X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FNBI.git;a=blobdiff_plain;f=osm_nbi%2Fauthconn.py;h=bbcf3422705d4419341a6dfd17e0fdffa2d1ca0f;hp=17275900b1fc0e4b8a0797ff34c98adc742889ed;hb=0b8752ff86fdb4bdb6fffe00103a221aa4bbc923;hpb=01b15d3166ea28266fb3d994d0615e4091c43c08 diff --git a/osm_nbi/authconn.py b/osm_nbi/authconn.py index 1727590..bbcf342 100644 --- a/osm_nbi/authconn.py +++ b/osm_nbi/authconn.py @@ -23,11 +23,12 @@ Authconn implements an Abstract class for the Auth backend connector plugins with the definition of the methods to be implemented. """ -__author__ = "Eduardo Sousa " +__author__ = "Eduardo Sousa , " \ + "Pedro de la Cruz Ramos " __date__ = "$27-jul-2018 23:59:59$" from http import HTTPStatus -from base_topic import BaseTopic +from osm_nbi.base_topic import BaseTopic class AuthException(Exception): @@ -109,23 +110,25 @@ class Authconn: Each Auth backend connector plugin must be a subclass of Authconn class. """ - def __init__(self, config, db, token_cache): + def __init__(self, config, db, role_permissions): """ Constructor of the Authconn class. - - Note: each subclass - :param config: configuration dictionary containing all the necessary configuration parameters. + :param db: internal database classs + :param role_permissions: read only role permission list """ self.config = config + self.role_permissions = role_permissions - def authenticate(self, user, password, project=None, token_info=None): + def authenticate(self, credentials, token_info=None): """ Authenticate a user using username/password or token_info, plus project - :param user: user: name, id or None - :param password: password or None - :param project: name, id, or None. If None first found project will be used to get an scope token + :param credentials: dictionary that contains: + username: name, id or None + password: password or None + project_id: name, id, or None. If None first found project will be used to get an scope token + other items are allowed for specific auth backends :param token_info: previous token_info to obtain authorization :return: the scoped token info or raises an exception. The token is a dictionary with: _id: token string id, @@ -190,8 +193,14 @@ class Authconn: :return: returns a list of users. """ - def get_user(self, id, fail=True): - filt = {BaseTopic.id_field("users", id): id} + def get_user(self, _id, fail=True): + """ + Get one user + :param _id: id or name + :param fail: True to raise exception on not found. False to return None on not found + :return: dictionary with the user information + """ + filt = {BaseTopic.id_field("users", _id): _id} users = self.get_user_list(filt) if not users: if fail: @@ -227,8 +236,14 @@ class Authconn: """ raise AuthconnNotImplementedException("Should have implemented this") - def get_role(self, id, fail=True): - filt = {BaseTopic.id_field("roles", id): id} + def get_role(self, _id, fail=True): + """ + Get one role + :param _id: id or name + :param fail: True to raise exception on not found. False to return None on not found + :return: dictionary with the role information + """ + filt = {BaseTopic.id_field("roles", _id): _id} roles = self.get_role_list(filt) if not roles: if fail: @@ -273,8 +288,14 @@ class Authconn: """ raise AuthconnNotImplementedException("Should have implemented this") - def get_project(self, id, fail=True): - filt = {BaseTopic.id_field("projects", id): id} + def get_project(self, _id, fail=True): + """ + Get one project + :param _id: id or name + :param fail: True to raise exception on not found. False to return None on not found + :return: dictionary with the project information + """ + filt = {BaseTopic.id_field("projects", _id): _id} projs = self.get_project_list(filt) if not projs: if fail: