Пример #1
0
def has_permission(issuer, action, kwargs):
    """
    Checks if an account has the specified permission to
    execute an action with parameters.

    :param issuer: The Account issuer.
    :param action: The action (API call) called by the account.
    :param kwargs: List of arguments for the action.
    :returns: True if account is allowed to call the API call, otherwise False
    """
    return permission.has_permission(issuer=issuer, action=action, kwargs=kwargs)
Пример #2
0
def has_permission(issuer, action, kwargs):
    """
    Checks if an account has the specified permission to
    execute an action with parameters.

    :param issuer: The Account issuer.
    :param action: The action (API call) called by the account.
    :param kwargs: List of arguments for the action.
    :returns: True if account is allowed to call the API call, otherwise False
    """
    return permission.has_permission(issuer=issuer,
                                     action=action,
                                     kwargs=kwargs)
Пример #3
0
def has_permission(issuer, action, kwargs, vo='def', session=None):
    """
    Checks if an account has the specified permission to
    execute an action with parameters.

    :param issuer:  The Account issuer.
    :param vo:      The VO to check against.
    :param action:  The action (API call) called by the account.
    :param session: The db session to use
    :param kwargs:  List of arguments for the action.
    :returns: True if account is allowed to call the API call, otherwise False
    """

    kwargs = deepcopy(kwargs)
    if 'rse' in kwargs and 'rse_id' not in kwargs:
        try:
            rse_id = get_rse_id(rse=kwargs.get('rse'), vo=vo, session=session)
        except RSENotFound:
            rse_id = None
        kwargs.update({'rse_id': rse_id})

    if 'scope' in kwargs:
        kwargs['scope'] = InternalScope(kwargs['scope'], vo=vo)
    if 'attachments' in kwargs:
        for a in kwargs['attachments']:
            a['scope'] = InternalScope(a['scope'], vo=vo)

    if 'account' in kwargs:
        kwargs['account'] = InternalAccount(kwargs['account'], vo=vo)
    if 'accounts' in kwargs:
        kwargs['accounts'] = [
            InternalAccount(a, vo=vo) for a in kwargs['accounts']
        ]
    if 'rules' in kwargs:
        for r in kwargs['rules']:
            r['account'] = InternalAccount(r['account'], vo=vo)
    if 'dids' in kwargs:
        for d in kwargs['dids']:
            if 'rules' in d:
                for r in d['rules']:
                    r['account'] = InternalAccount(r['account'], vo=vo)

    issuer = InternalAccount(issuer, vo=vo)

    return permission.has_permission(issuer=issuer,
                                     action=action,
                                     kwargs=kwargs,
                                     session=session)
Пример #4
0
def has_permission(issuer, action, kwargs):
    """
    Checks if an account has the specified permission to
    execute an action with parameters.

    :param issuer: The Account issuer.
    :param action: The action (API call) called by the account.
    :param kwargs: List of arguments for the action.
    :returns: True if account is allowed to call the API call, otherwise False
    """

    if 'rse' in kwargs and 'rse_id' not in kwargs:
        try:
            rse_id = get_rse_id(rse=kwargs.get('rse'))
        except RSENotFound:
            rse_id = None
        kwargs.update({'rse_id': rse_id})

    return permission.has_permission(issuer=issuer,
                                     action=action,
                                     kwargs=kwargs)