Skip to content

Instantly share code, notes, and snippets.

@ionelmc

ionelmc/aspectlib-perm-example.rst

Last active January 27, 2016 18:45
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ionelmc/f6721ba55b3faa4f39a4 to your computer and use it in GitHub Desktop.
Save ionelmc/f6721ba55b3faa4f39a4 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
aspectlib-perm-example.rst

pycon

Python 3.5.1 (default, Dec 18 2015, 00:00:00) [GCC 4.8.4] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import os def delete(self, , stuff_id, user): user.objects.remove(stuff_id) def change(self,, stuff_id, params, user): pass

class User(object):
def __init__(self, is_authenticated=False):

self.is_authenticated = is_authenticated self.objects = []

class PermissionError(Exception):

pass

>>>

print("Checking perms on behalf of {}'s {} for arguments {}".format(controller, cutpoint, kwargs)) user = kwargs['user'] if user.is_authenticated:

>>> class StuffController(object): ... def create(self, , params, user): ... stuff_id = os.urandom(16) ... user.objects.append(stuff_id) ... return stuff_id ... def delete(self,, stuff_id, user): ... user.objects.remove(stuff_id) ... def change(self, , stuff_id, params, user): ... pass ... >>> class User(object): ... def __init__(self, is_authenticated=False): ... self.is_authenticated = is_authenticated ... self.objects = [] ... >>> class PermissionError(Exception): ... pass ... >>> from aspectlib import Aspect, weave >>> >>> @Aspect(bind=True) ... def check_perms(cutpoint, controller,kwargs): ... print("Checking perms on behalf of {}'s {} for arguments {}".format(controller, cutpoint, kwargs)) ... user = kwargs['user'] ... if user.is_authenticated: ... if 'stuff_id' in kwargs: ... print(kwargs['stuff_id'] in user.objects) ... if kwargs['stuff_id'] in user.objects: ... yield ... else: ... raise PermissionError("User don't own {stuff_id}".format(*kwargs)) ... else: ... yield ... else: ... raise PermissionError("User ain't authenticated") ... >>> weave(StuffController, check_perms) <aspectlib.Rollback object at 0x7fdd4f74e528> >>> >>> controller = StuffController() >>> controller.create(user=User()) Checking perms on behalf of <__main__.StuffController object at 0x7fdd5012b6a0>'s <function StuffController.create at 0x7fdd50114bf8> for arguments {'user': <__main__.User object at 0x7fdd5012b3c8>} Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/local/lib/python3.5/dist-packages/aspectlib/__init__.py", line 256, in advising_function_wrapper advice = next(advisor) File "<stdin>", line 15, in check_perms __main__.PermissionError: User ain't authenticated >>> johnny = User(is_authenticated=True) >>> abc_id = controller.create(params="abc", user=johnny) Checking perms on behalf of <__main__.StuffController object at 0x7fdd5012b6a0>'s <function StuffController.create at 0x7fdd50114bf8> for arguments {'user': <__main__.User object at 0x7fdd5012b780>, 'params': 'abc'} >>> controller.delete(stuff_id=123, user=johnny) Checking perms on behalf of <__main__.StuffController object at 0x7fdd5012b6a0>'s <function StuffController.delete at 0x7fdd50114c80> for arguments {'stuff_id': 123, 'user': <__main__.User object at 0x7fdd5012b780>} False Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/local/lib/python3.5/dist-packages/aspectlib/__init__.py", line 256, in advising_function_wrapper advice = next(advisor) File "<stdin>", line 11, in check_perms __main__.PermissionError: User don't own 123 >>> controller.change(stuff_id=123, params="abc", user=johnny) Checking perms on behalf of <__main__.StuffController object at 0x7fdd5012b6a0>'s <function StuffController.change at 0x7fdd50114d08> for arguments {'stuff_id': 123, 'user': <__main__.User object at 0x7fdd5012b780>, 'params': 'abc'} False Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/local/lib/python3.5/dist-packages/aspectlib/__init__.py", line 256, in advising_function_wrapper advice = next(advisor) File "<stdin>", line 11, in check_perms __main__.PermissionError: User don't own 123 >>> controller.change(stuff_id=abc_id, params="foo", user=johnny) Checking perms on behalf of <__main__.StuffController object at 0x7fdd5012b6a0>'s <function StuffController.change at 0x7fdd50114d08> for arguments {'stuff_id': b'xcfxeexe0TH1rxe7x92xee {Sx18zq', 'user': <__main__.User object at 0x7fdd5012b780>, 'params': 'foo'} True >>> controller.delete(stuff_id=abc_id, user=johnny) Checking perms on behalf of <__main__.StuffController object at 0x7fdd5012b6a0>'s <function StuffController.delete at 0x7fdd50114c80> for arguments {'stuff_id': b'xcfxeexe0TH1rxe7x92xee {Sx18zq', 'user': <__main__.User object at 0x7fdd5012b780>} True >>> controller.delete(stuff_id=abc_id, user=johnny) Checking perms on behalf of <__main__.StuffController object at 0x7fdd5012b6a0>'s <function StuffController.delete at 0x7fdd50114c80> for arguments {'stuff_id': b'xcfxeexe0TH1rxe7x92xee {Sx18zq', 'user': <__main__.User object at 0x7fdd5012b780>} False Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/local/lib/python3.5/dist-packages/aspectlib/__init__.py", line 256, in advising_function_wrapper advice = next(advisor) File "<stdin>", line 11, in check_perms __main__.PermissionError: User don't own b'xcfxeexe0TH1rxe7x92xee {Sx18zq'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment