Coverage for portality/authorise.py: 92%

25 statements  

« prev     ^ index     » next       coverage.py v6.4.2, created at 2022-09-13 22:06 +0100

1from portality.core import app 

2 

3class Authorise(object): 

4 """ 

5 ~~AuthNZ:Feature~~ 

6 """ 

7 @classmethod 

8 def has_role(cls, role, reference): 

9 ultra = False 

10 if role.startswith("ultra_"): 

11 ultra = True 

12 

13 # if we are the super user we can do anything 

14 if app.config["SUPER_USER_ROLE"] in reference and not ultra: 

15 return True 

16 

17 # if the user's role list contains the role explicitly then do it 

18 if role in reference: 

19 return True 

20 

21 # get the de-duplicated list of roles that the user has 

22 full = cls.get_roles(reference) 

23 if role in full: 

24 return True 

25 

26 return False 

27 

28 @classmethod 

29 def get_roles(cls, reference): 

30 role_map = app.config.get("ROLE_MAP", {}) 

31 roles = [] 

32 for r in reference: 

33 roles += role_map.get(r, []) 

34 return list(set(roles)) 

35 

36 @classmethod 

37 def top_level_roles(cls): 

38 return app.config.get("TOP_LEVEL_ROLES", []) 

39