swh.web.auth.utils module#

swh.web.auth.utils.encrypt_data(data: bytes, password: bytes, salt: bytes) bytes[source]#

Encrypt data using Fernet system (symmetric encryption).

Parameters:
  • data – input data to encrypt

  • password – user password that will be used to generate a Fernet key derivation function

  • salt – value that will be used to generate a Fernet key derivation function

Returns:

The encrypted data

swh.web.auth.utils.decrypt_data(data: bytes, password: bytes, salt: bytes) bytes[source]#

Decrypt data using Fernet system (symmetric encryption).

Parameters:
  • data – input data to decrypt

  • password – user password that will be used to generate a Fernet key derivation function

  • salt – value that will be used to generate a Fernet key derivation function

Returns:

The decrypted data

swh.web.auth.utils.privileged_user(request: HttpRequest, permissions: List[str] = []) bool[source]#

Determine whether a user is authenticated and is a privileged one (e.g ambassador). This allows such user to have access to some more actions (e.g. bypass save code now review, access to ‘archives’ type…). A user is considered as privileged if he is a staff member or has any permission from those provided as parameters.

Parameters:
  • request – Input django HTTP request

  • permissions – list of permission names to determine if user is privileged or not

Returns:

Whether the user is privileged or not.

swh.web.auth.utils.any_permission_required(*perms)[source]#

View decorator granting access to it if user has at least one permission among those passed as parameters.

swh.web.auth.utils.is_add_forge_now_moderator(user) bool[source]#

Is a user considered an add-forge-now moderator?

Returns

True if a user is staff or has add forge now moderator permission

swh.web.auth.utils.get_or_create_django_permission(perm_name: str) Permission[source]#

Get or create a swh-web permission (different from django model permission) out of a permission name string.

Parameters:

perm_name – Permission name (e.g. swh.web.api.throttling_exempted, swh.ambassador, …)

Returns:

The persisted permission