mirror of
https://github.com/enpaul/keyosk.git
synced 2024-12-27 10:13:34 +00:00
Refactor database module to have one class per file
This commit is contained in:
parent
440d6e68f4
commit
8de4da92ef
@ -28,10 +28,10 @@ from keyosk import datatypes
|
|||||||
from keyosk.database._shared import INTERFACE as interface
|
from keyosk.database._shared import INTERFACE as interface
|
||||||
from keyosk.database._shared import KeyoskBaseModel
|
from keyosk.database._shared import KeyoskBaseModel
|
||||||
from keyosk.database.account import KeyoskAccount
|
from keyosk.database.account import KeyoskAccount
|
||||||
from keyosk.database.account import KeyoskAccountScope
|
|
||||||
from keyosk.database.domain import KeyoskDomain
|
from keyosk.database.domain import KeyoskDomain
|
||||||
from keyosk.database.domain import KeyoskDomainAccessList
|
from keyosk.database.domain_access_list import KeyoskDomainAccessList
|
||||||
from keyosk.database.domain import KeyoskDomainPermission
|
from keyosk.database.domain_permission import KeyoskDomainPermission
|
||||||
|
from keyosk.database.scope import KeyoskAccountScope
|
||||||
from keyosk.database.token import Token
|
from keyosk.database.token import Token
|
||||||
|
|
||||||
|
|
||||||
|
@ -5,8 +5,6 @@ import json
|
|||||||
import peewee
|
import peewee
|
||||||
|
|
||||||
from keyosk.database._shared import KeyoskBaseModel
|
from keyosk.database._shared import KeyoskBaseModel
|
||||||
from keyosk.database.domain import KeyoskDomainAccessList
|
|
||||||
from keyosk.database.domain import KeyoskDomainPermission
|
|
||||||
from keyosk.datatypes import Extras
|
from keyosk.datatypes import Extras
|
||||||
|
|
||||||
|
|
||||||
@ -48,42 +46,3 @@ class KeyoskAccount(KeyoskBaseModel):
|
|||||||
|
|
||||||
def __str__(self) -> str:
|
def __str__(self) -> str:
|
||||||
return f"Account '{self.username}' ({self.uuid})"
|
return f"Account '{self.username}' ({self.uuid})"
|
||||||
|
|
||||||
|
|
||||||
class KeyoskAccountScope(KeyoskBaseModel):
|
|
||||||
"""Access control list entry model definition
|
|
||||||
|
|
||||||
:attribute account: Account the ACL entry applies to
|
|
||||||
:attribute access_list: The access list the entry is for
|
|
||||||
:attribute permission: The permission the entry is for
|
|
||||||
:attribute with_server_secret: Whether the permission should be applied when the
|
|
||||||
account authenticates with the account's
|
|
||||||
server-set-secret
|
|
||||||
:attribute with_client_secret: Whether the permission should be applied when the
|
|
||||||
account authenticates with the account's
|
|
||||||
client-set-secret
|
|
||||||
|
|
||||||
.. note:: Since permissions are by definition boolean, there is no need to store a
|
|
||||||
value parameter with an ACL entry: if an entry exists for a given account
|
|
||||||
for a given access list with a given permission, then that permission is
|
|
||||||
granted on that access list to that account; similarly, if one does not
|
|
||||||
exist then it is not granted.
|
|
||||||
"""
|
|
||||||
|
|
||||||
class Meta: # pylint: disable=missing-docstring,too-few-public-methods
|
|
||||||
table_name = "account_scope"
|
|
||||||
|
|
||||||
account = peewee.ForeignKeyField(
|
|
||||||
KeyoskAccount, null=False, on_delete="CASCADE", backref="scopes"
|
|
||||||
)
|
|
||||||
access_list = peewee.ForeignKeyField(
|
|
||||||
KeyoskDomainAccessList, null=False, on_delete="CASCADE"
|
|
||||||
)
|
|
||||||
permission = peewee.ForeignKeyField(
|
|
||||||
KeyoskDomainPermission, null=False, on_delete="CASCADE"
|
|
||||||
)
|
|
||||||
with_server_secret = peewee.BooleanField(null=False)
|
|
||||||
with_client_secret = peewee.BooleanField(null=False)
|
|
||||||
|
|
||||||
def __str__(self):
|
|
||||||
return f"ACL {self.permission.name}@{self.access_list.name} (scope:{'+'.join([item for item in ['server' if self.with_server_secret else '', 'client' if self.with_client_secret else ''] if item])})"
|
|
||||||
|
@ -74,23 +74,3 @@ class KeyoskDomain(KeyoskBaseModel):
|
|||||||
|
|
||||||
def __str__(self) -> str:
|
def __str__(self) -> str:
|
||||||
return f"Domain '{self.name}' ({self.uuid})"
|
return f"Domain '{self.name}' ({self.uuid})"
|
||||||
|
|
||||||
|
|
||||||
class KeyoskDomainAccessList(KeyoskBaseModel):
|
|
||||||
class Meta: # pylint: disable=too-few-public-methods,missing-docstring
|
|
||||||
table_name = "domain_access_list"
|
|
||||||
|
|
||||||
domain = peewee.ForeignKeyField(
