pypicloud.access.base_json module¶

Abstract backends that are backed by simple JSON

class pypicloud.access.base_json.IJsonAccessBackend(request=None, default_read=None, default_write=None, disallow_fallback=(), cache_update=None, pwd_context=None, token_expiration=604800, signing_key=None)[source]¶

Bases: pypicloud.access.base.IAccessBackend

This backend reads the permissions from anything that can provide JSON data

Notes

JSON should look like this:

{
    "users": {
        "user1": "hashed_password1",
        "user2": "hashed_password2",
        "user3": "hashed_password3",
        "user4": "hashed_password4",
        "user5": "hashed_password5",
    },
    "groups": {
        "admins": [
        "user1",
        "user2"
        ],
        "group1": [
        "user3"
        ]
    },
    "admins": [
        "user1"
    ]
    "packages": {
        "mypackage": {
            "groups": {
                "group1": ["read', "write"],
                "group2": ["read"],
                "group3": [],
            },
            "users": {
                "user1": ["read", "write"],
                "user2": ["read"],
                "user3": [],
                "user5": ["read"],
            }
        }
    }
}

db[source]¶: Fetch JSON and cache it for future calls

group_members(group)[source]¶

Get a list of users that belong to a group

Parameters:	group : str
Returns:	users : list List of user names

group_package_permissions(group)[source]¶

Get a list of all packages that a group has permissions on

Parameters:	group : str
Returns:	packages : list List of dicts. Each dict contains ‘package’ (str) and ‘permissions’ (list)

group_permissions(package)[source]¶

Get a mapping of all groups to their permissions on a package

Parameters:	package : str The name of a python package
Returns:	permissions : dict mapping of group name to a list of permissions (which can contain ‘read’ and/or ‘write’)

groups(username=None)[source]¶

Get a list of all groups

If a username is specified, get all groups that the user belongs to

Parameters:	username : str, optional
Returns:	groups : list List of group names

is_admin(username)[source]¶

Check if the user is an admin

Parameters:	username : str
Returns:	is_admin : bool

user_data(username=None)[source]¶

Get a list of all users or data for a single user

For Mutable backends, this MUST exclude all pending users

Returns:	users : list Each user is a dict with a ‘username’ str, and ‘admin’ bool user : dict If a username is passed in, instead return one user with the fields above plus a ‘groups’ list.

user_package_permissions(username)[source]¶

Get a list of all packages that a user has permissions on

Parameters:	username : str
Returns:	packages : list List of dicts. Each dict contains ‘package’ (str) and ‘permissions’ (list)

user_permissions(package)[source]¶

Get a mapping of all users to their permissions for a package

Parameters:	package : str The name of a python package
Returns:	permissions : dict Mapping of username to a list of permissions (which can contain ‘read’ and/or ‘write’)

class pypicloud.access.base_json.IMutableJsonAccessBackend(request=None, default_read=None, default_write=None, disallow_fallback=(), cache_update=None, pwd_context=None, token_expiration=604800, signing_key=None)[source]¶

Bases: pypicloud.access.base_json.IJsonAccessBackend, pypicloud.access.base.IMutableAccessBackend

This backend allows you to store all user and package permissions in a backend that is able to store a json file

Notes

The format is the same as IJsonAccessBackend, but with the additional fields:

{
    "pending_users": {
        "user1": "hashed_password1",
        "user2": "hashed_password2"
    },
    "allow_registration": true
}

allow_register()[source]¶

Check if the backend allows registration

This should only be overridden by mutable backends

Returns:	allow : bool

approve_user(username)[source]¶

Mark a user as approved by the admin

Parameters:	username : str

create_group(group)[source]¶

Create a new group

Parameters:	group : str

delete_group(group)[source]¶

Delete a group

Parameters:	group : str

delete_user(username)[source]¶

Delete a user

Parameters:	username : str

edit_group_permission(package_name, group, perm, add)[source]¶

Grant or revoke a permission for a group on a package

Parameters:	package : str group : str perm : {‘read’, ‘write’} add : bool If True, grant permissions. If False, revoke.

edit_user_group(username, group, add)[source]¶

Add or remove a user to/from a group

Parameters:	username : str group : str add : bool If True, add to group. If False, remove.

edit_user_permission(package_name, username, perm, add)[source]¶

Grant or revoke a permission for a user on a package

Parameters:	package : str username : str perm : {‘read’, ‘write’} add : bool If True, grant permissions. If False, revoke.

mutable = True[source]¶

pending_users()[source]¶

Retrieve a list of all users pending admin approval

Returns:	users : list List of usernames

set_allow_register(allow)[source]¶

Allow or disallow user registration

Parameters:	allow : bool

set_user_admin(username, admin)[source]¶

Grant or revoke admin permissions for a user

Parameters:	username : str admin : bool If True, grant permissions. If False, revoke.