pypicloud.access.sql module¶
Access backend for storing permissions in using SQLAlchemy
-
class
pypicloud.access.sql.
Group
(name)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base
Group record
-
class
pypicloud.access.sql.
GroupPermission
(package, groupname, read=False, write=False)[source]¶ Bases:
pypicloud.access.sql.Permission
Permissions for a group on a package
-
class
pypicloud.access.sql.
KeyVal
(key, value)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base
Simple model for storing key-value pairs
-
class
pypicloud.access.sql.
Permission
(package, read, write)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base
Base class for user and group permissions
-
class
pypicloud.access.sql.
SQLAccessBackend
(request=None, dbmaker=None, **kwargs)[source]¶ Bases:
pypicloud.access.base.IMutableAccessBackend
This backend allows you to store all user and package permissions in a SQL database
-
allow_register
()[source]¶ Check if the backend allows registration
This should only be overridden by mutable backends
Returns: - allow : bool
-
check_health
()[source]¶ Check the health of the access backend
Returns: - (healthy, status) : (bool, str)
Tuple that describes the health status and provides an optional status message
-
edit_group_permission
(package, group, perm, add)[source]¶ Grant or revoke a permission for a group on a package
Parameters: - package : str
- group : str
- perm : {‘read’, ‘write’}
- add : bool
If True, grant permissions. If False, revoke.
-
edit_user_group
(username, groupname, add)[source]¶ Add or remove a user to/from a group
Parameters: - username : str
- group : str
- add : bool
If True, add to group. If False, remove.
-
edit_user_permission
(package, username, perm, add)[source]¶ Grant or revoke a permission for a user on a package
Parameters: - package : str
- username : str
- perm : {‘read’, ‘write’}
- add : bool
If True, grant permissions. If False, revoke.
-
group_members
(group)[source]¶ Get a list of users that belong to a group
Parameters: - group : str
Returns: - users : list
List of user names
-
group_package_permissions
(group)[source]¶ Get a list of all packages that a group has permissions on
Parameters: - group : str
Returns: - packages : list
List of dicts. Each dict contains ‘package’ (str) and ‘permissions’ (list)
-
group_permissions
(package)[source]¶ Get a mapping of all groups to their permissions on a package
Parameters: - package : str
The name of a python package
Returns: - permissions : dict
mapping of group name to a list of permissions (which can contain ‘read’ and/or ‘write’)
-
groups
(username=None)[source]¶ Get a list of all groups
If a username is specified, get all groups that the user belongs to
Parameters: - username : str, optional
Returns: - groups : list
List of group names
-
is_admin
(username)[source]¶ Check if the user is an admin
Parameters: - username : str
Returns: - is_admin : bool
-
need_admin
()[source]¶ Find out if there are any admin users
This should only be overridden by mutable backends
Returns: - need_admin : bool
True if no admin user exists and the backend is mutable, False otherwise
-
pending_users
()[source]¶ Retrieve a list of all users pending admin approval
Returns: - users : list
List of usernames
-
set_user_admin
(username, admin)[source]¶ Grant or revoke admin permissions for a user
Parameters: - username : str
- admin : bool
If True, grant permissions. If False, revoke.
-
user_data
(username=None)[source]¶ Get a list of all users or data for a single user
For Mutable backends, this MUST exclude all pending users
Returns: - users : list
Each user is a dict with a ‘username’ str, and ‘admin’ bool
- user : dict
If a username is passed in, instead return one user with the fields above plus a ‘groups’ list.
-