def GetAccessByResources(self, request, context):
"""Returns members having access to the specified resource.
Args:
request (object): gRPC request.
context (object): gRPC context.
Yields:
object: Generator of proto message of access tuples by resource.
"""
reply = explain_pb2.Access()
if not self.is_supported:
yield self._set_not_supported_status(context, reply)
model_name = self._get_handle(context)
mapping = self.explainer.get_access_by_resources(
model_name,
request.resource_name,
request.permission_names,
request.expand_groups)
for role, members in mapping.iteritems():
access = explain_pb2.Access(
role=role, resource=request.resource_name, members=members)
yield access
def GetAccessByPermissions(self, request, context):
"""Returns stream of access based on permission/role.
Args:
request (object): grpc request.
context (object): grpc context.
Yields:
object: Generator for access tuples.
"""
reply = explain_pb2.Access()
if not self.is_supported:
yield self._set_not_supported_status(context, reply)
model_name = self._get_handle(context)
for role, resource, members in (
self.explainer.get_access_by_permissions(
model_name,
request.role_name,
request.permission_name,
request.expand_groups,
request.expand_resources)):
yield explain_pb2.Access(members=members,
role=role,
resource=resource)
def GetAccessByMembers(self, request, context):
"""Returns resources which can be accessed by the specified members.
Args:
request (object): gRPC request.
context (object): gRPC context.
Yields:
object: Generator of proto message of access tuples by members.
"""
reply = explain_pb2.Access()
if not self.is_supported:
yield self._set_not_supported_status(context, reply)
model_name = self._get_handle(context)
for role, resources in \
self.explainer.get_access_by_members(model_name,
request.member_name,
request.permission_names,
request.expand_resources):
access = explain_pb2.MemberAccess(role=role,
resources=resources,
member=request.member_name)
yield access