Search code examples
pythonflaskflask-sqlalchemyflask-loginflask-admin

Flask-admin how to remove the action for edit and delete record

I make a tuition payment app using Flask and using Flask-admin to managing the payment. There is three role in this app which is superuser, school admin and the parent who want to see their children tuition.

I know how to make the role for the superuser and the school admin, which is the superuser can create the school admin, and the school admin can add and edit or delete a student data.

so far, this my code for the school admin modelview:

class SchoolAdminModelView(sqla.ModelView):
    def is_accessible(self):
        if not current_user.is_active or not current_user.is_authenticated:
            return False
        if current_user.has_role('schooladmin'):
            return True
        return False
    def _handle_view(self, name, **kwargs):
        if not self.is_accessible():
            if current_user.is_authenticated:
                abort(403)
            else:
                return redirect(url_for('security.login', next=request.url))

But for the parent, I want the parent account just can see or read data without access to modify it.

Like this image below: enter image description here That is the school admin view, now for the parent account I want to remove the edit and delete icon or the feature is.

So, how to do that..?

Solution

  • According to the docs https://flask-admin.readthedocs.io/en/latest/api/mod_model/#flask.ext.admin.model.BaseModelView.can_create You can add attributes to a model like edit, delete, create. Just bind this to a specific role where needed.