return tuple( [permission.permission_name for permission in db_permissions]) def _permissions(self, perm): if 'permissions' not in perm.data: if perm.groups is None: return () permissions = [] for group in perm.groups: permissions.extend( [p.permission_name for p in group.permissions]) perm.data['permissions'] = permissions return perm.data['permissions'] def permits(self, permission, perm, resource): if permission in self._permissions(perm): return True # there may be other policies still which can permit the access... return None def can_apply_access_restrictions_to_query(self, query, permission): return True def access_condition_for_query(self, query, permission, perm): if perm.contains_permission(permission): return True return None PermissionPolicies.register(GroupBasedPermissionsPolicy)
def _register_default_policy(self): PermissionPolicies.register(GroupBasedPermissionsPolicy)
def permissions(self): db_permissions = DBSession.query(Permission).all() return tuple([permission.permission_name for permission in db_permissions]) def _permissions(self, perm): if 'permissions' not in perm.data: if perm.groups is None: return () permissions = [] for group in perm.groups: permissions.extend([p.permission_name for p in group.permissions]) perm.data['permissions'] = permissions return perm.data['permissions'] def permits(self, permission, perm, resource): if permission in self._permissions(perm): return True # there may be other policies still which can permit the access... return None def can_apply_access_restrictions_to_query(self, query, permission): return True def access_condition_for_query(self, query, permission, perm): if perm.contains_permission(permission): return True return None PermissionPolicies.register(GroupBasedPermissionsPolicy)