本文整理汇总了Python中pyramid.security.Allow方法的典型用法代码示例。如果您正苦于以下问题:Python security.Allow方法的具体用法?Python security.Allow怎么用?Python security.Allow使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类pyramid.security的用法示例。
在下文中一共展示了security.Allow方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _get_least_permissions_aces
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def _get_least_permissions_aces(self, resources):
""" Get ACEs with the least permissions that fit all resources.
To have access to polymorph on N collections, user MUST have
access to all of them. If this is true, ACEs are returned, that
allows 'view' permissions to current request principals.
Otherwise None is returned thus blocking all permissions except
those defined in `nefertari.acl.BaseACL`.
:param resources:
:type resources: list of Resource instances
:return: Generated Pyramid ACEs or None
:rtype: tuple or None
"""
factories = [res.view._factory for res in resources]
contexts = [factory(self.request) for factory in factories]
for ctx in contexts:
if not self.request.has_permission('view', ctx):
return
else:
return [
(Allow, principal, 'view')
for principal in self.request.effective_principals
] 示例2: __init__
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def __init__(self, request):
self.__acl__ = []
config = request.registry.settings
req_url_secret = request.params.get("secret")
req_secret = request.headers.get("x-channelstream-secret", req_url_secret)
addr = request.environ["REMOTE_ADDR"]
if not is_allowed_ip(addr, config):
log.warning("IP: {} is not whitelisted".format(addr))
return
if req_secret:
max_age = 60 if config["validate_requests"] else None
request.registry.signature_checker.unsign(req_secret, max_age=max_age)
else:
return
self.__acl__ = [(Allow, Everyone, ALL_PERMISSIONS)] 示例3: __init__
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def __init__(self, request):
exercise_id = request.matchdict['exercise_id']
self.exercise = request.db.query(Exercise).get(exercise_id)
if self.exercise is None:
raise HTTPNotFound(detail='Exercise not found')
self.exam = self.exercise.exam
if 'tutorial_ids' in request.matchdict:
self.tutorial_ids = request.matchdict['tutorial_ids'].split(',')
if len(self.tutorial_ids)==1 and self.tutorial_ids[0]=='':
self.tutorial_ids = []
self.tutorials = []
else:
self.tutorials = request.db.query(Tutorial).filter(Tutorial.id.in_(self.tutorial_ids)).all()
self.__acl__ = [
(Allow, Authenticated, 'view_points'),
(Allow, 'group:administrators', ALL_PERMISSIONS),
]+[(Allow, 'user:{0}'.format(tutor.id), ('statistics')) for tutor in self.exam.lecture.tutors
]+[(Allow, 'user:{0}'.format(assistant.id), ('statistics')) for assistant in self.exam.lecture.assistants
] 示例4: test_create_system_user_exists
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def test_create_system_user_exists(self, mock_crypt, mock_trans):
from ramses import auth
encoder = mock_crypt.bcrypt.BCRYPTPasswordManager()
encoder.encode.return_value = '654321'
config = Mock()
config.registry.settings = {
'system.user': 'user12',
'system.password': '123456',
'system.email': 'user12@example.com',
}
config.registry.auth_model.get_or_create.return_value = (1, False)
auth.create_system_user(config)
assert not mock_trans.commit.called
encoder.encode.assert_called_once_with('123456')
config.registry.auth_model.get_or_create.assert_called_once_with(
username='user12',
defaults={
'password': '654321',
'email': 'user12@example.com',
'groups': ['admin'],
'_acl': [(Allow, 'g:admin', ALL_PERMISSIONS)],
}
) 示例5: test_create_system_user_created
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def test_create_system_user_created(self, mock_crypt, mock_trans):
from ramses import auth
encoder = mock_crypt.bcrypt.BCRYPTPasswordManager()
encoder.encode.return_value = '654321'
config = Mock()
config.registry.settings = {
'system.user': 'user12',
'system.password': '123456',
'system.email': 'user12@example.com',
}
