Главная Обзор Помощь
Вход
221V
/
Misago
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: c1bf07ccb5
Ветки Метки
Misago
/
docs
/
developers
/
acls.rst

acls.rst 2.4 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. ====
    2. 

  2. ACLs
    3. 

  3. ====
    4. 

  4. 

  5. 

  6. Extending permissions system
    7. 

  7. ============================
    8. 

  8. 

  9. 

  10. Algebra
    11. 

  11. -------
    12. 

  12. 

  13. Consider those three simple ACLs::
    14. 

  14. 

  15.     acls = (
    16. 

  16.         {'can_be_knight': False},
    17. 

  17.         {'can_be_knight': True},
    18. 

  18.         {'can_be_knight': False},
    19. 

  19.     )
    20. 

  20. 

  21. In order to obtain final ACL, one or more ACLs have to be sum together. Such operation requires loop over ACLs which compares values of dicts keys and picks preffered ones.
    22. 

  22. 

  23. This problem can be solved using simple implementation::
    24. 

  24. 

  25.     final_acl = {'can_be_knight': False}
    26. 

  26. 

  27.     for acl in acls:
    28. 

  28.         if acl['can_be_knight']:
    29. 

  29.             final_acl['can_be_knight'] = True
    30. 

  30. 

  31. But what if there are 20 permissions in ACL? Or if we are comparing numbers? What if complex rules are involved like popular "greater beats lower, zero beats all" in comparisions? This brings need for more suffisticated solution and Misago provides one in forum of ``misago.acl.algebra`` module.
    32. 

  32. 

  33. This module provides utilities for summing two acls and supports three most common comparisions found in web apps:
    34. 

  34. 

  35. * **greater**: True beats False, 42 beats 13
    36. 

  36. * **lower**: False beats True, 13 beats 42
    37. 

  37. * **greater or zero**: 42 beats 13, zero beats everything
    38. 

  38. 

  39. 

  40. .. function:: sum_acls(defaults, *acls, **permissions)
    41. 

  41. 

  42. This function sums ACLs provided as ``*args`` using callables accepting two arguments defined in kwargs used to compare permission values. Example usage is following::
    43. 

  43. 

  44.     from misago.acl import algebra
    45. 

  45. 

  46.     user_acls = [
    47. 

  47.         {
    48. 

  48.             'can_see': False,
    49. 

  49.             'can_hear': False,
    50. 

  50.             'max_speed': 10,
    51. 

  51.             'min_age': 16,
    52. 

  52.             'speed_limit': 50,
    53. 

  53.         },
    54. 

  54.         {
    55. 

  55.             'can_see': True,
    56. 

  56.             'can_hear': False,
    57. 

  57.             'max_speed': 40,
    58. 

  58.             'min_age': 20,
    59. 

  59.             'speed_limit': 0,
    60. 

  60.         },
    61. 

  61.         {
    62. 

  62.             'can_see': False,
    63. 

  63.             'can_hear': True,
    64. 

  64.             'max_speed': 80,
    65. 

  65.             'min_age': 18,
    66. 

  66.             'speed_limit': 40,
    67. 

  67.         },
    68. 

  68.     ]
    69. 

  69. 

  70.     defaults = {
    71. 

  71.         'can_see': False,
    72. 

  72.         'can_hear': False,
    73. 

  73.         'max_speed': 30,
    74. 

  74.         'min_age': 18,
    75. 

  75.         'speed_limit': 60,
    76. 

  76.     }
    77. 

  77. 

  78.     final_acl = algebra.sum_acls(
    79. 

  79.         defaults, *user_acls,
    80. 

  80.         can_see=algebra.greater,
    81. 

  81.         can_hear=algebra.greater,
    82. 

  82.         max_speed=algebra.greater,
    83. 

  83.         min_age=algebra.lower,
    84. 

  84.         speed_limit=algebra.greater_or_zero
    85. 

  85.         )
    86. 

  86. 

  87. As you can see because tests are callables, its easy to extend ``sum_acls`` support for new tests specific for your ACLs.
    88.