def authorized_for(user, op):
    if user[1] == 'admin':
        return True
    else:
        return False

def forbidden():
    print('forbidden!')

def check_authorized(operation):
    def decorator(func):
        def wrapped(user_id, user_role):
            if authorized_for((user_id, user_role), operation):
                return func(user_id, user_role)
            else:
                return forbidden()
        return wrapped
    return decorator

@check_authorized('top_secret_operation')
def test_route(user_id, user_role):
    print('authorized for test_route')

test_route('234234', 'admin')
test_route('123124', 'notadmin')

"""
output:

authorized for test_route
forbidden!
"""