OperationCode
diff --git a/‎app/admin.py‎
Lines changed: 27 additions & 7 deletions b/‎app/admin.py‎
Lines changed: 27 additions & 7 deletions
diff --git a/‎app/models.py‎
Lines changed: 40 additions & 0 deletions b/‎app/models.py‎
Lines changed: 40 additions & 0 deletions
diff --git a/‎configs.py‎
Lines changed: 7 additions & 0 deletions b/‎configs.py‎
Lines changed: 7 additions & 0 deletions
@@ -1,12 +1,32 @@
-from flask_admin import Admin
+from flask_admin import Admin, AdminIndexView
 from flask_admin.contrib.sqla import ModelView
-
+from flask import Flask, url_for, redirect, render_template, request, abort
 from app import db
-from .models import Resource, Category, Language
+from .models import Resource, Category, Language, User, Role
+from flask_security import current_user
+
+
+class AdminView(ModelView):
+    def is_accessible(self):
+        return current_user.has_role("admin")
+    
+    def inaccessible_callback(self):
+        return redirect(url_for("security.login", next=request.url))
+
+class HomeAdminView(AdminIndexView):
+    def is_accessible(self):
+        return current_user.has_role("admin")
+    
+    def inaccessible_callback(self, name):
+        return redirect(url_for("security.login", next=request.url))
 
 
 def run_flask_admin(app):
-    admin = Admin(app, name="Admin")
-    admin.add_view(ModelView(Resource, db.session))
-    admin.add_view(ModelView(Category, db.session))
-    admin.add_view(ModelView(Language, db.session))
+    admin = Admin(app, name="Resources_api", url='/', index_view=HomeAdminView(name="Home"))
+    admin.add_view(AdminView(Role, db.session))
+    admin.add_view(AdminView(User, db.session))
+    admin.add_view(AdminView(Resource, db.session))
+    admin.add_view(AdminView(Category, db.session))
+    admin.add_view(AdminView(Language, db.session))
+    return admin
+
@@ -2,6 +2,7 @@
 from sqlalchemy import DateTime
 from sqlalchemy.sql import func
 from sqlalchemy_utils import URLType
+from flask_security import RoleMixin, UserMixin
 
 language_identifier = db.Table('language_identifier',
                                db.Column(
@@ -203,3 +204,42 @@ class VoteInformation(db.Model):
     current_direction = db.Column(db.String, nullable=False)
     resource = db.relationship('Resource', back_populates='voters')
     voter = db.relationship('Key', back_populates='voted_resources')
+
+
+roles_users = db.Table(
+    'roles_users',
+    db.Column('user_id', db.Integer(), db.ForeignKey('user.id')),
+    db.Column('role_id', db.Integer(), db.ForeignKey('role.id'))
+)
+
+
+# Role class
+class Role(db.Model, RoleMixin):
+    # Our Role has three fields, ID, name and description
+    id = db.Column(db.Integer(), primary_key=True)
+    name = db.Column(db.String(80), unique=True)
+    description = db.Column(db.String(255))
+
+    def __str__(self):
+        return self.name
+
+    # __hash__ is required to avoid the exception TypeError: unhashable type: 'Role' when saving a User
+    def __hash__(self):
+        return hash(self.name)
+
+
+# User class
+class User(db.Model, UserMixin):
+
+    # Our User has six fields: ID, email, password, active, confirmed_at and roles. The roles field represents a
+    # many-to-many relationship using the roles_users table. Each user may have no role, one role, or multiple roles.
+    id = db.Column(db.Integer, primary_key=True)
+    email = db.Column(db.String(255), unique=True)
+    password = db.Column(db.String(255))
+    active = db.Column(db.Boolean())
+    confirmed_at = db.Column(db.DateTime())
+    roles = db.relationship(
+        'Role',
+        secondary=roles_users,
+        backref=db.backref('users', lazy='dynamic')
+    )
@@ -45,6 +45,13 @@ class Config:
 
     SQLALCHEMY_DATABASE_URI = f"postgresql://{pg_user}:{pg_pw}@{pg_host}:5432/{pg_db}"
 
+    SECRET_KEY = os.urandom(24)
+    # Set config values for Flask-Security.
+    # We're using PBKDF2 with salt.
+    SECURITY_PASSWORD_HASH = 'pbkdf2_sha512'
+    # Replace this with your own salt.
+    SECURITY_PASSWORD_SALT = os.urandom(140)
+
     ALGOLIA_APP_ID = algolia_app_id
     ALGOLIA_API_KEY = algolia_api_key
     INDEX_NAME = index_name