1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
|
from datetime import datetime
from turbogears.database import metadata, mapper
# import some basic SQLAlchemy classes for declaring the data model
# (see http://www.sqlalchemy.org/docs/04/ormtutorial.html)
from sqlalchemy import Table, Column, ForeignKey
from sqlalchemy.orm import relation
# import some datatypes for table columns from SQLAlchemy
# (see http://www.sqlalchemy.org/docs/04/types.html for more)
from sqlalchemy import String, Unicode, Integer, DateTime
from turbogears import identity
# your data tables
# your_table = Table('yourtable', metadata,
# Column('my_id', Integer, primary_key=True)
# )
# your model classes
# class YourDataClass(object):
# pass
# set up mappers between your data tables and classes
# mapper(YourDataClass, your_table)
# the identity schema
visits_table = Table('visit', metadata,
Column('visit_key', String(40), primary_key=True),
Column('created', DateTime, nullable=False, default=datetime.now),
Column('expiry', DateTime)
)
visit_identity_table = Table('visit_identity', metadata,
Column('visit_key', String(40), primary_key=True),
Column('user_id', Integer, ForeignKey('tg_user.user_id'), index=True)
)
groups_table = Table('tg_group', metadata,
Column('group_id', Integer, primary_key=True),
Column('group_name', Unicode(16), unique=True),
Column('display_name', Unicode(255)),
Column('created', DateTime, default=datetime.now)
)
users_table = Table('tg_user', metadata,
Column('user_id', Integer, primary_key=True),
Column('user_name', Unicode(16), unique=True),
Column('email_address', Unicode(255), unique=True),
Column('display_name', Unicode(255)),
Column('password', Unicode(40)),
Column('created', DateTime, default=datetime.now)
)
permissions_table = Table('permission', metadata,
Column('permission_id', Integer, primary_key=True),
Column('permission_name', Unicode(16), unique=True),
Column('description', Unicode(255))
)
user_group_table = Table('user_group', metadata,
Column('user_id', Integer, ForeignKey('tg_user.user_id',
onupdate='CASCADE', ondelete='CASCADE')),
Column('group_id', Integer, ForeignKey('tg_group.group_id',
onupdate='CASCADE', ondelete='CASCADE'))
)
group_permission_table = Table('group_permission', metadata,
Column('group_id', Integer, ForeignKey('tg_group.group_id',
onupdate='CASCADE', ondelete='CASCADE')),
Column('permission_id', Integer, ForeignKey('permission.permission_id',
onupdate='CASCADE', ondelete='CASCADE'))
)
# the identity model
class Visit(object):
"""
A visit to your site
"""
def lookup_visit(cls, visit_key):
return cls.query.get(visit_key)
lookup_visit = classmethod(lookup_visit)
class VisitIdentity(object):
"""
A Visit that is link to a User object
"""
pass
class Group(object):
"""
An ultra-simple group definition.
"""
pass
class User(object):
"""
Reasonably basic User definition.
Probably would want additional attributes.
"""
def permissions(self):
perms = set()
for g in self.groups:
perms |= set(g.permissions)
return perms
permissions = property(permissions)
def by_email_address(cls, email):
"""
A class method that can be used to search users
based on their email addresses since it is unique.
"""
return cls.query.filter_by(email_address=email).first()
by_email_address = classmethod(by_email_address)
def by_user_name(cls, username):
"""
A class method that permits to search users
based on their user_name attribute.
"""
return cls.query.filter_by(user_name=username).first()
by_user_name = classmethod(by_user_name)
def _set_password(self, password):
"""
encrypts password on the fly using the encryption
algo defined in the configuration
"""
self._password = identity.encrypt_password(password)
def _get_password(self):
"""
returns password
"""
return self._password
password = property(_get_password, _set_password)
class Permission(object):
"""
A relationship that determines what each Group can do
"""
pass
# set up mappers between identity tables and classes
mapper(Visit, visits_table)
mapper(VisitIdentity, visit_identity_table,
properties=dict(users=relation(User, backref='visit_identity')))
mapper(User, users_table,
properties=dict(_password=users_table.c.password))
mapper(Group, groups_table,
properties=dict(users=relation(User,
secondary=user_group_table, backref='groups')))
mapper(Permission, permissions_table,
properties=dict(groups=relation(Group,
secondary=group_permission_table, backref='permissions')))
|
