|
25 | 25 | from .user import User |
26 | 26 |
|
27 | 27 |
|
| 28 | +def _build_enforce_params( |
| 29 | + permission_id: str, |
| 30 | + model_id: str, |
| 31 | + resource_id: str, |
| 32 | + enforce_id: str, |
| 33 | + owner: str, |
| 34 | +) -> Dict[str, str]: |
| 35 | + """ |
| 36 | + Build and validate parameters for enforce API calls. |
| 37 | +
|
| 38 | + Exactly one of the parameters must be provided and non-empty. |
| 39 | +
|
| 40 | + :return: Dictionary with exactly one parameter set |
| 41 | + :raises ValueError: If zero or multiple parameters are provided |
| 42 | + """ |
| 43 | + params: Dict[str, str] = {} |
| 44 | + if permission_id: |
| 45 | + params["permissionId"] = permission_id |
| 46 | + if model_id: |
| 47 | + params["modelId"] = model_id |
| 48 | + if resource_id: |
| 49 | + params["resourceId"] = resource_id |
| 50 | + if enforce_id: |
| 51 | + params["enforcerId"] = enforce_id |
| 52 | + if owner: |
| 53 | + params["owner"] = owner |
| 54 | + |
| 55 | + if len(params) != 1: |
| 56 | + raise ValueError( |
| 57 | + "Exactly one of (permission_id, model_id, resource_id, enforce_id, owner) " |
| 58 | + "must be provided and non-empty. " |
| 59 | + f"Got {len(params)} parameters: {list(params.keys())}" |
| 60 | + ) |
| 61 | + |
| 62 | + return params |
| 63 | + |
| 64 | + |
28 | 65 | class AioHttpClient: |
29 | 66 | def __init__(self, base_url): |
30 | 67 | self.base_url = base_url |
@@ -277,19 +314,13 @@ async def enforce( |
277 | 314 | :param permission_id: the permission id (i.e. organization name/permission name) |
278 | 315 | :param model_id: the model id |
279 | 316 | :param resource_id: the resource id |
280 | | - :param enforce_id: the enforce id |
| 317 | + :param enforce_id: the enforcer id (note: uses 'enforcerId' parameter in API) |
281 | 318 | :param owner: the owner of the permission |
282 | 319 | :param casbin_request: a list containing the request data (i.e. sub, obj, act) |
283 | 320 | :return: a boolean value indicating whether the request is allowed |
284 | 321 | """ |
285 | 322 | url = "/api/enforce" |
286 | | - params: Dict[str, str] = { |
287 | | - "permissionId": permission_id, |
288 | | - "modelId": model_id, |
289 | | - "resourceId": resource_id, |
290 | | - "enforceId": enforce_id, |
291 | | - "owner": owner, |
292 | | - } |
| 323 | + params = _build_enforce_params(permission_id, model_id, resource_id, enforce_id, owner) |
293 | 324 |
|
294 | 325 | async with self._session as session: |
295 | 326 | response = await session.post( |
@@ -328,18 +359,13 @@ async def batch_enforce( |
328 | 359 |
|
329 | 360 | :param permission_id: the permission id (i.e. organization name/permission name) |
330 | 361 | :param model_id: the model id |
331 | | - :param enforce_id: the enforce id |
| 362 | + :param enforce_id: the enforcer id (note: uses 'enforcerId' parameter in API) |
332 | 363 | :param owner: the owner of the permission |
333 | 364 | :param casbin_request: a list of lists containing the request data |
334 | 365 | :return: a list of boolean values indicating whether each request is allowed |
335 | 366 | """ |
336 | 367 | url = "/api/batch-enforce" |
337 | | - params = { |
338 | | - "permissionId": permission_id, |
339 | | - "modelId": model_id, |
340 | | - "enforceId": enforce_id, |
341 | | - "owner": owner, |
342 | | - } |
| 368 | + params = _build_enforce_params(permission_id, model_id, "", enforce_id, owner) |
343 | 369 |
|
344 | 370 | async with self._session as session: |
345 | 371 | response = await session.post( |
|
0 commit comments