pypicloud.access.base_json module¶
Abstract backends that are backed by simple JSON
-
class
pypicloud.access.base_json.
IJsonAccessBackend
(request=None, default_read=None, default_write=None, disallow_fallback=(), cache_update=None, pwd_context=None, token_expiration=604800, signing_key=None)[source]¶ Bases:
pypicloud.access.base.IAccessBackend
This backend reads the permissions from anything that can provide JSON data
Notes
JSON should look like this:
{ "users": { "user1": "hashed_password1", "user2": "hashed_password2", "user3": "hashed_password3", "user4": "hashed_password4", "user5": "hashed_password5", }, "groups": { "admins": [ "user1", "user2" ], "group1": [ "user3" ] }, "admins": [ "user1" ] "packages": { "mypackage": { "groups": { "group1": ["read', "write"], "group2": ["read"], "group3": [], }, "users": { "user1": ["read", "write"], "user2": ["read"], "user3": [], "user5": ["read"], } } } }
-
group_members
(group)[source]¶ Get a list of users that belong to a group
Parameters: - group : str
Returns: - users : list
List of user names
-
group_package_permissions
(group)[source]¶ Get a list of all packages that a group has permissions on
Parameters: - group : str
Returns: - packages : list
List of dicts. Each dict contains ‘package’ (str) and ‘permissions’ (list)
-
group_permissions
(package)[source]¶ Get a mapping of all groups to their permissions on a package
Parameters: - package : str
The name of a python package
Returns: - permissions : dict
mapping of group name to a list of permissions (which can contain ‘read’ and/or ‘write’)
-
groups
(username=None)[source]¶ Get a list of all groups
If a username is specified, get all groups that the user belongs to
Parameters: - username : str, optional
Returns: - groups : list
List of group names
-
is_admin
(username)[source]¶ Check if the user is an admin
Parameters: - username : str
Returns: - is_admin : bool
-
user_data
(username=None)[source]¶ Get a list of all users or data for a single user
For Mutable backends, this MUST exclude all pending users
Returns: - users : list
Each user is a dict with a ‘username’ str, and ‘admin’ bool
- user : dict
If a username is passed in, instead return one user with the fields above plus a ‘groups’ list.
-
-
class
pypicloud.access.base_json.
IMutableJsonAccessBackend
(request=None, default_read=None, default_write=None, disallow_fallback=(), cache_update=None, pwd_context=None, token_expiration=604800, signing_key=None)[source]¶ Bases:
pypicloud.access.base_json.IJsonAccessBackend
,pypicloud.access.base.IMutableAccessBackend
This backend allows you to store all user and package permissions in a backend that is able to store a json file
Notes
The format is the same as
IJsonAccessBackend
, but with the additional fields:{ "pending_users": { "user1": "hashed_password1", "user2": "hashed_password2" }, "allow_registration": true }
-
allow_register
()[source]¶ Check if the backend allows registration
This should only be overridden by mutable backends
Returns: - allow : bool
-
edit_group_permission
(package_name, group, perm, add)[source]¶ Grant or revoke a permission for a group on a package
Parameters: - package : str
- group : str
- perm : {‘read’, ‘write’}
- add : bool
If True, grant permissions. If False, revoke.
-
edit_user_group
(username, group, add)[source]¶ Add or remove a user to/from a group
Parameters: - username : str
- group : str
- add : bool
If True, add to group. If False, remove.
-
edit_user_permission
(package_name, username, perm, add)[source]¶ Grant or revoke a permission for a user on a package
Parameters: - package : str
- username : str
- perm : {‘read’, ‘write’}
- add : bool
If True, grant permissions. If False, revoke.
-