diff options
author | Simo Sorce <simo@redhat.com> | 2015-04-07 22:44:54 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2015-04-08 00:19:20 -0400 |
commit | f5e002a3d066ed29e5cf4154b6dfa6fd1732785b (patch) | |
tree | 153344078cecb2fd82e6d089a8e8360b28d43d4c /custodia/httpd/authorizers.py | |
parent | 0c8c416289514889ec095c203880a8ce1e4c23d4 (diff) | |
download | custodia-f5e002a3d066ed29e5cf4154b6dfa6fd1732785b.tar.gz custodia-f5e002a3d066ed29e5cf4154b6dfa6fd1732785b.tar.xz custodia-f5e002a3d066ed29e5cf4154b6dfa6fd1732785b.zip |
Add basic framework for authorization plugins
Diffstat (limited to 'custodia/httpd/authorizers.py')
-rw-r--r-- | custodia/httpd/authorizers.py | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/custodia/httpd/authorizers.py b/custodia/httpd/authorizers.py new file mode 100644 index 0000000..bc4f009 --- /dev/null +++ b/custodia/httpd/authorizers.py @@ -0,0 +1,48 @@ +# Copyright (C) 2015 Custodia Project Contributors - see LICENSE file + +import os + + +class HTTPAuthorizer(object): + + def __init__(self, config=None): + self.config = config + self.store_name = None + if self.config and 'store' in self.config: + self.store_name = self.config['store'] + self.store = None + + def handle(self, request): + raise NotImplementedError + + +class SimplePathAuthz(HTTPAuthorizer): + + def __init__(self, config=None): + super(SimplePathAuthz, self).__init__(config) + self.paths = [] + if 'paths' in self.config: + self.paths = self.config['paths'].split() + + def handle(self, request): + path = request.get('path', '') + + # if an authorized path does not end in / + # check if it matches fullpath for strict match + for authz in self.paths: + if authz.endswith('/'): + continue + if authz.endswith('.'): + # special case to match a path ending in / + authz = authz[:-1] + if authz == path: + return True + + while path != '': + if path in self.paths: + return True + if path == '/': + path = '' + else: + path, _ = os.path.split(path) + return None |