def create_detail(self, object_list, bundle):
system = self.helper.system
subject = self.helper.get_subject(bundle)
action = Action(self.helper.create_action)
resources = self.helper.get_create_detail_resources(bundle)
request = Request(
system,
subject,
action,
resources,
self.helper.get_create_detail_environment(bundle),
)
allowed = self.iam.is_allowed(request)
logger.debug(
"tastypie create_detail is_allowed request({}) result: {}".format(
request.to_dict(), allowed))
if not allowed:
raise ImmediateHttpResponse(
IAMAuthFailedResponse(
AuthFailedException(system, subject, action, resources)))
return allowed
def read_list(self, object_list, bundle):
request = Request(
system=self.system,
subject=self.get_subject(bundle),
action=Action(self.read_action),
resources=[],
environment=self.get_read_list_environment(bundle),
)
f = self.iam.make_filter(request,
key_mapping=self.helper.filter_key_mapping)
logger.debug(
"tastypie read_list make_filter request({}) result: {}".format(
request.to_dict(), f))
return object_list.filter(f)
if __name__ == "__main__":
# eval
print("\nTHE EVAL EXAMPLE:\n")
eval_exmaple()
print_spearator()
# convert to sql / django queryset
print("\nTHE CONVERT EXAMPLE:\n")
convert_example()
# make a request
print_spearator()
subject = Subject("user", "admin")
# action = Action("edit_app")
# action = Action("access_developer_center")
action = Action("develop_app")
resource = Resource("bk_paas", "app", "bk_test", {})
request = Request("bk_paas", subject, action, [resource], None)
print("the request: ", request.to_dict())
iam = IAM("bk_paas", "2353e89a-10a2-4f30-9f6b-8973e9cd1404",
"http://127.0.0.1:8080", "https://{PAAS_DOMAIN}")
# recommend if got an APIGateway
# iam = IAM("bk_paas", "2353e89a-10a2-4f30-9f6b-8973e9cd1404", bk_apigateway_url="http://{IAM_APIGATEWAY_URL}")
print("is_allowed: ", iam.is_allowed(request))
print("query: ", iam.make_filter(request))