blob: eb190c9a9e07aed0367f7869380896aba2e357cd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
"""
Role-based access permissions decorators
"""
import logging
from ..exceptions import PermissionNotValid
from ..security import Permission
logger = logging.getLogger(__name__)
def _set_func_permissions(func, permissions):
if not isinstance(permissions, list):
permissions = [permissions]
for perm in permissions:
if not Permission.valid_permission(perm):
logger.debug("Invalid security permission: %s\n "
"Possible values: %s", perm,
Permission.all_permissions())
raise PermissionNotValid(perm)
# pylint: disable=protected-access
if not hasattr(func, '_security_permissions'):
func._security_permissions = permissions
else:
permissions.extend(func._security_permissions)
func._security_permissions = list(set(permissions))
def ReadPermission(func): # noqa: N802
"""
:raises PermissionNotValid: If the permission is missing.
"""
_set_func_permissions(func, Permission.READ)
return func
def CreatePermission(func): # noqa: N802
"""
:raises PermissionNotValid: If the permission is missing.
"""
_set_func_permissions(func, Permission.CREATE)
return func
def DeletePermission(func): # noqa: N802
"""
:raises PermissionNotValid: If the permission is missing.
"""
_set_func_permissions(func, Permission.DELETE)
return func
def UpdatePermission(func): # noqa: N802
"""
:raises PermissionNotValid: If the permission is missing.
"""
_set_func_permissions(func, Permission.UPDATE)
return func
|
