~launchpad-pqm/launchpad/devel

« back to all changes in this revision

Viewing changes to lib/lp/registry/interfaces/accesspolicy.py

Committer: Launchpad Patch Queue Manager
Date: 2011-11-21 23:18:40 UTC
mfrom: (14186.6.43 observer-model)
Revision ID: launchpad@pqm.canonical.com-20111121231840-jek6hufhmc2q0f2g

[r=sinzui][no-qa] Initial model work for access policies.

files added:
lib/lp/registry/interfaces/accesspolicy.py

lib/lp/registry/model/accesspolicy.py

lib/lp/registry/tests/test_accesspolicy.py

files modified:
database/schema/security.cfg

lib/lp/registry/configure.zcml

lib/lp/testing/factory.py

Show diffs side-by-side

added added

removed removed

lib/lp/registry/interfaces/accesspolicy.py

# GNU Affero General Public License version 3 (see the file LICENSE).

"""Interfaces for pillar and artifact access policies."""

__metaclass__ = type

__all__ = [

'AccessPolicyType',

'IAccessPolicy',

'IAccessPolicyArtifact',

'IAccessPolicyArtifactSource',

'IAccessPolicyGrant',

'IAccessPolicySource',

]

from lazr.enum import (

DBEnumeratedType,

DBItem,

)

from zope.interface import (

Attribute,

Interface,

)

class AccessPolicyType(DBEnumeratedType):

"""Access policy type."""

PRIVATE = DBItem(1, """

Private

This policy covers general private information.

""")

SECURITY = DBItem(2, """

Security

This policy covers information relating to confidential security

vulnerabilities.

""")

class IAccessPolicy(Interface):

id = Attribute("ID")

pillar = Attribute("Pillar")

type = Attribute("Type")

class IAccessPolicyArtifact(Interface):

id = Attribute("ID")

concrete_artifact = Attribute("Concrete artifact")

policy = Attribute("Access policy")

class IAccessPolicyGrant(Interface):

id = Attribute("ID")

grantee = Attribute("Grantee")

grantor = Attribute("Grantor")

date_created = Attribute("Date created")

policy = Attribute("Access policy")

abstract_artifact = Attribute("Abstract artifact")

concrete_artifact = Attribute("Concrete artifact")

class IAccessPolicySource(Interface):

def create(pillar, display_name):

"""Create an `IAccessPolicy` for the pillar with the given name."""

def getByID(id):

"""Return the `IAccessPolicy` with the given ID."""

def getByPillarAndType(pillar, type):

"""Return the pillar's `IAccessPolicy` with the given type."""

def findByPillar(pillar):

"""Return a ResultSet of all `IAccessPolicy`s for the pillar."""

class IAccessPolicyArtifactSource(Interface):

def ensure(concrete_artifact):

"""Return the `IAccessPolicyArtifact` for a concrete artifact.

Creates the abstract artifact if it doesn't already exist.

"""

def get(concrete_artifact):

"""Return the `IAccessPolicyArtifact` for an artifact, if it exists.

Use ensure() if you want to create one if it doesn't yet exist.

"""

def delete(concrete_artifact):

"""Delete the `IAccessPolicyArtifact` for a concrete artifact.

Also removes any AccessPolicyGrants for the artifact.

100

"""

101

102

103

class IAccessPolicyGrantSource(Interface):

104

105

def grant(grantee, grantor, object):

106

"""Create an `IAccessPolicyGrant`.

107

108

:param grantee: the `IPerson` to hold the access.

109

:param grantor: the `IPerson` that grants the access.

110

:param object: the `IAccessPolicy` or `IAccessPolicyArtifact` to

111

grant access to.

112

"""

113

114

def getByID(id):

115

"""Return the `IAccessPolicyGrant` with the given ID."""

116

117

def findByPolicy(policy):

118

"""Return all `IAccessPolicyGrant` objects for the policy."""

Older »