def get_access_policy(self) -> AccessPolicy: """ Returns or creates the access policy for the system metadata. :return: The access policy """ if not self.access_policy: self.access_policy = dataoneTypes.accessPolicy() public_access_rule = dataoneTypes.AccessRule() public_access_rule.subject.append(d1_const.SUBJECT_PUBLIC) permission = dataoneTypes.Permission( dataoneTypes.Permission('read')) public_access_rule.permission.append(permission) self.access_policy.append(public_access_rule) admin_access_rule = dataoneTypes.AccessRule() admin_access_rule.subject.append( "CN=knb-data-admins,DC=dataone,DC=org") admin_access_rule.permission.append( dataoneTypes.Permission('write')) admin_access_rule.permission.append(permission) self.access_policy.append(admin_access_rule) return self.access_policy
def create_access_policy(self, subjects): ap = dataoneTypes.AccessPolicy() ar = dataoneTypes.AccessRule() ar.subject = subjects ar.permission = ['changePermission'] ap.allow.append(ar) return ap
def generate_public_access_policy(): accessPolicy = dataoneTypes.accessPolicy() accessRule = dataoneTypes.AccessRule() accessRule.subject.append(d1_common.const.SUBJECT_PUBLIC) permission = dataoneTypes.Permission('read') accessRule.permission.append(permission) accessPolicy.append(accessRule) return accessPolicy
def _create_access_policy_pyxb_object(self, operation): acl = operation['parameters']['allow'] if not len(acl): return None access_policy = dataoneTypes.accessPolicy() for s, p in acl: access_rule = dataoneTypes.AccessRule() access_rule.subject.append(s) permission = dataoneTypes.Permission(p) access_rule.permission.append(permission) access_policy.append(access_rule) return access_policy
def generate_public_access_policy(): """ Creates the access policy for the system metadata. Note that the permission is set to 'read'. :return: The access policy :rtype: d1_common.types.generated.dataoneTypes_v1.AccessPolicy """ access_policy = dataoneTypes.accessPolicy() access_rule = dataoneTypes.AccessRule() access_rule.subject.append(d1_const.SUBJECT_PUBLIC) permission = dataoneTypes.Permission('read') access_rule.permission.append(permission) access_policy.append(access_rule) return access_policy
oopts['rightsHolder'] = options.submitter else: oopts['rightsHolder'] = options.rightsHolder oopts['originMemberNode'] = options.originMemberNode oopts['authoritativeMemberNode'] = options.originMemberNode defrepl = dataoneTypes.ReplicationPolicy() if options.numberReplicas == 0: defrepl.replicationAllowed = False else: defrepl.replicationAllowed = True defrepl.numberReplicas = options.numberReplicas oopts['replicationPolicy'] = defrepl defap = dataoneTypes.AccessPolicy() ar = dataoneTypes.AccessRule() ar.permission = [ dataoneTypes.Permission.read, ] ar.subject = [ "public", ] defap.allow = [ ar, ] ar = dataoneTypes.AccessRule() ar.permission = [ dataoneTypes.Permission.write, ] ar.subject = [ oopts['submitter'],