wuttjamaican.db.model.auth

Auth Models

The auth handler is primarily responsible for managing the data for these models.

Basic design/structure is as follows:

  • User may be assigned to multiple roles

  • Role may contain multiple users (cf. UserRole)

  • Role may be granted multiple permissions

  • Permission is a permission granted to a role

  • roles are not nested/grouped; each is independent

  • a few roles are built-in, e.g. Administrators

So a user’s permissions are “inherited” from the role(s) to which they belong.

class wuttjamaican.db.model.auth.Permission(**kwargs)[source]

Represents a permission granted to a role.

permission

Key (name) of the permission which is granted.

role

Reference to the Role for which the permission is granted.

class wuttjamaican.db.model.auth.Role(**kwargs)[source]

Represents an authentication role within the system; used for permission management.

permissions

List of keys (string names) for permissions granted to this role.

See also permission_refs.

users

List of User instances belonging to this role.

See also user_refs.

name

Name for the role. Each role must have a name, which must be unique.

notes

Arbitrary notes for the role.

permission_refs

List of Permission references for the role.

See also permissions.

user_refs

List of UserRole instances belonging to the role.

See also users.

class wuttjamaican.db.model.auth.User(**kwargs)[source]

Represents a user of the system.

This may or may not correspond to a real person, i.e. some users may exist solely for automated tasks.

roles

List of Role instances to which the user belongs.

See also role_refs.

active

Flag indicating whether the user account is “active” - it is True by default.

The default auth logic will prevent login for “inactive” user accounts.

password

Hashed password for login. (The raw password is not stored.)

person

Reference to the Person whose user account this is.

prevent_edit

If set, this user account can only be edited by root. User cannot change their own password.

role_refs

List of UserRole instances belonging to the user.

See also roles.

username

Account username. This is required and must be unique.

class wuttjamaican.db.model.auth.UserRole(**kwargs)[source]

Represents the association between a user and a role; i.e. the user “belongs” or “is assigned” to the role.

role

Reference to the Role involved.

user

Reference to the User involved.