ferrosoft.apps.ferrobase.auth package

Submodules

ferrosoft.apps.ferrobase.auth.roles module

class ferrosoft.apps.ferrobase.auth.roles.PermissionSet(group, permissions=<factory>)[source]

Bases: object

Associates a Django group name with a list of model-level permissions.

group holds the display name of the Django Group this set maps to; permissions accumulates the individual Django permission strings.

group: str
permissions: List[str]
with_model(model_class, *verbs)[source]

Append permissions for the given model and verbs and return self.

Parameters:
  • model_class (str) – Model name string (lower-case) or model class.

  • *verbs (Verb) – One or more Verb values whose Django equivalents are appended to permissions.

Returns:

self, enabling a fluent builder pattern.

Return type:

PermissionSet

class ferrosoft.apps.ferrobase.auth.roles.Permissions[source]

Bases: object

Utility for generating and checking Django permission strings.

Maps Verb enum values to the corresponding Django CRUD verbs (add, view, change, delete) and assembles fully qualified <app_label>.<verb>_<model_name> permission strings.

classmethod allowed(request, model_class, verb)[source]

Check whether the current request user has the given permission.

Parameters:
  • request (HttpRequest) – The current HTTP request.

  • model_class (Any) – Model class or name string.

  • verb (Verb) – The action to check.

Returns:

True if the user holds the corresponding Django permission.

Return type:

bool

classmethod for_model(model_class, verb)[source]

Build the Django permission string for a model and verb.

Parameters:
  • model_class (Any) – Model class or bare model name string. When a class is provided the app_label is included in the result.

  • verb (Verb) – The Verb action to translate.

Returns:

Permission string, e.g. "ferrobase.view_businesspartner".

Return type:

str

class ferrosoft.apps.ferrobase.auth.roles.Registry[source]

Bases: object

Static registry mapping each Role to its PermissionSet.

Provides the single source of truth for which Django permissions belong to each built-in role. The mapping is consumed when setting up tenant groups and when assigning roles to users.

classmethod get_permission_sets()[source]

Return the full role-to-permission-set mapping.

Returns:

Mapping of every defined role to its

associated PermissionSet.

Return type:

dict[Role, PermissionSet]

class ferrosoft.apps.ferrobase.auth.roles.Role(*values)[source]

Bases: StrEnum

Roles are identifiers for PermissionSets

EMIFLOW_MANAGER = 'emiflow_manager'
EMIFLOW_USER = 'emiflow_user'
USER_MANAGER = 'user_manager'
class ferrosoft.apps.ferrobase.auth.roles.Verb(*values)[source]

Bases: IntEnum

Enumerate model actions.

CREATE = 1
DELETE = 4
READ = 2
READ_FILTERED = 5
READ_TABLE_FILTERED = 6
UPDATE = 3