pypicloud.access.base_json module¶
Abstract backends that are backed by simple JSON
- class pypicloud.access.base_json.IJsonAccessBackend(request=None, default_read=None, default_write=None, disallow_fallback=(), cache_update=None, allow_overwrite=None, allow_delete=None, pwd_context=None, token_expiration=604800, signing_key=None)[source]¶
Bases:
IAccessBackendThis backend reads the permissions from anything that can provide JSON data
Notes
JSON should look like this:
{ "users": { "user1": "hashed_password1", "user2": "hashed_password2", "user3": "hashed_password3", "user4": "hashed_password4", "user5": "hashed_password5", }, "groups": { "admins": [ "user1", "user2" ], "group1": [ "user3" ] }, "admins": [ "user1" ] "packages": { "mypackage": { "groups": { "group1": ["read', "write"], "group2": ["read"], "group3": [], }, "users": { "user1": ["read", "write"], "user2": ["read"], "user3": [], "user5": ["read"], } } } }
- group_members(group)[source]¶
Get a list of users that belong to a group
- Parameters
- groupstr
- Returns
- userslist
List of user names
- group_package_permissions(group)[source]¶
Get a list of all packages that a group has permissions on
- Parameters
- groupstr
- Returns
- packageslist
List of dicts. Each dict contains ‘package’ (str) and ‘permissions’ (list)
- group_permissions(package)[source]¶
Get a mapping of all groups to their permissions on a package
- Parameters
- packagestr
The name of a python package
- Returns
- permissionsdict
mapping of group name to a list of permissions (which can contain ‘read’ and/or ‘write’)
- groups(username=None)[source]¶
Get a list of all groups
If a username is specified, get all groups that the user belongs to
- Parameters
- usernamestr, optional
- Returns
- groupslist
List of group names
- is_admin(username)[source]¶
Check if the user is an admin
- Parameters
- usernamestr
- Returns
- is_adminbool
- user_data(username=None)[source]¶
Get a list of all users or data for a single user
For Mutable backends, this MUST exclude all pending users
- Returns
- userslist
Each user is a dict with a ‘username’ str, and ‘admin’ bool
- userdict
If a username is passed in, instead return one user with the fields above plus a ‘groups’ list.
- class pypicloud.access.base_json.IMutableJsonAccessBackend(request=None, default_read=None, default_write=None, disallow_fallback=(), cache_update=None, allow_overwrite=None, allow_delete=None, pwd_context=None, token_expiration=604800, signing_key=None)[source]¶
Bases:
IJsonAccessBackend,IMutableAccessBackendThis backend allows you to store all user and package permissions in a backend that is able to store a json file
Notes
The format is the same as
IJsonAccessBackend, but with the additional fields:{ "pending_users": { "user1": "hashed_password1", "user2": "hashed_password2" }, "allow_registration": true }
- allow_register()[source]¶
Check if the backend allows registration
This should only be overridden by mutable backends
- Returns
- allowbool
- edit_group_permission(package_name, group, perm, add)[source]¶
Grant or revoke a permission for a group on a package
- Parameters
- package_namestr
- groupstr
- perm{‘read’, ‘write’}
- addbool
If True, grant permissions. If False, revoke.
- edit_user_group(username, group, add)[source]¶
Add or remove a user to/from a group
- Parameters
- usernamestr
- groupstr
- addbool
If True, add to group. If False, remove.
- edit_user_permission(package_name, username, perm, add)[source]¶
Grant or revoke a permission for a user on a package
- Parameters
- package_namestr
- usernamestr
- perm{‘read’, ‘write’}
- addbool
If True, grant permissions. If False, revoke.