atoti.security.individual_roles.IndividualRoles

final class atoti.security.individual_roles.IndividualRoles

Mapping from username to roles granted on top of the ones that can be added by authentication providers.

Example

>>> session = tt.Session.start(tt.SessionConfig(security=tt.SecurityConfig()))
>>> username = "John"
>>> session.security.basic_authentication.credentials[username] = "X Æ A-12"
>>> username in session.security.individual_roles
False
>>> session.security.individual_roles[username] = {
...     "ROLE_USA",
...     "ROLE_USER",
... }
>>> sorted(session.security.individual_roles[username])
['ROLE_USA', 'ROLE_USER']
>>> session.security.individual_roles[username] -= {"ROLE_USA"}
>>> session.security.individual_roles[username]
frozenset({'ROLE_USER'})
>>> # Removing all the roles will prevent the user from accessing the application:
>>> del session.security.individual_roles[username]
>>> username in session.security.individual_roles
False