mirror/peeringdb-peeringdb
1
0
Fork 0
mirror of https://github.com/peeringdb/peeringdb.git synced 2024-05-11 05:55:09 +00:00
Code Releases Activity
Files
dec-updates
peeringdb-peeringdb/docs/dev/modules/permissions.py.md
T
Stefan Pratter 2e8788b595 Support 202210 (#1286) 
* Allow REALPEER to overwrite GHOSTPEER netixlan entry, if asn and IPv6/v4 addresses matches the IX-F Members Export information #983

* Lightweight user notification mechanism #758

* do not allow affiliation with a deleted organisation #953

* Improve readability when users have special permissions #659

* fix advanced search export when api-cache exist and no filters were supplied #1153

* Ops: Throttle strings with "Response size" should be renamed "Repeated request" #1168

* allow ixlan prefix to be changed / deleted regardless of existence of netixlans in the address space #924

* linting

* poetry relock

* remove debug code

* linting

* fixed Reset IX-F suggestions link non-functional #1253

* solved UI shows own email when viewing affiliation requests for an organization #1250

* Adjust "Add Facility" menu to include newly defined fields #1091

* Footer "Global System Statistics" should be cached within django instance, not updated with every page load #1283

* linting

* django-handleref to 1.1.0 and relock poetry

* GLOBAL_STATS_CACHE_DURATION default to 900 seconds

* remove vscode and idea

* remove Ctl/dev/docker-compose.debug.yml

* remove unsused variable

* rename STATS to __STATS

* linting

* regen docs
2022-11-08 11:25:32 -06:00

3.4 KiB
Raw Permalink Blame History

Generated from permissions.py on 2022-11-08 14:31:50.933987

peeringdb_server.permissions

Utilities for permission handling.

Permission logic is handled through django-grainy.

API key auth is handled through djangorestframework-api-key.

Determine permission holder from request (api key or user).

Read only user api key handling.

Censor API output data according to permissions using grainy Applicators.

Functions

check_permissions

def check_permissions(obj, target, permissions, **kwargs)

Use the provided permission holding object to initialize the Permissions Util, which then checks permissions.

check_permissions_from_request

def check_permissions_from_request(request, target, flag, **kwargs)

Call the check_permissions util but takes a request as input, not a permission-holding object.

get_key_from_request

def get_key_from_request(request)

Use the default KeyParser from drf-api-keys to pull the key out of the request.

get_org_key_from_request

def get_org_key_from_request(request)

Return an org key from the request if the request was made with an OrgKey.

Otherwise returns None.

get_permission_holder_from_request

def get_permission_holder_from_request(request)

Return either an API Key instance or User instance depending on how the request is Authenticated.

get_user_from_request

def get_user_from_request(request)

Return a user from the request if the request was made with either a User or UserAPIKey.

If request was made with OrgKey, returns None.

get_user_key_from_request

def get_user_key_from_request(request)

Return a user API key from the request if the request was made with an User API Key.

Otherwise returns None.

init_permissions_helper

def init_permissions_helper(obj)

Initialize the Permission Util based on whether the provided object is a UserAPIKey, OrgAPIKey, or a different object.

return_org_api_key_perms

def return_org_api_key_perms(key)

Load Permissions util with OrgAPIKey perms and then add in that organization's user group perms and general user group permissions.

return_user_api_key_perms

def return_user_api_key_perms(key)

Initialize the Permissions Util with the permissions of the user linked to the User API key.

If the UserAPIKey is marked readonly, it downgrades all permissions to readonly.

Classes

APIPermissionsApplicator

APIPermissionsApplicator(grainy.core.NamespaceKeyApplicator)

Applicator that looks for permission namespaces from a specified field in the dict it is scanning

Instanced Attributes

These attributes / properties will be available on instances of the class

  • is_generating_api_cache (@property): None

Methods

_init_

def __init__(self, request)

Initialize self. See help(type(self)) for accurate signature.

ModelViewSetPermissions

ModelViewSetPermissions(rest_framework.permissions.BasePermission)

Use as a permission class on a ModelRestViewSet to automatically wire up the following views to the correct permissions based on the handled object:

  • retrieve
  • list
  • create
  • destroy
  • update
  • partial update

Methods

has_object_permission

def has_object_permission(self, request, view, obj)

Return True if permission is granted, False otherwise.

has_permission

def has_permission(self, request, view)

Return True if permission is granted, False otherwise.

View Git Blame Copy Permalink