aiohttp-security/demo/db_auth.py

import asyncio
import sqlalchemy as sa

from aiohttp_security.authorization import AbstractAuthorizationPolicy

from . import db


class DBAuthorizationPolicy(AbstractAuthorizationPolicy):
    def __init__(self, dbengine):
        self.dbengine = dbengine

    @asyncio.coroutine
    def authorized_user_id(self, identity):
        with (yield from self.dbengine) as conn:
            where = [db.users.c.login == identity,
                     not db.users.c.disabled]
            query = db.users.count().where(sa.and_(*where))
            ret = yield from conn.scalar(query)
            if ret:
                return identity
            else:
                return None

    @asyncio.coroutine
    def permits(self, identity, permission, context=None):
        with (yield from self.dbengine) as conn:
            where = [db.users.c.login == identity,
                     not db.users.c.disabled]
        record = self.data.get(identity)
        if record is not None:
            # TODO: implement actual permission checker
            if permission in record:
                return True
        return False
Initial commit 2015-07-08 17:30:24 +00:00			`import asyncio`
work on demo 2015-11-21 07:37:44 +00:00			`import sqlalchemy as sa`
Initial commit 2015-07-08 17:30:24 +00:00
			`from aiohttp_security.authorization import AbstractAuthorizationPolicy`

work on demo 2015-11-21 07:37:44 +00:00			`from . import db`

Initial commit 2015-07-08 17:30:24 +00:00
Work on demo 2015-11-21 06:45:08 +00:00			`class DBAuthorizationPolicy(AbstractAuthorizationPolicy):`
Work on demo 2015-11-26 18:09:00 +00:00			`def __init__(self, dbengine):`
			`self.dbengine = dbengine`
Initial commit 2015-07-08 17:30:24 +00:00
work on demo 2015-11-21 07:37:44 +00:00			`@asyncio.coroutine`
			`def authorized_user_id(self, identity):`
Merge branch 'master' of github.com:aio-libs/aiohttp_security 2015-11-26 18:11:49 +00:00			`with (yield from self.dbengine) as conn:`
work on demo 2015-11-21 07:37:44 +00:00			`where = [db.users.c.login == identity,`
			`not db.users.c.disabled]`
			`query = db.users.count().where(sa.and_(*where))`
			`ret = yield from conn.scalar(query)`
			`if ret:`
			`return identity`
			`else:`
			`return None`

Initial commit 2015-07-08 17:30:24 +00:00			`@asyncio.coroutine`
			`def permits(self, identity, permission, context=None):`
Merge branch 'master' of github.com:aio-libs/aiohttp_security 2015-11-26 18:11:49 +00:00			`with (yield from self.dbengine) as conn:`
work on demo 2015-11-21 07:37:44 +00:00			`where = [db.users.c.login == identity,`
			`not db.users.c.disabled]`
Initial commit 2015-07-08 17:30:24 +00:00			`record = self.data.get(identity)`
			`if record is not None:`
			`# TODO: implement actual permission checker`
			`if permission in record:`
			`return True`
			`return False`