cowbird.permissions_synchronizer

Module Contents

Classes

Permission	Define every property required to set a permission in Magpie.
SyncPoint	A sync point contain services sharing resources via multiple API.
PermissionSynchronizer	Keep service-shared resources in sync when permissions are updated for one of them.

Attributes

SyncPointServicesType
LOGGER

cowbird.permissions_synchronizer.SyncPointServicesType

cowbird.permissions_synchronizer.LOGGER

class cowbird.permissions_synchronizer.Permission(service_name: str, resource_id: str, resource_full_name: str, name: str, access: str, scope: str, user: str = None, group: str = None)

Define every property required to set a permission in Magpie.

__eq__(self: Permission, other) → bool

Return self==value.

class cowbird.permissions_synchronizer.SyncPoint(services: SyncPointServicesType, mapping: SyncPointMappingType)

A sync point contain services sharing resources via multiple API.

It defines how the same resource is defined in each service and what are the mapping between permission accesses.

Init the sync point, holding services with their respective resources root and how access are mapped between them.

@param services: Dict, where the service is the key and its resources root is the value @param mapping: List of dict where the service is the key and an access list is the value

resource_match(self: Permission, permission) → bool

Define if the permission name is covered by this sync point.

find_match(self: Permission, permission) → Generator[Tuple[str, str], None, None]

Search and yield for every match a (service, permission name) tuple that is mapped with this permission.

sync(self: Callable[Permission], perm_operation: Permission, permission) → None

Create or delete the same permission on each service sharing the same resource.

@param perm_operation Magpie create_permission or delete_permission function @param permission Permission to synchronize with others services

class cowbird.permissions_synchronizer.PermissionSynchronizer(magpie_inst)

Bases: object

Keep service-shared resources in sync when permissions are updated for one of them.

Todo

At some point we will need a consistency function that goes through all permissions of all services and make sure that linked services have the same permissions.

create_permission(self: Permission, permission) → None

Create the same permission on each service sharing the same resource.

delete_permission(self: Permission, permission) → None

Delete the same permission on each service sharing the same resource.