Skip to main content

PyAMS security management package

Project description

What is PyAMS?

PyAMS (Pyramid Application Management Suite) is a small suite of packages written for applications and content management with the Pyramid framework.

PyAMS is actually mainly used to manage web sites through content management applications (CMS, see PyAMS_content package), but many features are generic and can be used inside any kind of web application.

All PyAMS documentation is available on ReadTheDocs; source code is available on Gitlab and pushed to Github.

What is PyAMS_security?

PyAMS_security is a core extension package for PyAMS which provides all base security-related features; the package provides a custom authentication policy which is based on a custom “security manager”. This utility is a pluggable tool which is handling system users, local users and groups; external packages are available to provide other authentication and security mechanisms, like HTTP authentication, JWT tokens management, and OAuth, Azure or LDAP based authentication.

Finally, PyAMS_security provides ACLs and roles management, as well as custom schema fields to store roles assigned to principals.

Changelog

2.5.0

  • added principal annotations utility sublocations adapter

  • replaced deprecated PersistentDict class with PersistentMapping

2.4.5

  • removed duplicated information in user profile registration message

2.4.4

  • updated user profile confirmation delay management

2.4.3

  • rollback on setuptools package upgrade

2.4.2

  • activate user profile on password reset

  • replaced “datetime.utcnow()” with “datetime.now(timezone.utc)”

2.4.1

  • added SonarCloud support

2.4.0

  • added internal service credentials plug-in

2.3.4

  • disable authentication of pre-authenticated credentials as defined by remote user authentication package

2.3.3

  • added exception handler in identity getter

2.3.2

  • updated internal service identity checker

2.3.1

  • updated translations

2.3.0

  • allow case-insensitive local user login

2.2.1

  • added support for custom attributes in roles

2.2.0

  • added marker interface to handle unknown or missing principals

  • added argument to security manager authentication method to get plugins instance instead of plugin name

2.1.2

  • renamed UnknownPrincipal class to avoid strange pickle behaviour…

2.1.1

  • optimized principal getter helper function

  • moved PyAMS_utils finder helper to new module

2.1.0

  • “forbidden” permission is not granted automatically to system manager automatically anymore; an optional configuration setting must be used to grant this permission

2.0.1

  • updated Buildout configuration

2.0.0

  • migrated to Pyramid 2.0

  • added interface and adapter to get user roles

  • added REST API authentication checker

1.11.2

  • renamed settings parameter used to disable default security policy on site root

1.11.1

  • updated doctests

  • added support for Python 3.11

1.11.0

  • added support for user registration

  • moved open registration settings to PyAMS_security_views package

1.10.6

  • updated CORS requests handler

  • use f-strings in logger output

1.10.5

  • added constant to set unchanged password value

1.10.4

  • added allowed methods argument to CORS requests handler

  • rollback on Gitlab-CI test coverage report integration

1.10.3

  • added Gitlab-CI test coverage report

1.10.2

  • added custom CORS requests handler adapter

1.10.1

  • updated Gitlab-CI configuration

1.10.0

  • added REST services configuration and validators to handle CORS requests

1.9.0

  • moved security plugins interfaces to dedicated module

  • added support for Python 3.10

1.8.4

  • added method to security manager to get a raw principal, bypassing cache

1.8.3

  • updated translations

1.8.2

  • reStructuredText formatting error…

1.8.1

  • added constant for unknown principal ID

  • added constants for principal and group ID formatters

1.8.0

  • added attribute to security manager to show link in home page

1.7.1

  • added strings constants for plug-ins labels

1.7.0

  • added ProtectedViewObjectMixin, to be used as base for any object using dynamic permission property

  • added “action” argument to “get_edit_permission()” function; this allows to register custom adapters to IViewContextPermissionChecker with this name, to be able to check edit permissions for custom actions

  • added ISecurityContext interface

1.6.2

  • renamed ‘skin’ module to ‘api’

1.6.1

  • correction in Gitlab-CI Pylint task

1.6.0

  • removed support for Python < 3.7

  • added custom password encoders

  • updated doctests

1.5.5

  • updated Gitlab-CI configuration

1.5.4

  • updated Gitlab-CI configuration

1.5.3

  • added wheels to Buildout configuration

1.5.2

  • updated Gitlab-CI configuration for last Python versions

1.5.1

  • updated doctests

1.5.0

  • added ISecurityManager factory configuration

  • removed Travis-CI configuration

1.4.0

  • added config.upgrade_role function, to be able to add permissions to an existing role

  • updated default site roles

  • updated doctests

1.3.1

  • updated security manager interface to add registered credentials plug-ins names

1.3.0

  • added argument in “find_principals” methods to only allow exact match

1.2.1

  • use updated WSGI decorator to prevent storage of null values into request environment

1.2.0

  • updated roles management; this will allow to extend supported roles of a given class just by adding adapters, without modifying the original class

  • moved PyAMS security policy to dedicated module

  • added registration of standard roles and security policy

  • add factories registration in default security plug-ins

  • updated users registration process

  • updated adapter_config decorator arguments

  • updated doctests

1.1.3

  • small updates in policy management of authenticated_user_id

1.1.2

  • updated doctests with configured cache

1.1.1

  • removed dependency on pyams_auth_http package

1.1.0

  • moved authentication plug-ins to dedicated packages (see pyams_auth_http, pyams_auth_jwt…)

  • moved PyAMS authentication policy to dedicated module

  • handle ConnectionStateError in authentication policy

  • updated doctests

1.0.5

  • simple version switch to avoid mismatch in Buildout configuration file… :(

1.0.4

  • code cleanup

1.0.3

  • handle ConnectionStateError in JWT authentication plug-in

  • updated doctests

1.0.2

  • added support for HS512 and RS512 JWT encryption protocols

1.0.1

  • updated imports in include file for tests integration

1.0.0

  • initial release

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyams_security-2.5.0.tar.gz (71.9 kB view details)

Uploaded Source

Built Distribution

pyams_security-2.5.0-py3-none-any.whl (115.1 kB view details)

Uploaded Python 3

File details

Details for the file pyams_security-2.5.0.tar.gz.

File metadata

  • Download URL: pyams_security-2.5.0.tar.gz
  • Upload date:
  • Size: 71.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.7.17

File hashes

Hashes for pyams_security-2.5.0.tar.gz
Algorithm Hash digest
SHA256 3563ba0e21ce98013f2e1dcd334f758f2e8fe76fa304d1941f597769af665e5b
MD5 7e351cc7717e257672e2ce09d9896fc3
BLAKE2b-256 3ae4caa2d847cef7fd12e75b0ed08ac65447fa1d3cd2d626eac8e7eac2342a0c

See more details on using hashes here.

File details

Details for the file pyams_security-2.5.0-py3-none-any.whl.

File metadata

File hashes

Hashes for pyams_security-2.5.0-py3-none-any.whl
Algorithm Hash digest
SHA256 8a5cd8e5ed1b4670f635c7ab115110ba6117a2f649851acee41f665ae333fc6e
MD5 e2b8e95090bc237c1743b676124bbdcf
BLAKE2b-256 588d1731c58449d5a006905f5901adf0400fc89f90aaf2b8e9df6537f5df67d8

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page