def __init__(self):
"""Initializes the manager by reading the config file."""
self.routers = []
self.auth_manager = auth_manager.AuthorizationManager()
self.default_router = self._CreateRouter(
config.CONFIG["API.DefaultRouter"])
if config.CONFIG["API.RouterACLConfigFile"]:
logging.info("Using API router ACL config file: %s",
config.CONFIG["API.RouterACLConfigFile"])
with open(config.CONFIG["API.RouterACLConfigFile"],
mode="rb") as fh:
acl_list = APIAuthorization.ParseYAMLAuthorizationsList(
fh.read())
if not acl_list:
raise InvalidAPIAuthorization("No entries added from "
"RouterACLConfigFile.")
for index, acl in enumerate(acl_list):
router = self._CreateRouter(acl.router,
params=acl.router_params)
self.routers.append(router)
router_id = str(index)
self.auth_manager.DenyAll(router_id)
for group in acl.groups:
self.auth_manager.AuthorizeGroup(group, router_id)
for user in acl.users:
self.auth_manager.AuthorizeUser(user, router_id)
def __init__(self, acl_list: Iterable[APIAuthorization],
default_router_cls: Type[api_call_router.ApiCallRouter]):
"""Initializes the manager by reading the config file."""
precondition.AssertIterableType(acl_list, APIAuthorization)
self.routers = []
self.auth_manager = auth_manager.AuthorizationManager()
self.default_router = self._CreateRouter(default_router_cls)
for index, acl in enumerate(acl_list):
router = self._CreateRouter(acl.router_cls, params=acl.router_params)
self.routers.append(router)
router_id = str(index)
self.auth_manager.DenyAll(router_id)
for group in acl.groups:
self.auth_manager.AuthorizeGroup(group, router_id)
for user in acl.users:
self.auth_manager.AuthorizeUser(user, router_id)
def setUp(self):
super().setUp()
self.group_access_manager = groups.NoGroupAccess()
self.auth_manager = auth_manager.AuthorizationManager(
group_access_manager=self.group_access_manager)
