UserDB.get_permission_assignments() - Code Metrics - Inspection of "Merge pull request #2920 from tonybaloney/oauth" - StackStorm/st2 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 1c9535...b8d4ca )

by Edward

created 2016-10-06 03:37 UTC

UserDB.get_permission_assignments() A

↳ Parent: UserDB

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	1

Metric	Value
cc	1
c	1
b	0
f	1
dl	0
loc	3
rs	10

# Licensed to the StackStorm, Inc ('StackStorm') under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

import copy
import mongoengine as me

from st2common.constants.secrets import MASKED_ATTRIBUTE_VALUE
from st2common.constants.types import ResourceType
from st2common.fields import ComplexDateTimeField
from st2common.models.db import stormbase
from st2common.services.rbac import get_roles_for_user
from st2common.util import date as date_utils

__all__ = [
    'UserDB',
    'TokenDB',
    'ApiKeyDB'
]


class UserDB(stormbase.StormFoundationDB):
    name = me.StringField(required=True, unique=True)
    is_service = me.BooleanField(required=True, default=False)
    nicknames = me.DictField(required=False,
                             help_text='"Nickname + origin" pairs for ChatOps auth')

    def get_roles(self):
        """
        Retrieve roles assigned to that user.

        :rtype: ``list`` of :class:`RoleDB`
        """
        result = get_roles_for_user(user_db=self)
        return result

    def get_permission_assignments(self):
        # TODO
        pass


class TokenDB(stormbase.StormFoundationDB):
    user = me.StringField(required=True)
    token = me.StringField(required=True, unique=True)
    expiry = me.DateTimeField(required=True)
    metadata = me.DictField(required=False,
                            help_text='Arbitrary metadata associated with this token')


class ApiKeyDB(stormbase.StormFoundationDB, stormbase.UIDFieldMixin):

    """
    """
    RESOURCE_TYPE = ResourceType.API_KEY
    UID_FIELDS = ['key_hash']

    user = me.StringField(required=True)
    key_hash = me.StringField(required=True, unique=True)
    metadata = me.DictField(required=False,
                            help_text='Arbitrary metadata associated with this token')
    created_at = ComplexDateTimeField(default=date_utils.get_datetime_utc_now,
                                      help_text='The creation time of this ApiKey.')
    enabled = me.BooleanField(required=True, default=True,
                              help_text='A flag indicating whether the ApiKey is enabled.')

    meta = {
        'indexes': [
            {'fields': ['user']},
            {'fields': ['key_hash']}
        ]
    }

    def __init__(self, *args, **values):
        super(ApiKeyDB, self).__init__(*args, **values)
        self.uid = self.get_uid()

    def mask_secrets(self, value):
        result = copy.deepcopy(value)

        # In theory the key_hash is safe to return as it is one way. On the other
        # hand given that this is actually a secret no real point in letting the hash
        # escape. Since uid contains key_hash masking that as well.
        result['key_hash'] = MASKED_ATTRIBUTE_VALUE
        result['uid'] = MASKED_ATTRIBUTE_VALUE
        return result


MODELS = [UserDB, TokenDB, ApiKeyDB]


1			# Licensed to the StackStorm, Inc ('StackStorm') under one or more
2			# contributor license agreements. See the NOTICE file distributed with
3			# this work for additional information regarding copyright ownership.
4			# The ASF licenses this file to You under the Apache License, Version 2.0
5			# (the "License"); you may not use this file except in compliance with
6			# the License. You may obtain a copy of the License at
7			#
8			# http://www.apache.org/licenses/LICENSE-2.0
9			#
10			# Unless required by applicable law or agreed to in writing, software
11			# distributed under the License is distributed on an "AS IS" BASIS,
12			# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13			# See the License for the specific language governing permissions and
14			# limitations under the License.
15
16			import copy
17			import mongoengine as me
18
19			from st2common.constants.secrets import MASKED_ATTRIBUTE_VALUE
20			from st2common.constants.types import ResourceType
21			from st2common.fields import ComplexDateTimeField
22			from st2common.models.db import stormbase
23			from st2common.services.rbac import get_roles_for_user
24			from st2common.util import date as date_utils
25
26			__all__ = [
27			'UserDB',
28			'TokenDB',
29			'ApiKeyDB'
30			]
31
32
33			class UserDB(stormbase.StormFoundationDB):
34			name = me.StringField(required=True, unique=True)
35			is_service = me.BooleanField(required=True, default=False)
36			nicknames = me.DictField(required=False,
37			help_text='"Nickname + origin" pairs for ChatOps auth')
38
39			def get_roles(self):
40			"""
41			Retrieve roles assigned to that user.
42
43			:rtype: ``list`` of :class:`RoleDB`
44			"""
45			result = get_roles_for_user(user_db=self)
46			return result
47
48			def get_permission_assignments(self):
49			# TODO
50			pass
51
52
53			class TokenDB(stormbase.StormFoundationDB):
54			user = me.StringField(required=True)
55			token = me.StringField(required=True, unique=True)
56			expiry = me.DateTimeField(required=True)
57			metadata = me.DictField(required=False,
58			help_text='Arbitrary metadata associated with this token')
59
60
61			class ApiKeyDB(stormbase.StormFoundationDB, stormbase.UIDFieldMixin):
			0 ignored issues – show Documentation introduced 2015-11-20 23:04 UTC by Report Bug Copy Issue Report Empty class docstring Loading history...
62			"""
63			"""
64			RESOURCE_TYPE = ResourceType.API_KEY
65			UID_FIELDS = ['key_hash']
66
67			user = me.StringField(required=True)
68			key_hash = me.StringField(required=True, unique=True)
69			metadata = me.DictField(required=False,
70			help_text='Arbitrary metadata associated with this token')
71			created_at = ComplexDateTimeField(default=date_utils.get_datetime_utc_now,
72			help_text='The creation time of this ApiKey.')
73			enabled = me.BooleanField(required=True, default=True,
74			help_text='A flag indicating whether the ApiKey is enabled.')
75
76			meta = {
77			'indexes': [
78			{'fields': ['user']},
79			{'fields': ['key_hash']}
80			]
81			}
82
83			def __init__(self, args, *values):
84			super(ApiKeyDB, self).__init__(args, *values)
85			self.uid = self.get_uid()
86
87			def mask_secrets(self, value):
88			result = copy.deepcopy(value)
89
90			# In theory the key_hash is safe to return as it is one way. On the other
91			# hand given that this is actually a secret no real point in letting the hash
92			# escape. Since uid contains key_hash masking that as well.
93			result['key_hash'] = MASKED_ATTRIBUTE_VALUE
94			result['uid'] = MASKED_ATTRIBUTE_VALUE
95			return result
96
97
98			MODELS = [UserDB, TokenDB, ApiKeyDB]
99

StackStorm / st2

Push — master ( 1c9535...b8d4ca )

UserDB.get_permission_assignments() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like