Python CredentialBackend.create_pair Exemples

Exemple #1

Fichier : service.py Projet : plasmidhq/plasmid-python

    def render_POST(self, request):
        cred = CredentialBackend()
        body = json.load(request.content)
        db = self.hub.get_hub_database()
        # Post to /a/
        # Create a token
        if not self.token:
            access = body.get("access")
            secret = body.get("secret")
            if not access:
                if secret:
                    return {"error": "Can only specify secret with token"}
                access = random_token()
                secret = random_token()

            try:
                cred.create_pair(access, secret)
                existing = False
            except ValueError:
                existing = True

                change = cred.get_permission(self.access, "SetSecret", access)
                same = access == self.access
                if not (change or same):
                    return {"error": "Access token already exists"}
            else:
                signal.cred_create.send(access, secret, existing)

                get_perm = partial(cred.get_permission, self.access)
                set_perm = partial(cred.set_permission, self.access)

                dbname = None
                logging.info("Creating new credentials %s/****" % (access,))

                set_perm("SetSecret", access, "Yes")
                if get_perm("CreateGuest"):
                    if body.get("type") == "guest":
                        # Set up the new guest
                        dbname = get_perm("GuestDatabasePrefix") + access
                        quota = get_perm("GuestDatabaseQuota")

                        logging.info("Setting up guest credentials %s:" "dbname=%s quota=%s" % (access, dbname, quota))

                        set_new_perm = partial(cred.set_permission, access)
                        set_new_perm("CreateDatabase", dbname, "Yes")
                        set_new_perm("ReadDatabase", dbname, "Yes")
                        set_new_perm("WriteDatabase", dbname, "Yes")
                        set_new_perm("DatabaseQuota", dbname, quota)

                        signal.cred_guest_setup(access, dbname=dbname, setupby=self.access)

            return {"success": {"access": access, "secret": secret, "dbname": dbname}}
        # Post to /a/TOKEN
        # Add permission
        else:
            permission = body["permission"]
            resource = body["resource"]
            value = body["value"]

            if value is None:
                return {"error": "Permission must have a value"}

            god = cred.get_permission(self.access, "*", "*") == "*"
            perm = cred.get_permission(self.access, permission, resource)
            if perm is None and not god:
                return {"error": "Must have a permission to grant it."}
            else:
                cred.set_permission(self.token, permission, resource, value)
                return {
                    "success": {"access": self.token, "permission": permission, "resource": resource, "value": value}
                }