|
|
||||||
KeyoskDomain, null=False, on_delete="CASCADE", backref="access_lists"
|
|
||||||
)
|
|
||||||
name = peewee.CharField(null=False)
|
|
||||||
|
|
||||||
|
|
||||||
class KeyoskDomainPermission(KeyoskBaseModel):
|
|
||||||
class Meta: # pylint: disable=too-few-public-methods,missing-docstring
|
|
||||||
table_name = "domain_permission"
|
|
||||||
|
|
||||||
domain = peewee.ForeignKeyField(
|
|
||||||
KeyoskDomain, null=False, on_delete="CASCADE", backref="permissions"
|
|
||||||
)
|
|
||||||
name = peewee.CharField(null=False)
|
|
||||||
|
14
keyosk/database/domain_access_list.py
Normal file
14
keyosk/database/domain_access_list.py
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
import peewee
|
||||||
|
|
||||||
|
from keyosk.database._shared import KeyoskBaseModel
|
||||||
|
from keyosk.database.domain import KeyoskDomain
|
||||||
|
|
||||||
|
|
||||||
|
class KeyoskDomainAccessList(KeyoskBaseModel):
|
||||||
|
class Meta: # pylint: disable=too-few-public-methods,missing-docstring
|
||||||
|
table_name = "domain_access_list"
|
||||||
|
|
||||||
|
domain = peewee.ForeignKeyField(
|
||||||
|
KeyoskDomain, null=False, on_delete="CASCADE", backref="access_lists"
|
||||||
|
)
|
||||||
|
name = peewee.CharField(null=False)
|
14
keyosk/database/domain_permission.py
Normal file
14
keyosk/database/domain_permission.py
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
import peewee
|
||||||
|
|
||||||
|
from keyosk.database._shared import KeyoskBaseModel
|
||||||
|
from keyosk.database.domain import KeyoskDomain
|
||||||
|
|
||||||
|
|
||||||
|
class KeyoskDomainPermission(KeyoskBaseModel):
|
||||||
|
class Meta: # pylint: disable=too-few-public-methods,missing-docstring
|
||||||
|
table_name = "domain_permission"
|
||||||
|
|
||||||
|
domain = peewee.ForeignKeyField(
|
||||||
|
KeyoskDomain, null=False, on_delete="CASCADE", backref="permissions"
|
||||||
|
)
|
||||||
|
name = peewee.CharField(null=False)
|
45
keyosk/database/scope.py
Normal file
45
keyosk/database/scope.py
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
import peewee
|
||||||
|
|
||||||
|
from keyosk.database._shared import KeyoskBaseModel
|
||||||
|
from keyosk.database.account import KeyoskAccount
|
||||||
|
from keyosk.database.domain_access_list import KeyoskDomainAccessList
|
||||||
|
from keyosk.database.domain_permission import KeyoskDomainPermission
|
||||||
|
|
||||||
|
|
||||||
|
class KeyoskAccountScope(KeyoskBaseModel):
|
||||||
|
"""Access control list entry model definition
|
||||||
|
|
||||||
|
:attribute account: Account the ACL entry applies to
|
||||||
|
:attribute access_list: The access list the entry is for
|
||||||
|
:attribute permission: The permission the entry is for
|
||||||
|
:attribute with_server_secret: Whether the permission should be applied when the
|
||||||
|
account authenticates with the account's
|
||||||
|
server-set-secret
|
||||||
|
:attribute with_client_secret: Whether the permission should be applied when the
|
||||||
|
account authenticates with the account's
|
||||||
|
client-set-secret
|
||||||
|
|
||||||
|
.. note:: Since permissions are by definition boolean, there is no need to store a
|
||||||
|
value parameter with an ACL entry: if an entry exists for a given account
|
||||||
|
for a given access list with a given permission, then that permission is
|
||||||
|
granted on that access list to that account; similarly, if one does not
|
||||||
|
exist then it is not granted.
|
||||||
|
"""
|
||||||
|
|
||||||
|
class Meta: # pylint: disable=missing-docstring,too-few-public-methods
|
||||||
|
table_name = "account_scope"
|
||||||
|
|
||||||
|
account = peewee.ForeignKeyField(
|
||||||
|
KeyoskAccount, null=False, on_delete="CASCADE", backref="scopes"
|
||||||
|
)
|
||||||
|
access_list = peewee.ForeignKeyField(
|
||||||
|
KeyoskDomainAccessList, null=False, on_delete="CASCADE"
|
||||||
|
)
|
||||||
|
permission = peewee.ForeignKeyField(
|
||||||
|
KeyoskDomainPermission, null=False, on_delete="CASCADE"
|
||||||
|
)
|
||||||
|
with_server_secret = peewee.BooleanField(null=False)
|
||||||
|
with_client_secret = peewee.BooleanField(null=False)
|
||||||
|
|
||||||
|
def __str__(self):
|
||||||
|
return f"ACL {self.permission.name}@{self.access_list.name} (scope:{'+'.join([item for item in ['server' if self.with_server_secret else '', 'client' if self.with_client_secret else ''] if item])})"
|
Loading…
Reference in New Issue
Block a user