config.registry.auth_model.get_or_create.return_value = (
Mock(), True)
auth.create_system_user(config)
mock_trans.commit.assert_called_once_with()
encoder.encode.assert_called_once_with('123456')
config.registry.auth_model.get_or_create.assert_called_once_with(
username='user12',
defaults={
'password': '654321',
'email': 'user12@example.com',
'groups': ['admin'],
'_acl': [(Allow, 'g:admin', ALL_PERMISSIONS)],
}
) 示例6: create_system_user
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def create_system_user(config):
log.info('Creating system user')
crypt = cryptacular.bcrypt.BCRYPTPasswordManager()
settings = config.registry.settings
try:
auth_model = config.registry.auth_model
s_user = settings['system.user']
s_pass = str(crypt.encode(settings['system.password']))
s_email = settings['system.email']
defaults = dict(
password=s_pass,
email=s_email,
groups=['admin'],
)
if config.registry.database_acls:
defaults['_acl'] = [(Allow, 'g:admin', ALL_PERMISSIONS)]
user, created = auth_model.get_or_create(
username=s_user, defaults=defaults)
if created:
transaction.commit()
except KeyError as e:
log.error('Failed to create system user. Missing config: %s' % e) 示例7: get_acl
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def get_acl(self, request):
"""
Get ACL.
Initialize the __acl__ from the sql database once,
then use the cached version.
:param request: pyramid request
:type login: :class:`pyramid.request.Request`
:return: ACLs in pyramid format. (Allow, group name, permission name)
:rtype: list of tupple
"""
if RootFactory._acl is None:
acl = []
session = DBSession()
groups = Group.all(session)
for g in groups:
acl.extend([(Allow, g.name, p.name) for p in g.permissions])
RootFactory._acl = acl
return RootFactory._acl 示例8: __init__
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def __init__(self, request):
groups = DBSession.query(Group).all()
self.__acl__ = []
for group in groups:
for permission in group.permissions:
self.__acl__.append(
(Allow, 'g:' + str(group.id), permission.name)
) 示例9: set_collections_acl
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def set_collections_acl(self):
""" Calculate and set ACL valid for requested collections.
DENY_ALL is added to ACL to make sure no access rules are
inherited.
"""
acl = [(Allow, 'g:admin', ALL_PERMISSIONS)]
collections = self.get_collections()
resources = self.get_resources(collections)
aces = self._get_least_permissions_aces(resources)
if aces is not None:
for ace in aces:
acl.append(ace)
acl.append(DENY_ALL)
self.__acl__ = tuple(acl) 示例10: test_get_least_permissions_aces_allowed
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def test_get_least_permissions_aces_allowed(self, mock_meth):
from pyramid.security import Allow
request = Mock()
request.has_permission.return_value = True
request.effective_principals = ['user', 'admin']
acl = polymorphic.PolymorphicACL(request)
resource = Mock()
resource.view._factory = Mock()
aces = acl._get_least_permissions_aces([resource])
resource.view._factory.assert_called_once_with(request)
request.has_permission.assert_called_once_with(
'view', resource.view._factory())
assert len(aces) == 2
assert (Allow, 'user', 'view') in aces
assert (Allow, 'admin', 'view') in aces 示例11: test_set_collections_acl_has_aces
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def test_set_collections_acl_has_aces(self, mock_coll, mock_res,
mock_aces):
from pyramid.security import Allow, DENY_ALL
aces = [(Allow, 'foobar', 'dostuff')]
mock_aces.return_value = aces
acl = polymorphic.PolymorphicACL(None)
assert len(acl.__acl__) == 3
assert DENY_ALL == acl.__acl__[-1]
assert aces[0] in acl.__acl__
assert mock_coll.call_count == 1
assert mock_res.call_count == 1
assert mock_aces.call_count == 1 示例12: __init__
# 需要导入模块: from pyramid import security [as 别名]
# 或者: from pyramid.security import Allow [as 别名]
def __init__(self, request):
self.__acl__ = [
(Allow, Everyone, PYRAMID_SACRUD_HOME),
]