Mirror
/
python-keycloak
mirror of https://github.com/marcospereirampj/python-keycloak.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
85 Commits
15 Branches
98 Tags
17 MiB
Tree: bae47f0761
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'bae47f0761'
${ noResults }
python-keycloak/keycloak/authorization/permission.py

98 lines
2.7 KiB
Raw Normal View History

Added authorization services.
7 years ago
Added policies, permissions, roles, scopes and resources.
7 years ago
Added authorization services.
7 years ago
  1. # -*- coding: utf-8 -*-
  2. #
  3. # Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>
  4. #
  5. # This program is free software: you can redistribute it and/or modify
  6. # it under the terms of the GNU Lesser General Public License as published by
  7. # the Free Software Foundation, either version 3 of the License, or
  8. # (at your option) any later version.
  9. #
  10. # This program is distributed in the hope that it will be useful,
  11. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. # GNU Lesser General Public License for more details.
  14. #
  15. # You should have received a copy of the GNU Lesser General Public License
  16. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  19. class Permission:
  20. """
  21. Consider this simple and very common permission:
  23. A permission associates the object being protected with the policies that must be evaluated to determine whether access is granted.
  25. X CAN DO Y ON RESOURCE Z
  27. where
  28. X represents one or more users, roles, or groups, or a combination of them. You can
  29. also use claims and context here.
  30. Y represents an action to be performed, for example, write, view, and so on.
  31. Z represents a protected resource, for example, "/accounts".
  33. https://keycloak.gitbooks.io/documentation/authorization_services/topics/permission/overview.html
  35. """
  37. def __init__(self, name, type, logic, decision_strategy):
  38. self._name = name
  39. self._type = type
  40. self._logic = logic
  41. self._decision_strategy = decision_strategy
  42. self._resources = []
  43. self._scopes = []
  45. def __repr__(self):
  46. return "<Permission: %s (%s)>" % (self.name, self.type)
  48. def __str__(self):
  49. return "Permission: %s (%s)" % (self.name, self.type)
  51. @property
  52. def name(self):
  53. return self._name
  55. @name.setter
  56. def name(self, value):
  57. self._name = value
  59. @property
  60. def type(self):
  61. return self._type
  63. @type.setter
  64. def type(self, value):
  65. self._type = value
  67. @property
  68. def logic(self):
  69. return self._logic
  71. @logic.setter
  72. def logic(self, value):
  73. self._logic = value
  75. @property
  76. def decision_strategy(self):
  77. return self._decision_strategy
  79. @decision_strategy.setter
  80. def decision_strategy(self, value):
  81. self._decision_strategy = value
  83. @property
  84. def resources(self):
  85. return self._resources
  87. @resources.setter
  88. def resources(self, value):
  89. self._resources = value
  91. @property
  92. def scopes(self):
  93. return self._scopes
  95. @scopes.setter
  96. def scopes(self, value):
  97. self._scopes = value