pypicloud.access.sql module¶

Access backend for storing permissions in using SQLAlchemy

class pypicloud.access.sql.Group(name)[source]¶

Bases: Base

Group record

name[source]¶

class pypicloud.access.sql.GroupPermission(package, groupname, read=False, write=False)[source]¶

Bases: Permission

Permissions for a group on a package

group[source]¶

groupname[source]¶

package[source]¶

read[source]¶

write[source]¶

class pypicloud.access.sql.KeyVal(key, value)[source]¶

Bases: Base

Simple model for storing key-value pairs

key[source]¶

value[source]¶

class pypicloud.access.sql.Permission(package, read, write)[source]¶

Bases: Base

Base class for user and group permissions

package = Column(None, String(length=255), table=None, primary_key=True, nullable=False)[source]¶

property permissions[source]¶: Construct permissions list

read = Column(None, Boolean(), table=None)[source]¶

write = Column(None, Boolean(), table=None)[source]¶

class pypicloud.access.sql.SQLAccessBackend(request=None, dbmaker=None, **kwargs)[source]¶

Bases: IMutableAccessBackend

This backend allows you to store all user and package permissions in a SQL database

allow_register()[source]¶

Check if the backend allows registration

This should only be overridden by mutable backends

Returns

allowbool

approve_user(username)[source]¶

Mark a user as approved by the admin

Parameters

usernamestr

check_health()[source]¶

Check the health of the access backend

Returns

(healthy, status)(bool, str): Tuple that describes the health status and provides an optional status message

classmethod configure(settings: EnvironSettings)[source]¶: Configure the access backend with app settings

create_group(group)[source]¶

Create a new group

Parameters

groupstr

property db[source]¶: Lazy-create the DB session

delete_group(group)[source]¶

Delete a group

Parameters

groupstr

delete_user(username)[source]¶

Delete a user

Parameters

usernamestr

edit_group_permission(package_name, group, perm, add)[source]¶

Grant or revoke a permission for a group on a package

Parameters

package_namestr
groupstr
perm{‘read’, ‘write’}
addbool: If True, grant permissions. If False, revoke.

edit_user_group(username, group, add)[source]¶

Add or remove a user to/from a group

Parameters

usernamestr
groupstr
addbool: If True, add to group. If False, remove.

edit_user_permission(package_name, username, perm, add)[source]¶

Grant or revoke a permission for a user on a package

Parameters

package_namestr
usernamestr
perm{‘read’, ‘write’}
addbool: If True, grant permissions. If False, revoke.

group_members(group)[source]¶

Get a list of users that belong to a group

Parameters

groupstr

Returns

userslist: List of user names

group_package_permissions(group)[source]¶

Get a list of all packages that a group has permissions on

Parameters

groupstr

Returns

packageslist: List of dicts. Each dict contains ‘package’ (str) and ‘permissions’ (list)

group_permissions(package)[source]¶

Get a mapping of all groups to their permissions on a package

Parameters

packagestr: The name of a python package

Returns

permissionsdict: mapping of group name to a list of permissions (which can contain ‘read’ and/or ‘write’)

groups(username=None)[source]¶

Get a list of all groups

If a username is specified, get all groups that the user belongs to

Parameters

usernamestr, optional

Returns

groupslist: List of group names

is_admin(username)[source]¶

Check if the user is an admin

Parameters

usernamestr

Returns

is_adminbool

need_admin()[source]¶

Find out if there are any admin users

This should only be overridden by mutable backends

Returns

need_adminbool: True if no admin user exists and the backend is mutable, False otherwise

pending_users()[source]¶

Retrieve a list of all users pending admin approval

Returns

userslist: List of usernames

classmethod postfork(**kwargs)[source]¶: This method will be called after uWSGI forks

set_allow_register(allow)[source]¶

Allow or disallow user registration

Parameters

allowbool

set_user_admin(username, admin)[source]¶

Grant or revoke admin permissions for a user

Parameters

usernamestr
adminbool: If True, grant permissions. If False, revoke.

user_data(username=None)[source]¶

Get a list of all users or data for a single user

For Mutable backends, this MUST exclude all pending users

Returns

userslist: Each user is a dict with a ‘username’ str, and ‘admin’ bool
userdict: If a username is passed in, instead return one user with the fields above plus a ‘groups’ list.

user_package_permissions(username)[source]¶

Get a list of all packages that a user has permissions on

Parameters

usernamestr

Returns

packageslist: List of dicts. Each dict contains ‘package’ (str) and ‘permissions’ (list)

user_permissions(package)[source]¶

Get a mapping of all users to their permissions for a package

Parameters

packagestr: The name of a python package

Returns

permissionsdict: Mapping of username to a list of permissions (which can contain ‘read’ and/or ‘write’)

class pypicloud.access.sql.User(username, password, pending=True)[source]¶

Bases: Base

User record

admin[source]¶

groups[source]¶

password[source]¶

pending[source]¶

username[source]¶

class pypicloud.access.sql.UserPermission(package, username, read=False, write=False)[source]¶

Bases: Permission

Permissions for a user on a package

package[source]¶

read[source]¶

user[source]¶

username[source]¶

write[source]¶