def delete(self): """Revokes the authorization if it exists. Response body: { 'topic': <full name of PubSub topic with AuthDB change notifications>, 'authorized': false, 'gs': { 'auth_db_gs_path': <same as auth_db_gs_path in SettingsCfg proto>, 'authorized': false } } """ try: pubsub.deauthorize_subscriber(self.caller_email()) gcs.deauthorize_reader(self.caller_email()) return self.send_response({ 'topic': pubsub.topic_name(), 'authorized': False, 'gs': { 'auth_db_gs_path': config.get_settings().auth_db_gs_path, 'authorized': False, }, }) except (gcs.Error, pubsub.Error) as e: self.abort_with_error(409, text=str(e))
def post(self): """Authorizes the caller to access AuthDB. In particular grants the caller "pubsub.subscriber" role on the AuthDB change notifications topic and adds the caller as Reader to the Google Storage object that contains AuthDB. Response body: { 'topic': <full name of PubSub topic with AuthDB change notifications>, 'authorized': true, 'gs': { 'auth_db_gs_path': <same as auth_db_gs_path in SettingsCfg proto>, 'authorized': true } } """ try: pubsub.authorize_subscriber(self.caller_email()) gcs.authorize_reader(self.caller_email()) return self.send_response({ 'topic': pubsub.topic_name(), 'authorized': True, 'gs': { 'auth_db_gs_path': config.get_settings().auth_db_gs_path, 'authorized': True, }, }) except (gcs.Error, pubsub.Error) as e: self.abort_with_error(409, text=str(e))
def get(self): """Queries whether the caller is authorized to access AuthDB already. Response body: { 'topic': <full name of PubSub topic with AuthDB change notifications>, 'authorized': <true if the caller is allowed to subscribe to it>, 'gs': { 'auth_db_gs_path': <same as auth_db_gs_path in SettingsCfg proto>, 'authorized': <true if the caller should be able to read GS files> } } """ try: return self.send_response({ 'topic': pubsub.topic_name(), 'authorized': pubsub.is_authorized_subscriber(self.caller_email()), 'gs': { 'auth_db_gs_path': config.get_settings().auth_db_gs_path, 'authorized': gcs.is_authorized_reader(self.caller_email()), }, }) except (gcs.Error, pubsub.Error) as e: self.abort_with_error(409, text=str(e))
def get(self): """Queries whether the caller is authorized to attach subscriptions already. Response body: { 'topic': <full name of PubSub topic with AuthDB change notifications>, 'authorized': <boolean> } """ try: return self.send_response({ 'topic': pubsub.topic_name(), 'authorized': pubsub.is_authorized_subscriber(self.subscriber_email()), }) except pubsub.Error as e: self.abort_with_error(409, text=str(e))
def delete(self): """Revokes authorization if it exists. Response body: { 'topic': <full name of PubSub topic with AuthDB change notifications>, 'authorized': false } """ try: pubsub.deauthorize_subscriber(self.subscriber_email()) return self.send_response({ 'topic': pubsub.topic_name(), 'authorized': False, }) except pubsub.Error as e: self.abort_with_error(409, text=str(e))
def post(self): """Grants caller "pubsub.subscriber" role on change notifications topic. Response body: { 'topic': <full name of PubSub topic with AuthDB change notifications>, 'authorized': true } """ try: pubsub.authorize_subscriber(self.subscriber_email()) return self.send_response({ 'topic': pubsub.topic_name(), 'authorized': True, }) except pubsub.Error as e: self.abort_with_error(409, text=str(e))