feat: log

2025-11-24 21:04:58 +08:00
parent ae208d6b39
commit c9e11c4bd1
8 changed files with 180 additions and 156 deletions
--- a/app/decorators.py
+++ b/app/decorators.py
@@ -1,27 +1,26 @@
+"""权限装饰器"""
 from functools import wraps
 from flask import abort
 from flask_login import current_user

 def admin_required(f):
+    """仅管理员可访问"""
    @wraps(f)
    def decorated_function(*args, **kwargs):
        if not current_user.is_authenticated or current_user.role != 'admin':
-            abort(403) # HTTP 403 Forbidden error
+            abort(403)
        return f(*args, **kwargs)
    return decorated_function

-# === 修正后的通用权限装饰器 ===
 def permission_required(*roles):
+    """指定角色可访问"""
    def decorator(f):
        @wraps(f)
        def decorated_function(*args, **kwargs):
            if not current_user.is_authenticated:
-                abort(401) # Unauthorized
+                abort(401)
            if current_user.role not in roles:
-                abort(403) # Forbidden
+                abort(403)
            return f(*args, **kwargs)
-        
-        # 正确的返回：返回包含了权限检查逻辑的包装函数
-        return decorated_function # <--- 已修正
-        
+        return decorated_function
    return decorator