init

app/decorators.py

@@ -0,0 +1,27 @@
+from functools import wraps
+from flask import abort
+from flask_login import current_user
+
+def admin_required(f):
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if not current_user.is_authenticated or current_user.role != 'admin':
+            abort(403) # HTTP 403 Forbidden error
+        return f(*args, **kwargs)
+    return decorated_function
+
+# === 修正后的通用权限装饰器 ===
+def permission_required(*roles):
+    def decorator(f):
+        @wraps(f)
+        def decorated_function(*args, **kwargs):
+            if not current_user.is_authenticated:
+                abort(401) # Unauthorized
+            if current_user.role not in roles:
+                abort(403) # Forbidden
+            return f(*args, **kwargs)
+        
+        # 正确的返回：返回包含了权限检查逻辑的包装函数
+        return decorated_function # <--- 已修正
+        
+    return decorator