Разграничение прав на использование разделов

App/checker.py

@@ -1,4 +1,4 @@
-from flask import redirect, url_for, session
+from flask import redirect, url_for, session, request, current_app
 from functools import wraps
 
 
@@ -8,4 +8,20 @@ def check_auth(func):
         if 'login' not in session:
             return redirect(url_for('auth_bp.auth'))
         return func(*args, **kwargs)
+    return wrapper
+
+
+def group_required(func):
+    @wraps(func)
+    def wrapper(*args, **kwargs):
+        if 'role' in session:
+            user_role = session.get('role')
+            user_request = request.endpoint
+            print('request_endpoint=', user_request)
+            user_bp = user_request.split('.')[0]
+            access = current_app.config['db_access']
+            if user_role in access and user_bp in access[user_role]:
+                return func(*args, **kwargs)
+            else:
+                return redirect(url_for('index'))
     return wrapper