Skip to content

Instantly share code, notes, and snippets.

@mcchae mcchae/acl_test.py
Created Sep 5, 2017

Embed
What would you like to do?
AAA Authorization with miracle_acl
#!/usr/bin/env python
# coding=utf8
###############################################################################
from miracle.acl import Acl
from pprint import pformat
###############################################################################
def acl_test():
# =========================================================================
acl = Acl()
# =========================================================================
gr = {
'root': {
'api_rest': {'read', 'write', 'create', 'delete'},
'page_root': {'read', 'write', 'create', 'delete'},
'page_user': {'read', 'write', 'create', 'delete'},
'page_guest': {'read', 'write', 'create', 'delete'},
},
'users': {
'api_rest': {'read', 'write', 'create', 'delete'},
'page_root': {'read'},
'page_user': {'read', 'write', 'create', 'delete'},
'page_guest': {'read', 'write', 'create', 'delete'},
},
'guests': {
'page_user': {'read'},
'page_guest': {'read', 'write', 'create', 'delete'},
}
}
acl.grants(gr)
# =========================================================================
print('Roles=%s' % acl.get_roles())
# =========================================================================
print('Resources=%s' % acl.get_resources())
# =========================================================================
# 해당되는 role:resource:read 가 가능한가 조사 : 없는 역할,리소스 등은 모두 False
check_arg = ('no_role', 'no_resource', 'read')
print('check for %s = %s' % (check_arg, acl.check(*check_arg)))
# 해당되는 role:resource:read 가 가능한가 조사: 가능한 역할,리소스의 권한체크
check_arg = ('root', 'page_user', 'read')
print('check for %s = %s' % (check_arg, acl.check(*check_arg)))
# 해당되는 role:resource:read 가 가능한가 조사: 가능한 역할,리소스의 권한체크
check_arg = ('users', 'page_root', 'read')
print('check for %s = %s' % (check_arg, acl.check(*check_arg)))
# 해당되는 role:resource:read 가 가능한가 조사: 불가능한 역할,리소스의 권한체크
check_arg = ('users', 'page_root', 'write')
print('check for %s = %s' % (check_arg, acl.check(*check_arg)))
# =========================================================================
# 현재 상태 구하기: json 결과
save = acl.__getstate__()
print('save=%s' % pformat(save))
# =========================================================================
# 특정 역할:자원:권한 추가
add_gr = {
'operators': {
'page_user': {'read', 'write', 'create', 'delete'},
'page_guest': {'read', 'write', 'create', 'delete'},
}
}
acl.grants(add_gr)
print('after added=%s' % pformat(acl.__getstate__()))
# =========================================================================
# 특정 역할 삭제
acl.revoke_all('users')
print('after deleted=%s' % pformat(acl.__getstate__()))
# =========================================================================
acl = Acl() # new (instead of delete all with traversing)
acl.__setstate__(save)
print('after restored=%s' % pformat(acl.__getstate__()))
###############################################################################
if __name__ == '__main__':
acl_test()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.