You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

170 lines
4.3 KiB

  1. # -*- coding: utf-8 -*-
  2. #
  3. # The MIT License (MIT)
  4. #
  5. # Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>
  6. #
  7. # Permission is hereby granted, free of charge, to any person obtaining a copy of
  8. # this software and associated documentation files (the "Software"), to deal in
  9. # the Software without restriction, including without limitation the rights to
  10. # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
  11. # the Software, and to permit persons to whom the Software is furnished to do so,
  12. # subject to the following conditions:
  13. #
  14. # The above copyright notice and this permission notice shall be included in all
  15. # copies or substantial portions of the Software.
  16. #
  17. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18. # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
  19. # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
  20. # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
  21. # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  22. # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  23. """Keycloak authorization Permission module."""
  24. class Permission:
  25. """Base permission class.
  26. Consider this simple and very common permission:
  27. A permission associates the object being protected with the policies that must be evaluated to
  28. determine whether access is granted.
  29. X CAN DO Y ON RESOURCE Z
  30. where
  31. - X represents one or more users, roles, or groups, or a combination of them. You can
  32. also use claims and context here.
  33. - Y represents an action to be performed, for example, write, view, and so on.
  34. - Z represents a protected resource, for example, "/accounts".
  35. https://keycloak.gitbooks.io/documentation/authorization_services/topics/permission/overview.html
  36. :param name: Name
  37. :type name: str
  38. :param type: Type
  39. :type type: str
  40. :param logic: Logic
  41. :type logic: str
  42. :param decision_strategy: Decision strategy
  43. :type decision_strategy: str
  44. """
  45. def __init__(self, name, type, logic, decision_strategy):
  46. """Init method.
  47. :param name: Name
  48. :type name: str
  49. :param type: Type
  50. :type type: str
  51. :param logic: Logic
  52. :type logic: str
  53. :param decision_strategy: Decision strategy
  54. :type decision_strategy: str
  55. """
  56. self.name = name
  57. self.type = type
  58. self.logic = logic
  59. self.decision_strategy = decision_strategy
  60. self.resources = []
  61. self.scopes = []
  62. def __repr__(self):
  63. """Repr method.
  64. :returns: Class representation
  65. :rtype: str
  66. """
  67. return "<Permission: %s (%s)>" % (self.name, self.type)
  68. def __str__(self):
  69. """Str method.
  70. :returns: Class string representation
  71. :rtype: str
  72. """
  73. return "Permission: %s (%s)" % (self.name, self.type)
  74. @property
  75. def name(self):
  76. """Get name.
  77. :returns: name
  78. :rtype: str
  79. """
  80. return self._name
  81. @name.setter
  82. def name(self, value):
  83. self._name = value
  84. @property
  85. def type(self):
  86. """Get type.
  87. :returns: type
  88. :rtype: str
  89. """
  90. return self._type
  91. @type.setter
  92. def type(self, value):
  93. self._type = value
  94. @property
  95. def logic(self):
  96. """Get logic.
  97. :returns: Logic
  98. :rtype: str
  99. """
  100. return self._logic
  101. @logic.setter
  102. def logic(self, value):
  103. self._logic = value
  104. @property
  105. def decision_strategy(self):
  106. """Get decision strategy.
  107. :returns: Decision strategy
  108. :rtype: str
  109. """
  110. return self._decision_strategy
  111. @decision_strategy.setter
  112. def decision_strategy(self, value):
  113. self._decision_strategy = value
  114. @property
  115. def resources(self):
  116. """Get resources.
  117. :returns: Resources
  118. :rtype: list
  119. """
  120. return self._resources
  121. @resources.setter
  122. def resources(self, value):
  123. self._resources = value
  124. @property
  125. def scopes(self):
  126. """Get scopes.
  127. :returns: Scopes
  128. :rtype: list
  129. """
  130. return self._scopes
  131. @scopes.setter
  132. def scopes(self, value):
  133. self._scopes = value