source: trunk/packages/invirt-base/python/invirt/authz.py @ 3007

Last change on this file since 3007 was 2989, checked in by broder, 15 years ago

Select an authz module using setuptools' entry points mechainsm.

Instead of having each authz package install an invirt.authz module,
have them install modules under their own namespace.

In their setup.py, they should indicate that their authz module
provides a unique name within the invirt.authz entry point group.

The new invirt.authz module (part of invirt-base) then gets a name
from the configuration and uses that to find the module.

File size: 891 bytes
Line 
1"""Invirt authorization.
2
3This module acts as a loader for the pluggable authorization system.
4
5Any Python module which wishes to provide an authorization scheme for
6Invirt should advertise an entry point in the invirt.authz group with
7a unique name. That name can then be configured in
8/etc/invirt/master.yaml as the authz mechanism.
9"""
10
11
12import pkg_resources
13
14from invirt.config import structs as cfg
15
16
17def expandOwner(name):
18    """Expand an "owner" to a list of authorized users."""
19    for ep in pkg_resources.iter_entry_points('invirt.authz', cfg.authz.name):
20        return ep.load().expandOwner(name)
21
22
23def expandAdmin(name):
24    """Expand an "administrator" to a list of authorized users."""
25    for ep in pkg_resources.iter_entry_points('invirt.authz', cfg.authz.name):
26        return ep.load().expandAdmin(name)
27
28
29__all__ = ['expandOwner',
30           'expandAdmin',
31           ]
Note: See TracBrowser for help on using the repository browser.