pypicloud.access.sql module¶

Access backend for storing permissions in using SQLAlchemy

class pypicloud.access.sql.Group(name)[source]¶

Bases: sqlalchemy.orm.decl_api.Base

Group record

name[source]¶

class pypicloud.access.sql.GroupPermission(package, groupname, read=False, write=False)[source]¶

Bases: pypicloud.access.sql.Permission

Permissions for a group on a package

group[source]¶

groupname[source]¶

package[source]¶

read[source]¶

write[source]¶

class pypicloud.access.sql.KeyVal(key, value)[source]¶

Bases: sqlalchemy.orm.decl_api.Base

Simple model for storing key-value pairs

key[source]¶

value[source]¶

class pypicloud.access.sql.Permission(package, read, write)[source]¶

Bases: sqlalchemy.orm.decl_api.Base

Base class for user and group permissions

package = Column(None, String(length=255), table=None, primary_key=True, nullable=False)[source]¶

permissions[source]¶: Construct permissions list

read = Column(None, Boolean(), table=None)[source]¶

write = Column(None, Boolean(), table=None)[source]¶

class pypicloud.access.sql.SQLAccessBackend(request=None, dbmaker=None, **kwargs)[source]¶

Bases: pypicloud.access.base.IMutableAccessBackend

This backend allows you to store all user and package permissions in a SQL database

allow_register()[source]¶

Check if the backend allows registration

This should only be overridden by mutable backends

Returns:	allow : bool

approve_user(username)[source]¶

Mark a user as approved by the admin

Parameters:	username : str

check_health()[source]¶

Check the health of the access backend

Returns:	(healthy, status) : (bool, str) Tuple that describes the health status and provides an optional status message

classmethod configure(settings)[source]¶: Configure the access backend with app settings

create_group(group)[source]¶

Create a new group

Parameters:	group : str

db[source]¶: Lazy-create the DB session

delete_group(group)[source]¶

Delete a group

Parameters:	group : str

delete_user(username)[source]¶

Delete a user

Parameters:	username : str

edit_group_permission(package, group, perm, add)[source]¶

Grant or revoke a permission for a group on a package

Parameters:	package : str group : str perm : {‘read’, ‘write’} add : bool If True, grant permissions. If False, revoke.

edit_user_group(username, groupname, add)[source]¶

Add or remove a user to/from a group

Parameters:	username : str group : str add : bool If True, add to group. If False, remove.

edit_user_permission(package, username, perm, add)[source]¶

Grant or revoke a permission for a user on a package

Parameters:	package : str username : str perm : {‘read’, ‘write’} add : bool If True, grant permissions. If False, revoke.

group_members(group)[source]¶

Get a list of users that belong to a group

Parameters:	group : str
Returns:	users : list List of user names

group_package_permissions(group)[source]¶

Get a list of all packages that a group has permissions on

Parameters:	group : str
Returns:	packages : list List of dicts. Each dict contains ‘package’ (str) and ‘permissions’ (list)

group_permissions(package)[source]¶

Get a mapping of all groups to their permissions on a package

Parameters:	package : str The name of a python package
Returns:	permissions : dict mapping of group name to a list of permissions (which can contain ‘read’ and/or ‘write’)

groups(username=None)[source]¶

Get a list of all groups

If a username is specified, get all groups that the user belongs to

Parameters:	username : str, optional
Returns:	groups : list List of group names

is_admin(username)[source]¶

Check if the user is an admin

Parameters:	username : str
Returns:	is_admin : bool

need_admin()[source]¶

Find out if there are any admin users

This should only be overridden by mutable backends

Returns:	need_admin : bool True if no admin user exists and the backend is mutable, False otherwise

pending_users()[source]¶

Retrieve a list of all users pending admin approval

Returns:	users : list List of usernames

classmethod postfork(**kwargs)[source]¶: This method will be called after uWSGI forks

set_allow_register(allow)[source]¶

Allow or disallow user registration

Parameters:	allow : bool

set_user_admin(username, admin)[source]¶

Grant or revoke admin permissions for a user

Parameters:	username : str admin : bool If True, grant permissions. If False, revoke.

user_data(username=None)[source]¶

Get a list of all users or data for a single user

For Mutable backends, this MUST exclude all pending users

Returns:	users : list Each user is a dict with a ‘username’ str, and ‘admin’ bool user : dict If a username is passed in, instead return one user with the fields above plus a ‘groups’ list.

user_package_permissions(username)[source]¶

Get a list of all packages that a user has permissions on

Parameters:	username : str
Returns:	packages : list List of dicts. Each dict contains ‘package’ (str) and ‘permissions’ (list)

user_permissions(package)[source]¶

Get a mapping of all users to their permissions for a package

Parameters:	package : str The name of a python package
Returns:	permissions : dict Mapping of username to a list of permissions (which can contain ‘read’ and/or ‘write’)