51 lines
1.4 KiB
Python
51 lines
1.4 KiB
Python
|
import abc
|
||
|
|
import asyncio
|
||
|
|
|
||
|
|
# see http://plope.com/pyramid_auth_design_api_postmortem
|
||
|
|
|
||
|
|
|
||
|
|
class AbstractIdentityPolicy(metaclass=abc.ABCMeta):
|
||
|
|
|
||
|
|
@asyncio.coroutine
|
||
|
|
@abc.abstractmethod
|
||
|
|
def identify(self, request):
|
||
|
|
""" Return the claimed identity of the user associated request or
|
||
|
|
``None`` if no identity can be found associated with the request."""
|
||
|
|
pass
|
||
|
|
|
||
|
|
@asyncio.coroutine
|
||
|
|
@abc.abstractmethod
|
||
|
|
def remember(self, request, identity, **kwargs):
|
||
|
|
"""Remember identity.
|
||
|
|
|
||
|
|
Return MultiDict with headers on this request's response.
|
||
|
|
|
||
|
|
An individual identity policy and its consumers can decide on
|
||
|
|
the composition and meaning of **kw.
|
||
|
|
"""
|
||
|
|
pass
|
||
|
|
|
||
|
|
@asyncio.coroutine
|
||
|
|
@abc.abstractmethod
|
||
|
|
def forget(self, request):
|
||
|
|
""" Modify request.response which can be used to 'forget' the
|
||
|
|
current identity on subsequent requests."""
|
||
|
|
pass
|
||
|
|
|
||
|
|
|
||
|
|
class AbstractAuthorizationPolicy(metaclass=abc.ABCMeta):
|
||
|
|
|
||
|
|
@asyncio.coroutine
|
||
|
|
@abc.abstractmethod
|
||
|
|
def permits(self, identity, permission, context=None):
|
||
|
|
""" Return True if the identity is allowed the permission in the
|
||
|
|
current context, else return False"""
|
||
|
|
pass
|
||
|
|
|
||
|
|
@asyncio.coroutine
|
||
|
|
@abc.abstractmethod
|
||
|
|
def authorized_userid(self, identity):
|
||
|
|
""" Return the user_id of the user identified by the identity
|
||
|
|
or 'None' if no user exists related to the identity """
|
||
|
|
pass
|