X-Git-Url: https://wannabe.guru.org/gitweb/?a=blobdiff_plain;f=acl.py;h=de516e4fc894208fe582c6f24bffc772bf75a36d;hb=532df2c5b57c7517dfb3dddd8c1358fbadf8baf3;hp=adec643d56bfd085f4ef5c30485bfa09d857d77b;hpb=36fea7f15ed17150691b5b3ead75450e575229ef;p=python_utils.git diff --git a/acl.py b/acl.py index adec643..de516e4 100644 --- a/acl.py +++ b/acl.py @@ -1,11 +1,15 @@ #!/usr/bin/env python3 -from abc import ABC, abstractmethod +# © Copyright 2021-2022, Scott Gasch + +"""This module defines various flavors of Access Control Lists.""" + import enum import fnmatch import logging import re -from typing import Any, Callable, List, Optional, Set, Sequence +from abc import ABC, abstractmethod +from typing import Any, Callable, List, Optional, Sequence, Set from overrides import overrides @@ -28,39 +32,36 @@ class Order(enum.Enum): class SimpleACL(ABC): """A simple Access Control List interface.""" - def __init__( - self, *, order_to_check_allow_deny: Order, default_answer: bool - ): + def __init__(self, *, order_to_check_allow_deny: Order, default_answer: bool): if order_to_check_allow_deny not in ( Order.ALLOW_DENY, Order.DENY_ALLOW, ): raise Exception( - 'order_to_check_allow_deny must be Order.ALLOW_DENY or ' - + 'Order.DENY_ALLOW' + 'order_to_check_allow_deny must be Order.ALLOW_DENY or ' + 'Order.DENY_ALLOW' ) self.order_to_check_allow_deny = order_to_check_allow_deny self.default_answer = default_answer def __call__(self, x: Any) -> bool: """Returns True if x is allowed, False otherwise.""" - logger.debug(f'SimpleACL checking {x}') + logger.debug('SimpleACL checking %s', x) if self.order_to_check_allow_deny == Order.ALLOW_DENY: logger.debug('Checking allowed first...') if self.check_allowed(x): - logger.debug(f'{x} was allowed explicitly.') + logger.debug('%s was allowed explicitly.', x) return True logger.debug('Checking denied next...') if self.check_denied(x): - logger.debug(f'{x} was denied explicitly.') + logger.debug('%s was denied explicitly.', x) return False elif self.order_to_check_allow_deny == Order.DENY_ALLOW: logger.debug('Checking denied first...') if self.check_denied(x): - logger.debug(f'{x} was denied explicitly.') + logger.debug('%s was denied explicitly.', x) return False if self.check_allowed(x): - logger.debug(f'{x} was allowed explicitly.') + logger.debug('%s was allowed explicitly.', x) return True logger.debug( @@ -195,16 +196,12 @@ class StringWildcardBasedACL(PredicateListBasedACL): allow_predicates = [] if allowed_patterns is not None: for pattern in allowed_patterns: - allow_predicates.append( - lambda x, pattern=pattern: fnmatch.fnmatch(x, pattern) - ) + allow_predicates.append(lambda x, pattern=pattern: fnmatch.fnmatch(x, pattern)) deny_predicates = None if denied_patterns is not None: deny_predicates = [] for pattern in denied_patterns: - deny_predicates.append( - lambda x, pattern=pattern: fnmatch.fnmatch(x, pattern) - ) + deny_predicates.append(lambda x, pattern=pattern: fnmatch.fnmatch(x, pattern)) super().__init__( allow_predicate_list=allow_predicates, @@ -229,16 +226,12 @@ class StringREBasedACL(PredicateListBasedACL): if allowed_regexs is not None: allow_predicates = [] for pattern in allowed_regexs: - allow_predicates.append( - lambda x, pattern=pattern: pattern.match(x) is not None - ) + allow_predicates.append(lambda x, pattern=pattern: pattern.match(x) is not None) deny_predicates = None if denied_regexs is not None: deny_predicates = [] for pattern in denied_regexs: - deny_predicates.append( - lambda x, pattern=pattern: pattern.match(x) is not None - ) + deny_predicates.append(lambda x, pattern=pattern: pattern.match(x) is not None) super().__init__( allow_predicate_list=allow_predicates, deny_predicate_list=deny_predicates,