PyAMS security management package
Project description
What is PyAMS?
PyAMS (Pyramid Application Management Suite) is a small suite of packages written for applications and content management with the Pyramid framework.
PyAMS is actually mainly used to manage web sites through content management applications (CMS, see PyAMS_content package), but many features are generic and can be used inside any kind of web application.
All PyAMS documentation is available on ReadTheDocs; source code is available on Gitlab and pushed to Github.
What is PyAMS_security?
PyAMS_security is a core extension package for PyAMS which provides all base security-related features; the package provides a custom authentication policy which is based on a custom “security manager”. This utility is a pluggable tool which is handling system users, local users and groups; external packages are available to provide other authentication and security mechanisms, like HTTP authentication, JWT tokens management, and OAuth, Azure or LDAP based authentication.
Finally, PyAMS_security provides ACLs and roles management, as well as custom schema fields to store roles assigned to principals.
Changelog
2.5.0
added principal annotations utility sublocations adapter
replaced deprecated PersistentDict class with PersistentMapping
2.4.5
removed duplicated information in user profile registration message
2.4.4
updated user profile confirmation delay management
2.4.3
rollback on setuptools package upgrade
2.4.2
activate user profile on password reset
replaced “datetime.utcnow()” with “datetime.now(timezone.utc)”
2.4.1
added SonarCloud support
2.4.0
added internal service credentials plug-in
2.3.4
disable authentication of pre-authenticated credentials as defined by remote user authentication package
2.3.3
added exception handler in identity getter
2.3.2
updated internal service identity checker
2.3.1
updated translations
2.3.0
allow case-insensitive local user login
2.2.1
added support for custom attributes in roles
2.2.0
added marker interface to handle unknown or missing principals
added argument to security manager authentication method to get plugins instance instead of plugin name
2.1.2
renamed UnknownPrincipal class to avoid strange pickle behaviour…
2.1.1
optimized principal getter helper function
moved PyAMS_utils finder helper to new module
2.1.0
“forbidden” permission is not granted automatically to system manager automatically anymore; an optional configuration setting must be used to grant this permission
2.0.1
updated Buildout configuration
2.0.0
migrated to Pyramid 2.0
added interface and adapter to get user roles
added REST API authentication checker
1.11.2
renamed settings parameter used to disable default security policy on site root
1.11.1
updated doctests
added support for Python 3.11
1.11.0
added support for user registration
moved open registration settings to PyAMS_security_views package
1.10.6
updated CORS requests handler
use f-strings in logger output
1.10.5
added constant to set unchanged password value
1.10.4
added allowed methods argument to CORS requests handler
rollback on Gitlab-CI test coverage report integration
1.10.3
added Gitlab-CI test coverage report
1.10.2
added custom CORS requests handler adapter
1.10.1
updated Gitlab-CI configuration
1.10.0
added REST services configuration and validators to handle CORS requests
1.9.0
moved security plugins interfaces to dedicated module
added support for Python 3.10
1.8.4
added method to security manager to get a raw principal, bypassing cache
1.8.3
updated translations
1.8.2
reStructuredText formatting error…
1.8.1
added constant for unknown principal ID
added constants for principal and group ID formatters
1.8.0
added attribute to security manager to show link in home page
1.7.1
added strings constants for plug-ins labels
1.7.0
added ProtectedViewObjectMixin, to be used as base for any object using dynamic permission property
added “action” argument to “get_edit_permission()” function; this allows to register custom adapters to IViewContextPermissionChecker with this name, to be able to check edit permissions for custom actions
added ISecurityContext interface
1.6.2
renamed ‘skin’ module to ‘api’
1.6.1
correction in Gitlab-CI Pylint task
1.6.0
removed support for Python < 3.7
added custom password encoders
updated doctests
1.5.5
updated Gitlab-CI configuration
1.5.4
updated Gitlab-CI configuration
1.5.3
added wheels to Buildout configuration
1.5.2
updated Gitlab-CI configuration for last Python versions
1.5.1
updated doctests
1.5.0
added ISecurityManager factory configuration
removed Travis-CI configuration
1.4.0
added config.upgrade_role function, to be able to add permissions to an existing role
updated default site roles
updated doctests
1.3.1
updated security manager interface to add registered credentials plug-ins names
1.3.0
added argument in “find_principals” methods to only allow exact match
1.2.1
use updated WSGI decorator to prevent storage of null values into request environment
1.2.0
updated roles management; this will allow to extend supported roles of a given class just by adding adapters, without modifying the original class
moved PyAMS security policy to dedicated module
added registration of standard roles and security policy
add factories registration in default security plug-ins
updated users registration process
updated adapter_config decorator arguments
updated doctests
1.1.3
small updates in policy management of authenticated_user_id
1.1.2
updated doctests with configured cache
1.1.1
removed dependency on pyams_auth_http package
1.1.0
moved authentication plug-ins to dedicated packages (see pyams_auth_http, pyams_auth_jwt…)
moved PyAMS authentication policy to dedicated module
handle ConnectionStateError in authentication policy
updated doctests
1.0.5
simple version switch to avoid mismatch in Buildout configuration file… :(
1.0.4
code cleanup
1.0.3
handle ConnectionStateError in JWT authentication plug-in
updated doctests
1.0.2
added support for HS512 and RS512 JWT encryption protocols
1.0.1
updated imports in include file for tests integration
1.0.0
initial release
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pyams_security-2.5.0.tar.gz
.
File metadata
- Download URL: pyams_security-2.5.0.tar.gz
- Upload date:
- Size: 71.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.7.17
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3563ba0e21ce98013f2e1dcd334f758f2e8fe76fa304d1941f597769af665e5b |
|
MD5 | 7e351cc7717e257672e2ce09d9896fc3 |
|
BLAKE2b-256 | 3ae4caa2d847cef7fd12e75b0ed08ac65447fa1d3cd2d626eac8e7eac2342a0c |
File details
Details for the file pyams_security-2.5.0-py3-none-any.whl
.
File metadata
- Download URL: pyams_security-2.5.0-py3-none-any.whl
- Upload date:
- Size: 115.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.7.17
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8a5cd8e5ed1b4670f635c7ab115110ba6117a2f649851acee41f665ae333fc6e |
|
MD5 | e2b8e95090bc237c1743b676124bbdcf |
|
BLAKE2b-256 | 588d1731c58449d5a006905f5901adf0400fc89f90aaf2b8e9df6537f5df67d8 |