column(db.Boolean())
confirmed_at = db.Column(db.DateTime())
roles = db.relationship('Role', secondary=roles_users,
backref=db.backref('users', lazy='dynamic'))
def can(self, permissions):
if self.roles is None:
return False
#获取用户所有权限
all_perms = reduce(or_, map(lambda x: x.permissions, self.roles))
return all_perms & permissions == permissions
def can_admin(self):
return self.can(Permission.ADMINISTER)