Coverage for app/security/secure_index

1"""

2This module implements a secure admin index view for Flask-Admin.

4It restricts access to authorized users with the 'admin' role, rendering a custom template for

5the admin home page while ensuring unauthorized access results in a 403 error.

6"""

7from flask import abort

8from flask_admin import expose, AdminIndexView

9from flask_security import current_user

12class SecureAdminIndexView(AdminIndexView):

13 """

14 Represents a secure admin index view for handling the admin interface with

15 authentication and role-based access controls.

17 This custom admin index view enforces that only authenticated users with the

18 'admin' role can access the associated admin interface. Unauthorized access

19 attempts result in a 403 Forbidden error. The class is built upon Flask Admin

20 AdminIndexView and allows customization of endpoints, URLs, and templates.

21 """

22 # noinspection PyMethodOverriding

23 # pylint: disable=too-many-arguments,too-many-positional-arguments

24 def __init__(self, name=None,

25 endpoint=None, url=None,

26 template='admin/booklist_index.html',

27 menu_class_name=None,

28 menu_icon_type=None,

29 menu_icon_value=None):

30 super().__init__(

31 name=name,

32 endpoint=endpoint,

33 url=url,

34 template=template,

35 menu_class_name=menu_class_name,

36 menu_icon_type=menu_icon_type,

37 menu_icon_value=menu_icon_value)

39 @expose('/')

40 def index(self):

41 # Check if user is authenticated

42 if not current_user.is_authenticated: # Still require authentication

43 abort(403)

44 return self.render("admin/booklist_index.html")

Coverage for app / security / secure_index_view.py: 62%