repoze.bfg.security¶
API Functions¶
- repoze.bfg.security.authenticated_userid(request)¶
- Return the userid of the currently authenticated user or None if there is no authentication policy in effect or there is no currently authenticated user.
- repoze.bfg.security.effective_principals(request)¶
- Return the list of ‘effective’ principal identifiers for the request. This will include the userid of the currently authenticated user if a user is currently authenticated. If no authentication policy is in effect, this will return an empty sequence.
- repoze.bfg.security.has_permission(permission, context, request)¶
- Provided a permission (a string or unicode object), a context (a model instance) and a request object, return an instance of Allowed if the permission is granted in this context to the user implied by the request. Return an instance of Denied if this permission is not granted in this context to this user. This function delegates to the current authentication and authorization policies. Return Allowed unconditionally if no authentication policy has been configured in this application.
- repoze.bfg.security.principals_allowed_by_permission(context, permission)¶
Provided a context (a model object), and a permission (a string or unicode object), return a sequence of principal ids that possess the permission in the context. If no authorization policy is in effect, this will return a sequence with the single value representing Everyone (the special principal identifier representing all principals).
Note
even if an authorization policy is in effect, some (exotic) authorization policies may not implement the required machinery for this function; those will cause a NotImplementedError exception to be raised when this function is invoked.
- repoze.bfg.security.forget(request)¶
Return a sequence of header tuples (e.g. [('Set-Cookie', 'foo=abc')]) suitable for ‘forgetting’ the set of credentials possessed by the currently authenticated user. A common usage might look like so within the body of a view function (response is assumed to be an WebOb-style response object computed previously by the view code):
from repoze.bfg.security import forget headers = forget(context, request) response.headerlist.extend(headers) return response
If no authentication policy is in use, this function will always return an empty sequence.
- repoze.bfg.security.remember(request, principal, **kw)¶
Return a sequence of header tuples (e.g. [('Set-Cookie', 'foo=abc')]) suitable for ‘remembering’ a set of credentials implied by the data passed as principal and *kw using the current authentication policy. Common usage might look like so within the body of a view function (response is assumed to be an WebOb-style response object computed previously by the view code):
from repoze.bfg.security import forget headers = remember(context, request, 'chrism', password='123') response.headerlist.extend(headers) return response
If no authentication policy is in use, this function will always return an empty sequence. If used, the composition and meaning of **kw must be agreed upon by the calling code and the effective authentication policy.
- repoze.bfg.security.view_execution_permitted(context, request, name='')¶
- If the view specified by context and name is protected by a permission, check the permission associated with the view using the effective authentication/authorization policies and the request. Return a boolean result. If no authentication policy is in effect, or if the view is not protected by a permission, return True.
Constants¶
- repoze.bfg.security.Everyone¶
- The special principal id named ‘Everyone’. This principal id is granted to all requests. Its actual value is the string ‘system.Everyone’.
- repoze.bfg.security.Authenticated¶
- The special principal id named ‘Authenticated’. This principal id is granted to all requests which contain any other non-Everyone principal id (according to the authentication policy). Its actual value is the string ‘system.Authenticated’.
- repoze.bfg.security.ALL_PERMISSIONS¶
- An object that can be used as the permission member of an ACE which matches all permissions unconditionally. For example, an ACE that uses ALL_PERMISSIONS might be composed like so: ('Deny', 'system.Everyone', ALL_PERMISSIONS).
- repoze.bfg.security.DENY_ALL¶
- A convenience shorthand ACE that defines ('Deny', 'system.Everyone', ALL_PERMISSIONS). This is often used as the last ACE in an ACL in systems that use an “inheriting” security policy, representing the concept “don’t inherit any other ACEs”.
Return Values¶
- repoze.bfg.security.Allow¶
- The ACE “action” (the first element in an ACE e.g. (Allow, Everyone, 'read') that means allow access. A sequence of ACEs makes up an ACL. It is a string, and it’s actual value is “Allow”.
- repoze.bfg.security.Deny¶
- The ACE “action” (the first element in an ACE e.g. (Deny, 'george', 'read') that means deny access. A sequence of ACEs makes up an ACL. It is a string, and it’s actual value is “Deny”.
- class repoze.bfg.security.ACLDenied¶
- An instance of ACLDenied represents that a security check made explicitly against ACL was denied. It evaluates equal to all boolean false types. It also has attributes which indicate which acl, ace, permission, principals, and context were involved in the request. Its __str__ method prints a summary of these attributes for debugging purposes. The same summary is available as the msg attribute.
- class repoze.bfg.security.ACLAllowed¶
- An instance of ACLDenied represents that a security check made explicitly against ACL was allowed. It evaluates equal to all boolean true types. It also has attributes which indicate which acl, ace, permission, principals, and context were involved in the request. Its __str__ method prints a summary of these attributes for debugging purposes. The same summary is available as the msg attribute.
- class repoze.bfg.security.Denied¶
- An instance of Denied is returned when a security-related API or other repoze.bfg code denies an action unlrelated to an ACL check. It evaluates equal to all boolean false types. It has an attribute named msg describing the circumstances for the deny.
- class repoze.bfg.security.Allowed¶
- An instance of Allowed is returned when a security-related API or other repoze.bfg code allows an action unrelated to an ACL check. It evaluates equal to all boolean true types. It has an attribute named msg describing the circumstances for the allow.
