You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Front page photo cycling in my opinion are to frequent and give a elementary feel to the underlying design. Implement a different pattern that will cycle less frequently.
Solution: Store admin level application settings and configs in a table. One of the columns will act as sort of a time marker. It will mark the last time the photo was cycled. There will be additional logic for the main route that compares a config value against that date value in the table and if it has passed the threshold, updates the photo.
Create the admin level app settings table
CREATETABLEapp_config (
id SERIALPRIMARY KEY,
last_refresh_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
fromappimportdbclassMember(db.Model):
...
role=db.Column(db.String(50), default='user') # Default role is 'user'
This table has an id column as the primary key and a last_refresh_date column to store the date and time of the last photo refresh. The last_refresh_date column is set to have a default value of the current timestamp.
Then add a route in the api blueprint to retrieve the last refresh date from the app_config table. To make this a private endpoint we will use a custom decorator that will restrict the end point to users with a admin role. This will also need to be added to the Member model.
Custom decorator
fromfunctoolsimportwrapsfromflaskimportrequest, abortfromflask_loginimportcurrent_userdefrestrict_access(func):
@wraps(func)defdecorated_function(*args, **kwargs):
# Define the user IDs or roles that are allowed to access the routeallowed_users=# define the rolesifcurrent_user.is_authenticatedandcurrent_user.idinallowed_users:
returnfunc(*args, **kwargs)
else:
abort(403) # Return a 403 Forbidden error if access is not allowedreturndecorated_function
Create the route in the api blueprint module
@api.route('/last-refresh-date', methods=['GET'])@restrict_accessdefget_last_refresh_date():
# Get the last refresh date from the app_config tableapp_config=AppConfig.query.first()
ifapp_config:
last_refresh_date=app_config.last_refresh_dateelse:
# If no record exists yet, return None or an appropriate default valuelast_refresh_date=Nonereturnjsonify({'last_refresh_date': last_refresh_date})
Make sure to update the allowed_users list in the restrict_access decorator with the appropriate user IDs or roles that should have access to the route. This will ensure that only the specified users or roles can access the API route, providing an extremely restrictive access pattern.
The final set of tasks are to document the role values, test the migration, and create a script for the infra store to add the admin members.
The text was updated successfully, but these errors were encountered:
Front page photo cycling in my opinion are to frequent and give a elementary feel to the underlying design. Implement a different pattern that will cycle less frequently.
Solution: Store admin level application settings and configs in a table. One of the columns will act as sort of a time marker. It will mark the last time the photo was cycled. There will be additional logic for the main route that compares a config value against that date value in the table and if it has passed the threshold, updates the photo.
Create the admin level app settings table
This table has an id column as the primary key and a last_refresh_date column to store the date and time of the last photo refresh. The last_refresh_date column is set to have a default value of the current timestamp.
Then add a route in the api blueprint to retrieve the last refresh date from the app_config table. To make this a private endpoint we will use a custom decorator that will restrict the end point to users with a admin role. This will also need to be added to the Member model.
Custom decorator
Create the route in the api blueprint module
Make sure to update the allowed_users list in the restrict_access decorator with the appropriate user IDs or roles that should have access to the route. This will ensure that only the specified users or roles can access the API route, providing an extremely restrictive access pattern.
The final set of tasks are to document the role values, test the migration, and create a script for the infra store to add the admin members.
The text was updated successfully, but these errors were encountered: