当前位置: 首页>>代码示例>>Python>>正文


Python PermissionType.get_permission_type方法代码示例

本文整理汇总了Python中st2common.rbac.types.PermissionType.get_permission_type方法的典型用法代码示例。如果您正苦于以下问题:Python PermissionType.get_permission_type方法的具体用法?Python PermissionType.get_permission_type怎么用?Python PermissionType.get_permission_type使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在st2common.rbac.types.PermissionType的用法示例。


在下文中一共展示了PermissionType.get_permission_type方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: _user_has_resource_permission

# 需要导入模块: from st2common.rbac.types import PermissionType [as 别名]
# 或者: from st2common.rbac.types.PermissionType import get_permission_type [as 别名]
    def _user_has_resource_permission(self, user_db, pack_uid, resource_uid, permission_type):
        log_context = {
            'user_db': user_db,
            'pack_uid': pack_uid,
            'resource_uid': resource_uid,
            'resource_type': self.resource_type,
            'permission_type': permission_type,
            'resolver': self.__class__.__name__
        }
        self._log('Checking user resource permissions', extra=log_context)

        # First check the system role permissions
        has_system_role_permission = self._user_has_system_role_permission(
            user_db=user_db, permission_type=permission_type)

        if has_system_role_permission:
            self._log('Found a matching grant via system role', extra=log_context)
            return True

        # Check custom roles
        view_permission_type = PermissionType.get_permission_type(resource_type=self.resource_type,
                                                                  permission_name='view')
        all_permission_type = PermissionType.get_permission_type(resource_type=self.resource_type,
                                                                 permission_name='all')

        if permission_type == view_permission_type:
            # Note: Some permissions such as "create", "modify", "delete" and "execute" also
            # grant / imply "view" permission
            permission_types = self.view_grant_permission_types[:] + [permission_type]
        elif permission_type not in all_permission_type:
            permission_types = [all_permission_type, permission_type]
        else:
            permission_types = [permission_type]

        # Check direct grants on the specified resource
        resource_types = [self.resource_type]
        permission_grants = get_all_permission_grants_for_user(user_db=user_db,
                                                               resource_uid=resource_uid,
                                                               resource_types=resource_types,
                                                               permission_types=permission_types)
        if len(permission_grants) >= 1:
            self._log('Found a direct grant on the action', extra=log_context)
            return True

        # Check grants on the parent pack
        resource_types = [ResourceType.PACK]
        permission_grants = get_all_permission_grants_for_user(user_db=user_db,
                                                               resource_uid=pack_uid,
                                                               resource_types=resource_types,
                                                               permission_types=permission_types)

        if len(permission_grants) >= 1:
            self._log('Found a grant on the action parent pack', extra=log_context)
            return True

        self._log('No matching grants found', extra=log_context)
        return False
开发者ID:hejin,项目名称:st2,代码行数:59,代码来源:resolvers.py

示例2: test_get_permission_type

# 需要导入模块: from st2common.rbac.types import PermissionType [as 别名]
# 或者: from st2common.rbac.types.PermissionType import get_permission_type [as 别名]
 def test_get_permission_type(self):
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.ACTION,
                                                         permission_name='view'),
                     PermissionType.ACTION_VIEW)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.ACTION,
                                                         permission_name='all'),
                     PermissionType.ACTION_ALL)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.ACTION,
                                                         permission_name='execute'),
                     PermissionType.ACTION_EXECUTE)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.RULE,
                                                         permission_name='view'),
                     PermissionType.RULE_VIEW)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.RULE,
                                                         permission_name='delete'),
                     PermissionType.RULE_DELETE)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.SENSOR,
                                                         permission_name='view'),
                     PermissionType.SENSOR_VIEW)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.SENSOR,
                                                         permission_name='all'),
                     PermissionType.SENSOR_ALL)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.SENSOR,
                                                         permission_name='modify'),
                     PermissionType.SENSOR_MODIFY)
     self.assertEqual(
         PermissionType.get_permission_type(resource_type=ResourceType.RULE_ENFORCEMENT,
                                            permission_name='view'),
         PermissionType.RULE_ENFORCEMENT_VIEW)
开发者ID:lyandut,项目名称:st2,代码行数:31,代码来源:test_rbac_types.py

示例3: _get_all_permission_type_for_resource

# 需要导入模块: from st2common.rbac.types import PermissionType [as 别名]
# 或者: from st2common.rbac.types.PermissionType import get_permission_type [as 别名]
 def _get_all_permission_type_for_resource(self, resource_db):
     """
     Retrieve "ALL" permission type for the provided resource.
     """
     resource_type = resource_db.get_resource_type()
     permission_type = PermissionType.get_permission_type(resource_type=resource_type,
                                                          permission_name='all')
     return permission_type
开发者ID:hejin,项目名称:st2,代码行数:10,代码来源:resolvers.py

示例4: user_has_resource_db_permission

# 需要导入模块: from st2common.rbac.types import PermissionType [as 别名]
# 或者: from st2common.rbac.types.PermissionType import get_permission_type [as 别名]
    def user_has_resource_db_permission(self, user_db, resource_db, permission_type):
        log_context = {
            'user_db': user_db,
            'resource_db': resource_db,
            'permission_type': permission_type,
            'resolver': self.__class__.__name__
        }
        self._log('Checking user resource permissions', extra=log_context)

        # First check the system role permissions
        has_system_role_permission = self._user_has_system_role_permission(
            user_db=user_db, permission_type=permission_type)

        if has_system_role_permission:
            self._log('Found a matching grant via system role', extra=log_context)
            return True

        # Check custom roles
        rule_spec = getattr(resource_db, 'rule', None)
        rule_uid = rule_spec.uid
        rule_id = rule_spec.id
        rule_pack = ResourceReference.get_pack(rule_spec.ref)

        if not rule_uid or not rule_id or not rule_pack:
            LOG.error('Rule UID or ID or PACK not present in enforcement object. ' +
                      ('UID = %s, ID = %s, PACK = %s' % (rule_uid, rule_id, rule_pack)) +
                      'Cannot assess access permissions without it. Defaulting to DENY.')
            return False

        # TODO: Add utility methods for constructing uids from parts
        pack_db = PackDB(ref=rule_pack)
        rule_pack_uid = pack_db.get_uid()

        rule_permission_type = None
        if permission_type == PermissionType.RULE_ENFORCEMENT_VIEW:
            rule_permission_type = PermissionType.RULE_VIEW
        elif permission_type == PermissionType.RULE_ENFORCEMENT_LIST:
            rule_permission_type = PermissionType.RULE_LIST
        else:
            raise ValueError('Invalid permission type: %s' % (permission_type))

        permission_types = [PermissionType.RULE_ALL, rule_permission_type]

        view_permission_type = PermissionType.get_permission_type(resource_type=ResourceType.RULE,
                                                                  permission_name='view')

        if rule_permission_type == view_permission_type:
            permission_types = (RulePermissionsResolver.view_grant_permission_types[:] +
                                [rule_permission_type])

        # Check grants on the pack of the rule to which enforcement belongs to
        resource_types = [ResourceType.PACK]
        permission_grants = get_all_permission_grants_for_user(user_db=user_db,
                                                               resource_uid=rule_pack_uid,
                                                               resource_types=resource_types,
                                                               permission_types=permission_types)

        if len(permission_grants) >= 1:
            self._log('Found a grant on the enforcement rule parent pack', extra=log_context)
            return True

        # Check grants on the rule the enforcement belongs to
        resource_types = [ResourceType.RULE]
        permission_grants = get_all_permission_grants_for_user(user_db=user_db,
                                                               resource_uid=rule_uid,
                                                               resource_types=resource_types,
                                                               permission_types=permission_types)

        if len(permission_grants) >= 1:
            self._log('Found a grant on the enforcement\'s rule.', extra=log_context)
            return True

        self._log('No matching grants found', extra=log_context)
        return False
开发者ID:peak6,项目名称:st2,代码行数:76,代码来源:resolvers.py


注:本文中的st2common.rbac.types.PermissionType.get_permission_type方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。