29 lines
634 B
Python
29 lines
634 B
Python
"""Middleware for the API
|
|
|
|
for handling tenant requests
|
|
"""
|
|
|
|
from flask_security import current_user
|
|
from flask import session
|
|
|
|
from .database import Database
|
|
|
|
|
|
def mw_before_request():
|
|
"""Before request
|
|
|
|
switch tenant schema
|
|
"""
|
|
|
|
tenant_id = session['tenant']['id']
|
|
if not tenant_id:
|
|
return {"message": "You are not logged into any tenant"}, 403
|
|
|
|
# user = User.query.get(current_user.id)
|
|
if current_user.has_roles(['Super User']) or current_user.tenant_id == tenant_id:
|
|
Database(tenant_id).switch_schema()
|
|
else:
|
|
return {"message": "You are not a member of this tenant"}, 403
|
|
|
|
|