A security manager provides methods for checking access and managing
executable context and policies
Methods
|
|
__init__
addContext
calledByExecutable
checkPermission
getUser
removeContext
validate
validateValue
|
|
__init__
|
__init__ (
self,
thread_id,
context,
)
|
|
addContext
|
addContext (
self,
anExecutableObject,
getattr=getattr,
)
Add an ExecutableObject to the current security
context. Optionally, add a new SecurityPolicy as well.
|
|
calledByExecutable
|
calledByExecutable ( self )
Return a boolean value indicating if this context was called
by an executable
|
|
checkPermission
|
checkPermission (
self,
permission,
object,
)
Check whether the security context allows the given permission on
the given object.
Arguments:
- permission
A permission name
- object
The object being accessed according to the permission
|
|
getUser
|
getUser ( self )
Gen the current authenticated user
|
|
removeContext
|
removeContext (
self,
anExecutableObject,
getattr=getattr,
)
Remove an ExecutableObject, and optionally, a
SecurityPolicy, from the current security context.
|
|
validate
|
validate (
self,
accessed=None,
container=None,
name=None,
value=None,
)
Validate access.
Arguments:
- accessed
the object that was being accessed
- container
the object the value was found in
- name
The name used to access the value
- value
The value retrieved though the access.
The arguments may be provided as keyword arguments. Some of these
arguments may be ommitted, however, the policy may reject access
in some cases when arguments are ommitted. It is best to provide
all the values possible.
|
|
validateValue
|
validateValue ( self, value )
Convenience for common case of simple value validation.
|
|