'How to Create roles and assign permissions for table to those roles in flask-sqlalchemy

I am doing a project in Flask. I am using sqlalchemy to work with database. I want to create the following roles and assign permissions to that roles as given below.

Roles : Student, Teacher, HOD, Admin

Peremissions :

  1. Student can only insert into and select from table1. Should not be able to update any column of table1.
  2. Teacher should have the permissions to insert, select, delete and update on table1.
  3. HOD also have similar permissions as teacher.
  4. By default when a user register, role of user will be 'Student'. Only admin should have the ability to change the role of a user.

How to impliment these role and permissions ? Or without assigning these permissions is ther e a way to handle this ? Can someone help ?

How to

flask-sqlalchemy


Solution 1:[1]

This post may help.

Implementing Flask-Login with multiple User Classes

To my understanding, flask-login is actively maintained which is a good start for using any flask extension.

Based on what you're trying to solve, you could include a role property to the classes. Then on the API side of things, you could add a decorator for each route that requires different authorization levels. A decorator is kind of like a middleware that gets invoked before function at the route gets invoked.

Hope this helps!

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 jeff

Related Questions

How to wire up migrations in Flask with declarative base?

scoped_session(sessionmaker()) or plain sessionmaker() in sqlalchemy?

SQLAlchemy ORM conversion to pandas DataFrame

SQLAlchemy ORM conversion to pandas DataFrame

How to use factory boy to test SQLalchemy association-object models?

flask-sqlalchemy or sqlalchemy

CommandError: Can't locate revision identified by '...' when migrating using Flask-Migrate

I want the dropdown choice to be the one registered in my database with Flask

sqlalchemy.exc.ArgumentError: Could not parse rfc1738 URL from string

Best way to check if database already exists with flask-sqlalchemy, otherwise create

APScheduler RuntimeError: No application found

How to create generated column in Flask-SQLAlchemy?

Flask_SQLAlchemy is claiming my value is not boolean?

flask-sqlalchemy delete query failing with "Could not evaluate current criteria in Python"

AttributeError: module 'sqlalchemy' has no attribute 'NullType'