X-Git-Url: https://wannabe.guru.org/gitweb/?a=blobdiff_plain;f=acl.py;h=cf59d6a87d8266fe55259e9584c403346d6404f7;hb=d7d135be2f9dbb2d8398d7258f8bac24b4205a2b;hp=adec643d56bfd085f4ef5c30485bfa09d857d77b;hpb=36fea7f15ed17150691b5b3ead75450e575229ef;p=python_utils.git diff --git a/acl.py b/acl.py index adec643..cf59d6a 100644 --- a/acl.py +++ b/acl.py @@ -1,11 +1,13 @@ #!/usr/bin/env python3 -from abc import ABC, abstractmethod +"""This module defines various flavors of Access Control Lists.""" + import enum import fnmatch import logging import re -from typing import Any, Callable, List, Optional, Set, Sequence +from abc import ABC, abstractmethod +from typing import Any, Callable, List, Optional, Sequence, Set from overrides import overrides @@ -28,39 +30,36 @@ class Order(enum.Enum): class SimpleACL(ABC): """A simple Access Control List interface.""" - def __init__( - self, *, order_to_check_allow_deny: Order, default_answer: bool - ): + def __init__(self, *, order_to_check_allow_deny: Order, default_answer: bool): if order_to_check_allow_deny not in ( Order.ALLOW_DENY, Order.DENY_ALLOW, ): raise Exception( - 'order_to_check_allow_deny must be Order.ALLOW_DENY or ' - + 'Order.DENY_ALLOW' + 'order_to_check_allow_deny must be Order.ALLOW_DENY or ' + 'Order.DENY_ALLOW' ) self.order_to_check_allow_deny = order_to_check_allow_deny self.default_answer = default_answer def __call__(self, x: Any) -> bool: """Returns True if x is allowed, False otherwise.""" - logger.debug(f'SimpleACL checking {x}') + logger.debug('SimpleACL checking %s', x) if self.order_to_check_allow_deny == Order.ALLOW_DENY: logger.debug('Checking allowed first...') if self.check_allowed(x): - logger.debug(f'{x} was allowed explicitly.') + logger.debug('%s was allowed explicitly.', x) return True logger.debug('Checking denied next...') if self.check_denied(x): - logger.debug(f'{x} was denied explicitly.') + logger.debug('%s was denied explicitly.', x) return False elif self.order_to_check_allow_deny == Order.DENY_ALLOW: logger.debug('Checking denied first...') if self.check_denied(x): - logger.debug(f'{x} was denied explicitly.') + logger.debug('%s was denied explicitly.', x) return False if self.check_allowed(x): - logger.debug(f'{x} was allowed explicitly.') + logger.debug('%s was allowed explicitly.', x) return True logger.debug( @@ -195,16 +194,12 @@ class StringWildcardBasedACL(PredicateListBasedACL): allow_predicates = [] if allowed_patterns is not None: for pattern in allowed_patterns: - allow_predicates.append( - lambda x, pattern=pattern: fnmatch.fnmatch(x, pattern) - ) + allow_predicates.append(lambda x, pattern=pattern: fnmatch.fnmatch(x, pattern)) deny_predicates = None if denied_patterns is not None: deny_predicates = [] for pattern in denied_patterns: - deny_predicates.append( - lambda x, pattern=pattern: fnmatch.fnmatch(x, pattern) - ) + deny_predicates.append(lambda x, pattern=pattern: fnmatch.fnmatch(x, pattern)) super().__init__( allow_predicate_list=allow_predicates, @@ -229,16 +224,12 @@ class StringREBasedACL(PredicateListBasedACL): if allowed_regexs is not None: allow_predicates = [] for pattern in allowed_regexs: - allow_predicates.append( - lambda x, pattern=pattern: pattern.match(x) is not None - ) + allow_predicates.append(lambda x, pattern=pattern: pattern.match(x) is not None) deny_predicates = None if denied_regexs is not None: deny_predicates = [] for pattern in denied_regexs: - deny_predicates.append( - lambda x, pattern=pattern: pattern.match(x) is not None - ) + deny_predicates.append(lambda x, pattern=pattern: pattern.match(x) is not None) super().__init__( allow_predicate_list=allow_predicates, deny_predicate_list=deny_predicates,