esgf_core_utils.models.auth.egi

Models relating to Authorisation for the ESGF Next Gen Core Architecture.

Attributes

`logger`
`Role`

Classes

`Node`	Model describing Node auth info of a ESGF publisher.
`Project`	Model describing Project auth info of a ESGF publisher.
`Nodes`	Model describing Project auth info of a ESGF publisher.
`Projects`	Model describing Project auth info of a ESGF publisher.
`EGIAuth`	Model describing Authentication information of a ESGF publisher.

Module Contents

esgf_core_utils.models.auth.egi.logger

esgf_core_utils.models.auth.egi.Role

class esgf_core_utils.models.auth.egi.Node(/, **data: Any)

Bases: pydantic.BaseModel

Model describing Node auth info of a ESGF publisher.

id: str

roles: set[Role]

class esgf_core_utils.models.auth.egi.Project(/, **data: Any)

Bases: pydantic.BaseModel

Model describing Project auth info of a ESGF publisher.

id: str

roles: set[Role]

class esgf_core_utils.models.auth.egi.Nodes(/, **data: Any)

Bases: pydantic.BaseModel

Model describing Project auth info of a ESGF publisher.

nodes: dict[str, Node]

add(node: Node | dict[str, Any]) → None

Add a new project or update roles if project already exists.

Args:: node (Node | dict): node to be added

authorize_href(asset_href: str, role: Role) → None

authorize(assets: dict[str, Any], role: Role) → None

Check for appropriate authorisation.

Args:: assets (dict): item to be authorised role (Role): required role for auhroisation
Raises:: MissingPermissionException: Raised if either node or role permission is missing

class esgf_core_utils.models.auth.egi.Projects(/, **data: Any)

Bases: pydantic.BaseModel

Model describing Project auth info of a ESGF publisher.

projects: dict[str, Project]

add(project: Project | dict[str, Any]) → None

Add a new project or update roles if project already exists.

Args:: project (Project | dict): project to be added

authorize(project: str, role: Role) → None

Check for appropriate authorisation.

Args:: item (Item): item to be authorised role (Role): required role for auhroisation
Raises:: MissingPermissionException: Raised if either node or role permission is missing

class esgf_core_utils.models.auth.egi.EGIAuth(/, **data: Any)

Bases: pydantic.BaseModel

Model describing Authentication information of a ESGF publisher.

requester_data: esgf_core_utils.models.kafka.events.RequesterData

nodes: Nodes

projects: Projects

regex: str

authorize(collection_id: str, item: stac_pydantic.item.Item | stac_fastapi.extensions.core.transaction.request.PartialItem, role: Role, request_id: str, event_id: str) → None

Check for appropriate authorisation.

Args:: collection_id: collection id of request item (Item): item to be authorised role (Role): required role for auhroisation
Raises:: AuthorizationException: Raised if either node or role permission is missing

add(entitlements: list[str]) → None

add entitlements to Authorizer.

Args:: entitlements (list[str]): list of entitlements to be added