warricksothr
/
python-keycloak
forked from Mirror/python-keycloak
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44 Commits
5 Branches
0 Tags
420 KiB
Tree: 4e3fe9c7e1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4e3fe9c7e1'
${ noResults }
python-keycloak/keycloak/authorization/__init__.py

80 lines
2.9 KiB
Raw Normal View History

Added authorization services.
7 years ago
  1. # -*- coding: utf-8 -*-
  2. #
  3. # Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>
  4. #
  5. # This program is free software: you can redistribute it and/or modify
  6. # it under the terms of the GNU Lesser General Public License as published by
  7. # the Free Software Foundation, either version 3 of the License, or
  8. # (at your option) any later version.
  9. #
  10. # This program is distributed in the hope that it will be useful,
  11. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. # GNU Lesser General Public License for more details.
  14. #
  15. # You should have received a copy of the GNU Lesser General Public License
  16. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  18. import ast
  19. import json
  21. from keycloak.authorization.permission import Permission
  22. from keycloak.authorization.policy import Policy
  23. from keycloak.authorization.role import Role
  26. class Authorization:
  28. def __init__(self):
  29. self._policies = {}
  31. @property
  32. def policies(self):
  33. return self._policies
  35. @policies.setter
  36. def policies(self, value):
  37. self._policies = value
  39. def load_config(self, data):
  40. """
  42. :param data:
  43. :return:
  44. """
  45. for pol in data['policies']:
  46. if pol['type'] == 'role':
  47. policy = Policy(name=pol['name'],
  48. type=pol['type'],
  49. logic=pol['logic'],
  50. decision_strategy=pol['decisionStrategy'])
  52. config_roles = json.loads(pol['config']['roles'])
  53. for role in config_roles:
  54. policy.add_role(Role(name=role['id'],
  55. required=role['required']))
  57. self.policies[policy.name] = policy
  59. if pol['type'] == 'scope':
  60. permission = Permission(name=pol['name'],
  61. type=pol['type'],
  62. logic=pol['logic'],
  63. decision_strategy=pol['decisionStrategy'])
  65. permission.scopes = ast.literal_eval(pol['config']['scopes'])
  67. for policy_name in ast.literal_eval(pol['config']['applyPolicies']):
  68. self.policies[policy_name].add_permission(permission)
  70. if pol['type'] == 'resource':
  71. permission = Permission(name=pol['name'],
  72. type=pol['type'],
  73. logic=pol['logic'],
  74. decision_strategy=pol['decisionStrategy'])
  76. permission.resources = ast.literal_eval(pol['config']['resources'])
  78. for policy_name in ast.literal_eval(pol['config']['applyPolicies']):
  79. self.policies[policy_name].add_permission(permission)