watson.auth.modelsΒΆ
Sphinx cannot automatically generate these docs. The source has been included instead:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 | # -*- coding: utf-8 -*-
from datetime import datetime
from sqlalchemy import (Column, Integer, String, DateTime, ForeignKey,
SmallInteger)
from sqlalchemy.ext.declarative import declared_attr
from sqlalchemy.orm import relationship
from watson.common import imports
from watson.auth import authorization, crypto
from watson.db.models import Model
from watson.db.utils import _table_attr
class Permission(Model):
id = Column(Integer, primary_key=True)
name = Column(String(255))
key = Column(String(255))
created_date = Column(DateTime, default=datetime.now)
def __repr__(self):
return '<{0} key:{1} name:{2}>'.format(
imports.get_qualified_name(self), self.key, self.name)
class Role(Model):
id = Column(Integer, primary_key=True)
name = Column(String(255))
key = Column(String(255))
permissions = relationship('RolesHasPermission',
backref='roles')
created_date = Column(DateTime, default=datetime.now)
def add_permission(self, permission, value=1):
"""Adds a permission to the role.
Args:
Permission permission: The permission to attach
int value: The value to give the permission, can be either:
0 - deny
1 - allow
"""
role_permission = RolesHasPermission(value=value)
role_permission.permission = permission
self.permissions.append(role_permission)
def __repr__(self):
return '<{0} key:{1} name:{2}>'.format(
imports.get_qualified_name(self), self.key, self.name)
class UserMixin(object):
"""Common user fields, custom user classes should extend this as well as
Model.
Attributes:
string id_field: The name of the field to use as the id for the user
Columns:
string _password: The password of the user, aliased by self.password
string salt: The salt used to generate the password
list roles: The roles associated with the user
list permissions: The permissions associated with the user, overrides
the permissions associated with the role.
date created_date: The time the user was created.
date updated_date: The time the user was updated.
"""
__tablename__ = 'users'
_acl_class = authorization.Acl
_acl = None
id = Column(Integer, primary_key=True)
_password = Column(String(255), name='password')
salt = Column(String(255), nullable=False)
created_date = Column(DateTime, default=datetime.now)
updated_date = Column(DateTime, default=datetime.now)
@property
def acl(self):
"""Convenience method to access the users ACL.
See watson.auth.authorization.Acl for more information.
"""
if not self._acl:
self._acl = self._acl_class(self)
return self._acl
@declared_attr
def permissions(cls):
return relationship(UsersHasPermission, backref='user', cascade='all')
@declared_attr
def roles(cls):
return relationship(Role,
secondary=UsersHasRole.__tablename__,
backref='roles', cascade=None)
@declared_attr
def forgotten_password_tokens(cls):
return relationship(ForgottenPasswordToken, backref='user', cascade='all')
@property
def password(self):
"""Return the password.
"""
return self._password
@password.setter
def password(self, password):
"""Automatically generates the hashed password and salt when set.
Args:
string password: The password to set.
"""
_pass, salt = crypto.generate_password(password)
self._password = _pass
self.salt = salt
def touch(self):
"""Updates the date the user was modified.
"""
self.updated_date = datetime.now()
def add_permission(self, permission, value=1):
"""Adds a permission to the user.
This overrides any permission given by the associated roles.
Args:
Permission permission: The permission to attach
int value: The value to give the permission, can be either:
0 - deny
1 - allow
"""
user_permission = UsersHasPermission(value=value)
user_permission.permission = permission
self.permissions.append(user_permission)
def __repr__(self):
return '<{0} id:{1}>'.format(imports.get_qualified_name(self), self.id)
class RolesHasPermission(Model):
role_id = Column(Integer,
ForeignKey(_table_attr(Role, 'id')),
primary_key=True)
permission_id = Column(Integer,
ForeignKey(_table_attr(Permission, 'id')),
primary_key=True)
permission = relationship(Permission)
value = Column(SmallInteger, default=0)
created_date = Column(DateTime, default=datetime.now)
class UsersHasPermission(Model):
user_id = Column(Integer,
ForeignKey(_table_attr(UserMixin, 'id')),
primary_key=True)
permission_id = Column(Integer,
ForeignKey(_table_attr(Permission, 'id')),
primary_key=True)
permission = relationship(Permission)
value = Column(SmallInteger, default=0)
created_date = Column(DateTime, default=datetime.now)
class UsersHasRole(Model):
user_id = Column(Integer,
ForeignKey(_table_attr(UserMixin, 'id')),
primary_key=True)
role_id = Column(Integer,
ForeignKey(_table_attr(Role, 'id')),
primary_key=True)
class ForgottenPasswordToken(Model):
id = Column(Integer, primary_key=True)
token = Column(String(255))
user_id = Column(Integer,
ForeignKey(_table_attr(UserMixin, 'id')))
created_date = Column(DateTime, default=datetime.now)
def __repr__(self):
return '<{0} user id:{1}>'.format(
imports.get_qualified_name(self), self.user.id)
|