コード例 #1
0
 def permissions(self, store: BaseAccessStore):
     return get_all(
         store=store,
         principal=self.principal,
         principal_type=self.principal_type,
         granted_type="permission",
     )
コード例 #2
0
 def groups(self, store: BaseAccessStore):
     return get_all(
         store=store,
         principal=self.principal,
         principal_type=self.principal_type,
         granted_type="group",
     )
コード例 #3
0
 def users(self, store: BaseAccessStore):
     return get_all(
         store=store,
         principal_type=user,
         granted=self.granted,
         granted_type=self.granted_type,
     )
コード例 #4
0
def permissions(store: BaseAccessStore, name: str) -> list:
    """
    get all the permissions to which the group has access
    
    first, get all the groups that it can access
    then, get the list of permissions those granted collectively to those groups
    """
    this_group_permissions = get_all(
        store, Args(name, "group", granted_type="permission"))

    groups = inherits(store, name)
    permissions = []
    for gname in groups:
        gpermissions = get_all(store,
                               Args(gname, "group", granted_type="permission"))
        permissions.extend(gpermissions)
    permissions = list(set([*permissions, *this_group_permissions]))
    return permissions
コード例 #5
0
def permissions(store: BaseAccessStore, user_id: str) -> list:
    """
    get all the direct and indirect user-permission relationships for this user
    
    first, get the relationships in which a group is granted to this user
    follow the group inheritance chain to get all the associated group-group relationships
    then, combine the user's direct permissions with each group's granted permissions
    return that combined list
    """
    user_permissions = get_all(
        store, Args(user_id, "user", granted_type="permission"))
    user_groups = get_all(store, Args(user_id, "user", granted_type="group"))

    group_permissions = []
    for gname in user_groups:
        this_group_permissions = get_all(
            store, Args(gname, "group", granted_type="permission"))
        group_permissions.extend(this_group_permissions)
    all_user_permissions = list(set([*user_permissions, *group_permissions]))
    return all_user_permissions
コード例 #6
0
def groups(store: BaseAccessStore, user_id: str) -> list:
    """get all the user-group relationships"""
    args = Args(principal=user_id, principal_type="user", granted_type="group")
    this_user_groups = get_all(store, args)

    # recursively follow each group's inheritance trail
    # add each group's trail to the user's list of groups
    for gname in this_user_groups:
        this_group_inherits = group.inherits(store, gname)
        this_user_groups.extend(this_group_inherits)

    # return a unique list of groups
    return list(set(this_user_groups))