Python AuthFailedException Examples

Programming Language: Python

Namespace/Package Name: iam.exceptions

Examples at hotexamples.com: 8

Python AuthFailedException - 8 examples found. These are the top rated real world Python examples of iam.exceptions.AuthFailedException extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

AuthFailedException(8)

perms_apply_data(1)

Example #1

Show file

def test_auth_failed_exception():
    gen_perms_apply_data = MagicMock(return_value="gen_perms_apply_data_token")
    with patch("iam.exceptions.gen_perms_apply_data", gen_perms_apply_data):
        abe = AuthFailedException("system", "subject", "action", ["resources"])
        data = abe.perms_apply_data()

    assert data == "gen_perms_apply_data_token"
    gen_perms_apply_data.assert_called_once_with(
        "system", "subject", [{
            "action": "action",
            "resources_list": [["resources"]]
        }])

Example #2

Show file

File: authorization.py Project: wklken/iam-python-sdk

    def create_detail(self, object_list, bundle):
        system = self.helper.system
        subject = self.helper.get_subject(bundle)
        action = Action(self.helper.create_action)
        resources = self.helper.get_create_detail_resources(bundle)

        request = Request(
            system,
            subject,
            action,
            resources,
            self.helper.get_create_detail_environment(bundle),
        )

        allowed = self.iam.is_allowed(request)
        logger.debug(
            "tastypie create_detail is_allowed request({}) result: {}".format(
                request.to_dict(), allowed))

        if not allowed:
            raise ImmediateHttpResponse(
                IAMAuthFailedResponse(
                    AuthFailedException(system, subject, action, resources)))

        return allowed

Example #3

Show file

File: shortcuts.py Project: wklken/iam-python-sdk

def allow_or_raise_immediate_response(iam, system, subject, action, resources, environment=None):
    request = Request(system, subject, action, resources, environment)

    allowed = iam.is_allowed(request)

    if not allowed:
        raise ImmediateHttpResponse(IAMAuthFailedResponse(AuthFailedException(system, subject, action, resources)))

    return

Example #4

Show file

File: admin.py Project: Tencent/bk-sops

    def process(self, request, *args, **kwargs):

        subject = Subject("user", request.user.username)
        action = Action(self.action)

        request = Request(IAMMeta.SYSTEM_ID, subject, action, [], {})
        allowed = iam.is_allowed(request)

        if not allowed:
            raise AuthFailedException(IAMMeta.SYSTEM_ID, subject, action, [])

Example #5

Show file

File: utils.py Project: Tencent/bk-sops

def iam_resource_auth_or_raise(username, action, resource_id=None, get_resource_func=None):
    iam = get_iam_client()
    action = Action(action)
    subject = Subject("user", username)
    resources = None
    if get_resource_func:
        resources = getattr(res_factory, get_resource_func)(resource_id)
    request = Request(IAMMeta.SYSTEM_ID, subject, action, resources or [], {})
    if not iam.is_allowed(request):
        raise AuthFailedException(IAMMeta.SYSTEM_ID, subject, action, resources or [])

Example #6

Show file

    def process(self, request, *args, **kwargs):
        task_id = self.get_task_id(request, *args, **kwargs)

        subject = Subject("user", request.user.username)
        action = Action(self.action)
        resources = res_factory.resources_for_task(task_id)

        request = Request(IAMMeta.SYSTEM_ID, subject, action, resources, {})
        allowed = iam.is_allowed_with_cache(request)

        if not allowed:
            raise AuthFailedException(IAMMeta.SYSTEM_ID, subject, action, resources)

Example #7

Show file

    def process(self, request, *args, **kwargs):
        template_id = request.GET.get("template_id")

        subject = Subject("user", request.user.username)
        action = Action(IAMMeta.FLOW_VIEW_ACTION)
        resources = res_factory.resources_for_flow(template_id)
        request = Request(IAMMeta.SYSTEM_ID, subject, action, resources, {})

        allowed = iam.is_allowed(request)

        if not allowed:
            raise AuthFailedException(IAMMeta.SYSTEM_ID, subject, action,
                                      resources)

Example #8

Show file

    def process(self, request, *args, **kwargs):
        project_id = kwargs["project_id"]
        templates_data = read_template_data_file(
            request.FILES["data_file"])["data"]["template_data"]
        request.FILES["data_file"].seek(0)
        override = string_to_boolean(request.POST["override"])

        check_info = TaskTemplate.objects.import_operation_check(
            templates_data, project_id)

        subject = Subject("user", request.user.username)

        create_action = Action(IAMMeta.FLOW_CREATE_ACTION)
        project_resources = res_factory.resources_for_project(project_id)
        create_request = Request(IAMMeta.SYSTEM_ID, subject, create_action,
                                 project_resources, {})

        # check flow create permission
        if not override:
            allowed = iam.is_allowed(create_request)

            if not allowed:
                raise AuthFailedException(IAMMeta.SYSTEM_ID, subject,
                                          create_action, project_resources)

        else:

            # check flow create permission
            if len(check_info["new_template"]) != len(
                    check_info["override_template"]):
                allowed = iam.is_allowed(create_request)

                if not allowed:
                    raise AuthFailedException(IAMMeta.SYSTEM_ID, subject,
                                              create_action, project_resources)

            # check flow edit permission
            if check_info["override_template"]:
                tids = [
                    template_info["id"]
                    for template_info in check_info["override_template"]
                ]

                resources_list = res_factory.resources_list_for_flows(tids)

                if not resources_list:
                    return

                resources_map = {}
                for resources in resources_list:
                    resources_map[resources[0].id] = resources

                edit_action = Action(IAMMeta.FLOW_EDIT_ACTION)
                edit_request = Request(IAMMeta.SYSTEM_ID, subject, edit_action,
                                       [], {})
                result = iam.batch_is_allowed(edit_request, resources_list)
                if not result:
                    raise MultiAuthFailedException(IAMMeta.SYSTEM_ID, subject,
                                                   edit_action, resources_list)

                not_allowed_list = []
                for tid, allow in result.items():
                    if not allow:
                        not_allowed_list.append(resources_map[tid])

                if not_allowed_list:
                    raise MultiAuthFailedException(IAMMeta.SYSTEM_ID, subject,
                                                   edit_action,
                                                   not_allowed_list)