You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

107 lines
3.1 KiB

  1. # -*- coding: utf-8 -*-
  2. #
  3. # The MIT License (MIT)
  4. #
  5. # Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>
  6. #
  7. # Permission is hereby granted, free of charge, to any person obtaining a copy of
  8. # this software and associated documentation files (the "Software"), to deal in
  9. # the Software without restriction, including without limitation the rights to
  10. # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
  11. # the Software, and to permit persons to whom the Software is furnished to do so,
  12. # subject to the following conditions:
  13. #
  14. # The above copyright notice and this permission notice shall be included in all
  15. # copies or substantial portions of the Software.
  16. #
  17. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18. # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
  19. # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
  20. # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
  21. # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  22. # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  23. class Permission:
  24. """
  25. Consider this simple and very common permission:
  26. A permission associates the object being protected with the policies that must be evaluated to
  27. determine whether access is granted.
  28. X CAN DO Y ON RESOURCE Z
  29. where
  30. - X represents one or more users, roles, or groups, or a combination of them. You can
  31. also use claims and context here.
  32. - Y represents an action to be performed, for example, write, view, and so on.
  33. - Z represents a protected resource, for example, "/accounts".
  34. https://keycloak.gitbooks.io/documentation/authorization_services/topics/permission/overview.html
  35. """
  36. def __init__(self, name, type, logic, decision_strategy):
  37. self._name = name
  38. self._type = type
  39. self._logic = logic
  40. self._decision_strategy = decision_strategy
  41. self._resources = []
  42. self._scopes = []
  43. def __repr__(self):
  44. return "<Permission: %s (%s)>" % (self.name, self.type)
  45. def __str__(self):
  46. return "Permission: %s (%s)" % (self.name, self.type)
  47. @property
  48. def name(self):
  49. return self._name
  50. @name.setter
  51. def name(self, value):
  52. self._name = value
  53. @property
  54. def type(self):
  55. return self._type
  56. @type.setter
  57. def type(self, value):
  58. self._type = value
  59. @property
  60. def logic(self):
  61. return self._logic
  62. @logic.setter
  63. def logic(self, value):
  64. self._logic = value
  65. @property
  66. def decision_strategy(self):
  67. return self._decision_strategy
  68. @decision_strategy.setter
  69. def decision_strategy(self, value):
  70. self._decision_strategy = value
  71. @property
  72. def resources(self):
  73. return self._resources
  74. @resources.setter
  75. def resources(self, value):
  76. self._resources = value
  77. @property
  78. def scopes(self):
  79. return self._scopes
  80. @scopes.setter
  81. def scopes(self, value):
  82. self._scopes = value