103 lines
3.1 KiB

  1. # -*- coding: utf-8 -*-
  2. #
  3. # The MIT License (MIT)
  4. #
  5. # Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>
  6. #
  7. # Permission is hereby granted, free of charge, to any person obtaining a copy of
  8. # this software and associated documentation files (the "Software"), to deal in
  9. # the Software without restriction, including without limitation the rights to
  10. # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
  11. # the Software, and to permit persons to whom the Software is furnished to do so,
  12. # subject to the following conditions:
  13. #
  14. # The above copyright notice and this permission notice shall be included in all
  15. # copies or substantial portions of the Software.
  16. #
  17. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18. # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
  19. # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
  20. # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
  21. # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  22. # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  23. class Permission:
  24. """
  25. Consider this simple and very common permission:
  26. A permission associates the object being protected with the policies that must be evaluated to determine whether access is granted.
  27. X CAN DO Y ON RESOURCE Z
  28. where
  29. X represents one or more users, roles, or groups, or a combination of them. You can
  30. also use claims and context here.
  31. Y represents an action to be performed, for example, write, view, and so on.
  32. Z represents a protected resource, for example, "/accounts".
  33. https://keycloak.gitbooks.io/documentation/authorization_services/topics/permission/overview.html
  34. """
  35. def __init__(self, name, type, logic, decision_strategy):
  36. self._name = name
  37. self._type = type
  38. self._logic = logic
  39. self._decision_strategy = decision_strategy
  40. self._resources = []
  41. self._scopes = []
  42. def __repr__(self):
  43. return "<Permission: %s (%s)>" % (self.name, self.type)
  44. def __str__(self):
  45. return "Permission: %s (%s)" % (self.name, self.type)
  46. @property
  47. def name(self):
  48. return self._name
  49. @name.setter
  50. def name(self, value):
  51. self._name = value
  52. @property
  53. def type(self):
  54. return self._type
  55. @type.setter
  56. def type(self, value):
  57. self._type = value
  58. @property
  59. def logic(self):
  60. return self._logic
  61. @logic.setter
  62. def logic(self, value):
  63. self._logic = value
  64. @property
  65. def decision_strategy(self):
  66. return self._decision_strategy
  67. @decision_strategy.setter
  68. def decision_strategy(self, value):
  69. self._decision_strategy = value
  70. @property
  71. def resources(self):
  72. return self._resources
  73. @resources.setter
  74. def resources(self, value):
  75. self._resources = value
  76. @property
  77. def scopes(self):
  78. return self._scopes
  79. @scopes.setter
  80. def scopes(self, value):
  81. self._scopes = value