Python GroupMetadataPermissionPolicy 예제들

프로그래밍 언어: Python

네임스페이스/패키지 이름: geofront.remote

hotexamples.com에서의 예제들: 3

Python GroupMetadataPermissionPolicy - 3개의 예제가 발견되었습니다. 이것들은 오픈소스 프로젝트에서 추출된 Python의 geofront.remote.GroupMetadataPermissionPolicy에 대한 실세계 최고 등급의 예제들입니다. 예제들을 평가하여 예제의 품질 향상에 도움을 줄 수 있습니다.

자주 사용되는 메소드들

보기 숨기기

GroupMetadataPermissionPolicy(2)

filter(1)

permit(1)

예제 #1

파일 보기

파일: remote_test.py 프로젝트: xymz/geofront

def test_group_metadata_permission_policy(key, separator):
    sep = separator or ' '
    remotes = {
        'web-1': Remote(
            'ubuntu', '192.168.0.5',
            metadata={key: sep.join(['web', 'a']), 'other': 'ignore'}
        ),
        'web-2': Remote(
            'ubuntu', '192.168.0.6',
            metadata={key: sep.join(['web', 'b']), 'other': 'ignore'}
        ),
        'web-3': Remote(
            'ubuntu', '192.168.0.7',
            metadata={key: sep.join(['web', 'c']), 'other': 'ignore'}
        ),
        'worker-1': Remote(
            'ubuntu', '192.168.0.25',
            metadata={key: sep.join(['worker', 'a']), 'other': 'ignore'}
        ),
        'worker-2': Remote(
            'ubuntu', '192.168.0.26',
            metadata={key: sep.join(['worker', 'b']), 'other': 'ignore'}
        ),
        'db-1': Remote(
            'ubuntu', '192.168.0.50',
            metadata={key: sep.join(['db', 'a']), 'other': 'ignore'}
        ),
        'db-2': Remote(
            'ubuntu', '192.168.0.51',
            metadata={key: sep.join(['db', 'b']), 'other': 'ignore'}
        )
    }

    def subset(*keys):
        return {a: r for a, r in remotes.items() if a in keys}
    p = GroupMetadataPermissionPolicy(key, separator)
    identity = Identity(DummyTeam, 1)
    assert (p.filter(remotes, identity, {'web', 'a'}) ==
            subset('web-1', 'web-2', 'web-3', 'worker-1', 'db-1'))
    assert (p.filter(remotes, identity, {'db', 'c'}) ==
            subset('web-3', 'worker-3', 'db-1', 'db-2'))
    assert p.permit(remotes['db-1'], identity, {'web', 'a'})
    assert not p.permit(remotes['db-1'], identity, {'web', 'b'})
    assert p.permit(remotes['db-1'], identity, {'db', 'a'})
    assert p.permit(remotes['db-1'], identity, {'db', 'b'})

예제 #2

파일 보기

파일: remote_test.py 프로젝트: SettUK/geofront

def test_group_metadata_permission_policy(key, separator):
    sep = separator or ' '
    remotes = {
        'web-1': Remote(
            'ubuntu', '192.168.0.5',
            metadata={key: sep.join(['web', 'a']), 'other': 'ignore'}
        ),
        'web-2': Remote(
            'ubuntu', '192.168.0.6',
            metadata={key: sep.join(['web', 'b']), 'other': 'ignore'}
        ),
        'web-3': Remote(
            'ubuntu', '192.168.0.7',
            metadata={key: sep.join(['web', 'c']), 'other': 'ignore'}
        ),
        'worker-1': Remote(
            'ubuntu', '192.168.0.25',
            metadata={key: sep.join(['worker', 'a']), 'other': 'ignore'}
        ),
        'worker-2': Remote(
            'ubuntu', '192.168.0.26',
            metadata={key: sep.join(['worker', 'b']), 'other': 'ignore'}
        ),
        'db-1': Remote(
            'ubuntu', '192.168.0.50',
            metadata={key: sep.join(['db', 'a']), 'other': 'ignore'}
        ),
        'db-2': Remote(
            'ubuntu', '192.168.0.51',
            metadata={key: sep.join(['db', 'b']), 'other': 'ignore'}
        )
    }

    def subset(*keys):
        return {a: r for a, r in remotes.items() if a in keys}
    p = GroupMetadataPermissionPolicy(key, separator)
    identity = Identity(DummyTeam, 1)
    assert (p.filter(remotes, identity, {'web', 'a'}) ==
            subset('web-1', 'web-2', 'web-3', 'worker-1', 'db-1'))
    assert (p.filter(remotes, identity, {'db', 'c'}) ==
            subset('web-3', 'worker-3', 'db-1', 'db-2'))
    assert p.permit(remotes['db-1'], identity, {'web', 'a'})
    assert not p.permit(remotes['db-1'], identity, {'web', 'b'})
    assert p.permit(remotes['db-1'], identity, {'db', 'a'})
    assert p.permit(remotes['db-1'], identity, {'db', 'b'})

예제 #3

파일 보기

# but you'll get the list dynamically from EC2 API.  Assume our all
# AMIs are Amazon Linux, so the usernames are always ec2-user.
# If you're using Ubuntu AMIs it should be ubuntu instead.
from geofront.backends.cloud import CloudRemoteSet
from libcloud.compute.types import Provider
from libcloud.compute.providers import get_driver

driver_cls = get_driver(Provider.EC2)
driver = driver_cls('aws access id', 'aws secret key', region='uest-east-1')
REMOTE_SET = CloudRemoteSet(driver, user='******')

# Suppose your team is divided by several subgroups, and these subgroups are
# represented in teams of the GitHub organization.  So you can control
# who can access each remote by specifying allowed groups to its metadata.
# CloudRemoteSet which is used for above REMOTE_SET exposes each EC2 instance's
# metadata as it has.  We suppose every EC2 instance has Allowed-Groups
# metadata key and its value is space-separated list of group slugs.
# The following settings will allow only members who belong to corresponding
# groups to access.
from geofront.remote import GroupMetadataPermissionPolicy

PERMISSION_POLICY = GroupMetadataPermissionPolicy('Allowed-Groups')

# Geofront provisions access tokens (or you can think them as sessions)
# for Geofront clients.  Assume you already have a Redis server running
# on the same host.  We'd store tokens to the db 0 on that Redis server
# in the example.
from werkzeug.contrib.cache import RedisCache

TOKEN_STORE = RedisCache(host='localhost', db=0)