libb.group_required
- group_required(allowed_groups, *, session_accessor=None, on_forbidden=None)[source]
Decorator: 403 unless the session’s groups intersect allowed_groups.
A thin Flask wrapper over
authd()for group-set authorization. Group names are injected, never hardcoded; richer policies (a superuser override, per-row checks) compose by supplying a customon_forbiddenor wrapping the result.- Parameters:
allowed_groups – Iterable of group names; access needs a non-empty intersection with the session’s
groups.session_accessor – Callable returning the session mapping (defaults to Flask’s
session).on_forbidden – Callable(groups, allowed) returning the denied response; defaults to
flask.abort(403).
- Returns:
A view decorator.