| 1 | """NDG Attribute Authority attribute interface class - acts as an interface |
|---|
| 2 | between the data centre's user roles configuration and the Attribute Authority |
|---|
| 3 | |
|---|
| 4 | Use an alternative config here to |
|---|
| 5 | ndg.security.test.config.attributeauthority.sitea.siteAUserRoles.TestUserRoles |
|---|
| 6 | to test multi user access |
|---|
| 7 | |
|---|
| 8 | NERC DataGrid Project |
|---|
| 9 | """ |
|---|
| 10 | __author__ = "P J Kershaw" |
|---|
| 11 | __date__ = "01/07/2009" |
|---|
| 12 | __copyright__ = "(C) 2009 Science and Technology Facilities Council" |
|---|
| 13 | __license__ = "BSD - see LICENSE file in top-level directory" |
|---|
| 14 | __contact__ = "Philip.Kershaw@stfc.ac.uk" |
|---|
| 15 | __revision__ = '$Id$' |
|---|
| 16 | from ndg.security.server.attributeauthority import AttributeInterface |
|---|
| 17 | |
|---|
| 18 | class TestUserRoles(AttributeInterface): |
|---|
| 19 | """Test User Roles class dynamic import for Attribute Authority""" |
|---|
| 20 | |
|---|
| 21 | def __init__(self, propertiesFilePath=None): |
|---|
| 22 | pass |
|---|
| 23 | |
|---|
| 24 | def getRoles(self, userId): |
|---|
| 25 | # 'test' user is for SSL client based authentication where the test |
|---|
| 26 | # certificate DN has a Common Name = test |
|---|
| 27 | if userId.endswith("/openid/PhilipKershaw"): |
|---|
| 28 | return [ |
|---|
| 29 | 'urn:siteA:security:authz:1.0:attr:postdoc', |
|---|
| 30 | 'urn:siteA:security:authz:1.0:attr:staff', |
|---|
| 31 | 'urn:siteA:security:authz:1.0:attr:undergrad', |
|---|
| 32 | 'urn:siteA:security:authz:1.0:attr:coapec' |
|---|
| 33 | ] |
|---|
| 34 | elif userId == 'test': |
|---|
| 35 | return [ |
|---|
| 36 | 'urn:siteA:security:authz:1.0:attr:staff', |
|---|
| 37 | ] |
|---|
| 38 | else: |
|---|
| 39 | return ['urn:siteA:security:authz:1.0:attr:guest'] |
|---|
