source: TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/userRoles.py @ 2900

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.server/ndg/security/server/conf/userRoles.py@2900
Revision 2900, 2.2 KB checked in by pjkersha, 13 years ago (diff)

ndg.security.server/setup.py: added *.conf for conf/ openssl.conf file

ndg.security.server/ndg/security/server/AttAuthority/init.py:

  • Use RotatingFileHandler? from logging package to enable store of ACs issued to be limited. Properties file attCertFileLogCnt sets maximum number of files created before rotation.
  • newAttCertFilePath() is replaced by rotating file handler functionality
  • added logging with some debug messages - more needed to complete

ndg.security.server/ndg/security/server/conf/attCert/init.py

  • renamed to ndg.security.test/ndg/security/test/AttAuthority/attCertLog/init.py

ndg.security.server/ndg/security/server/conf/userRoles.py: userIsRegistered should return bool

ndg.security.server/ndg/security/server/conf/attAuthorityProperties.xml,
ndg.security.test/ndg/security/test/AttAuthority/siteAAttAuthorityProperties.xml,
ndg.security.test/ndg/security/test/AttAuthority/siteBAttAuthorityProperties.xml:

  • filled in default values for most attributes to ease installation config tasks
  • attCertFilePfx and attCertFileSfx replaced with attCertFileName and attCertFileLog attributes for new AC logging.

ndg.security.client/ndg/security/client/ndgSessionClient.py: removed debug calls. This module may now be surplus because of Pylons framework and plans for Java and PHP clients.

ndg.security.test/ndg/security/test/AttAuthority/siteAUserRoles.py: added coapec for testing

ndg.security.test/ndg/security/test/AttAuthority/siteAMapConfig.xml: fix formatting

ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg: altered settings for tests

ndg.security.test/ndg/security/test/Log/LogTest.py: exptd with log config. Eventually change to be harness for SOAP log interface

Makefile: use default python + added force target.

Line 
1"""NDG Attribute Authority User Roles class - acts as an interface between
2the data centre's user roles configuration and the Attribute Authority
3                                                                               
4NERC Data Grid Project
5                                                                               
6@author P J Kershaw 29/07/05
7                                                                               
8@copyright (C) 2006 CCLRC & NERC
9                                                                               
10@licence: This software may be distributed under the terms of the Q Public
11License, version 1.0 or later.
12"""
13__revision__ = '$Id:$'
14
15
16from ndg.security.server.AttAuthority import AAUserRoles
17
18
19class UserRoles(AAUserRoles):
20    """User Roles class dynamic import for Attribute Authority.  Customize
21    according to your site's user role allocation system"""
22
23    def __init__(self, propertiesFilePath=None):
24        """Customize for example to initialise site user repository settings
25       
26        @type propertiesFilePath: string
27        @keyword propertiesFilePath: file path to a properties from which
28        to initialise the user roles interface. e.g. the file could contain
29        user database settings.  The file path passed corresponds to the
30        userRolesPropFile element in the attAuthorityProperties.xml file.
31        """
32        pass
33
34
35    def userIsRegistered(self, userId):
36        """Convenience method NOT used by Attribute Authority API
37
38        @type userId: string
39        @param userId: identity of user to allocate roles to
40        @rtype: bool
41        @return: True if user is registered"""
42        return False
43   
44
45    def getRoles(self, userId):
46        """Allocate required roles to user given by userId.  Default to safe
47        option of returning no user roles i.e. an empty list: []
48       
49        @type userId: string
50        @param userId: identity of user to allocate roles to
51        @rtype: list
52        @return: roles to which user is entitled"""
53       
54        # Put in HERE some conditional statement to allocate roles based on
55        # the userId input. e.g. database query
56        return [] 
Note: See TracBrowser for help on using the repository browser.