atoti_query.security.individual_roles module#

class atoti_query.security.individual_roles.IndividualRoles#

Mapping from username to roles granted on top of the ones that can be added by authentication providers.

Example

>>> session = tt.Session(authentication=tt.BasicAuthenticationConfig())
>>> username = "John"
>>> session.security.basic.credentials[username] = "X Æ A-12"
>>> username in session.security.individual_roles
False
>>> session.security.individual_roles[username] = {
...     "ROLE_USA",
...     "ROLE_USER",
... }
>>> sorted(session.security.individual_roles[username])
['ROLE_USA', 'ROLE_USER']
>>> session.security.individual_roles[username] -= {"ROLE_USA"}
>>> session.security.individual_roles[username]
{'ROLE_USER'}
>>> # Removing all the roles will prevent the user from accessing the application:
>>> del session.security.individual_roles[username]
>>> username in session.security.individual_roles
False