g4ds.authorisationcontroller.AuthorisationController

Package g4ds :: Module authorisationcontroller :: Class AuthorisationController

[show private | hide private]

Class AuthorisationController

Handles all stuff about permissions.

Method Summary
	`__init__(self)` Only initialises the matrix.
	`printMatrix(self)`
	`recalculateMatrix(self)` Loads the permissions information from files and databases into the memory.
	`validate(self, actor, target, action)` Checks the given action against the available rules.
	`_applyOneDirectRule(self, rule, groups, actorsTargets, actionFilters, depth)` Applies a single rule to the matrix.
	`_assembleMatrix(self, rulesets, groups, startRuleset)` Assembles the access matrix by processing the given dictionaries and further local information.
	`_checkAgainstOneActionString(self, action, polActionString)` Checks the given action string against an action string from a policy.
	`_createDictionaries(self, rolesets, groups, rulesets)` Processed the list from the unwrapper and creates easier accessible dictionaries.
`List` of `Couple`	`_decodeCouples(self, actor, actortype, target, targettype)` Processes a actor - target wildcard relation and returns the corresponding values for them.
	`_decodeCouples_ActorMemberGroup(self, actor, target, targettype)` Sub routine for `_decodeCouples`.
	`_decodeCouples_SingleActorMember(self, actor, target, targettype)` Sub routine for `_decodeCouples`.
	`_decodeGroup(self, type, wildcard)` Processes wildcard information in one group.
	`_determineIndependantTargets(self, targettype, target)` Assembles a target list which is independant from the actor type.
	`_logEntry(self, actor, target, action, reaction, reportPolicyError)` Reports this access control access to the logging facilities.
	`_processOneRuleset(self, rulesets, groups, currentRule, actorsTargets, actionFilters, depth)` Processes one rule.
	`_resolveGroup(self, rolename, groups)` Actors and targets may be defined as groups in the rule - let's resolve them in here.

Method Details

init(self)
(Constructor)

Only initialises the matrix.

Call function recalculateMatrix for processing policies.

recalculateMatrix(self)

Loads the permissions information from files and databases into the memory.

Creates the permission matrix. The matrix itself is implemented using nested dictionaries.

validate(self, actor, target, action)

Checks the given action against the available rules.

Picks up the value for the couple of the given actor and target and iterates this ordered list and compares each item against the given action.

_applyOneDirectRule(self, rule, groups, actorsTargets=None, actionFilters=[], depth=0)

Applies a single rule to the matrix.

_assembleMatrix(self, rulesets, groups, startRuleset)

Assembles the access matrix by processing the given dictionaries and further local information.

_checkAgainstOneActionString(self, action, polActionString)

Checks the given action string against an action string from a policy.

_createDictionaries(self, rolesets, groups, rulesets)

Processed the list from the unwrapper and creates easier accessible dictionaries.

_decodeCouples(self, actor, actortype, target, targettype)

Processes a actor - target wildcard relation and returns the corresponding values for them.

Returns:: List of couples - actor | target
(type=List of Couple)

_decodeCouples_ActorMemberGroup(self, actor, target, targettype)

Sub routine for _decodeCouples.

_decodeCouples_SingleActorMember(self, actor, target, targettype)

Sub routine for _decodeCouples.

_decodeGroup(self, type, wildcard)

Processes wildcard information in one group.

Parameters:: type - Type of role; either actor, action or target
(type=String); wildcard - Wildcard string as given in the XML description (most likely a star)
(type=String)

_determineIndependantTargets(self, targettype, target)

Assembles a target list which is independant from the actor type.

_logEntry(self, actor, target, action, reaction, reportPolicyError=0)

Reports this access control access to the logging facilities.

_processOneRuleset(self, rulesets, groups, currentRule, actorsTargets=None, actionFilters=[], depth=0)

Processes one rule.

This function is called recursively.

I will rather explain this another day - have had some pints today already ... :)

_resolveGroup(self, rolename, groups)

Actors and targets may be defined as groups in the rule - let's resolve them in here.

Generated by Epydoc 2.0 on Sat Oct 22 22:52:46 2005

http://epydoc.sf.net