def get_access_policy(self) -> AccessPolicy:
"""
Returns or creates the access policy for the system metadata.
:return: The access policy
"""
if not self.access_policy:
self.access_policy = dataoneTypes.accessPolicy()
public_access_rule = dataoneTypes.AccessRule()
public_access_rule.subject.append(d1_const.SUBJECT_PUBLIC)
permission = dataoneTypes.Permission(
dataoneTypes.Permission('read'))
public_access_rule.permission.append(permission)
self.access_policy.append(public_access_rule)
admin_access_rule = dataoneTypes.AccessRule()
admin_access_rule.subject.append(
"CN=knb-data-admins,DC=dataone,DC=org")
admin_access_rule.permission.append(
dataoneTypes.Permission('write'))
admin_access_rule.permission.append(permission)
self.access_policy.append(admin_access_rule)
return self.access_policy
def generate_public_access_policy():
accessPolicy = dataoneTypes.accessPolicy()
accessRule = dataoneTypes.AccessRule()
accessRule.subject.append(d1_common.const.SUBJECT_PUBLIC)
permission = dataoneTypes.Permission('read')
accessRule.permission.append(permission)
accessPolicy.append(accessRule)
return accessPolicy
def _create_access_policy_pyxb_object(self, operation):
acl = operation['parameters']['allow']
if not len(acl):
return None
access_policy = dataoneTypes.accessPolicy()
for s, p in acl:
access_rule = dataoneTypes.AccessRule()
access_rule.subject.append(s)
permission = dataoneTypes.Permission(p)
access_rule.permission.append(permission)
access_policy.append(access_rule)
return access_policy
def generate_public_access_policy():
"""
Creates the access policy for the system metadata.
Note that the permission is set to 'read'.
:return: The access policy
:rtype: d1_common.types.generated.dataoneTypes_v1.AccessPolicy
"""
access_policy = dataoneTypes.accessPolicy()
access_rule = dataoneTypes.AccessRule()
access_rule.subject.append(d1_const.SUBJECT_PUBLIC)
permission = dataoneTypes.Permission('read')
access_rule.permission.append(permission)
access_policy.append(access_rule)
return access_policy