care.security.authorization.base module¶
- class AuthorizationHandler¶
Bases:
object
Base class for Authorization Handlers.
Handlers must define a list of actions that can be performed and implement the corresponding
can_<action>()
orget_<query>()
methods that perform the authorization logic.All authorization methods use the signature
(user, obj, **kwargs)
.obj
refers to the target object for which permission is being evaluated. It may also be a string or any other type as long as the logic accounts for it.Notes: * Actions (
can_
prefixed) return booleans. * Queries (get_
prefixed) return querysets or collections.- actions = []¶
- queries = []¶
- check_permission_in_organization(permissions, user, orgs=None)¶
- check_permission_in_facility_organization(permissions, user, orgs=None, facility=None, root=None)¶
- get_role_from_permissions(permissions)¶
- class AuthorizationController¶
Bases:
object
Someone please write this because i honestly forgot what this does
- override_authz_controllers: list[AuthorizationHandler] = []¶
- internal_authz_controllers: list[AuthorizationHandler] = [<class 'care.security.authorization.account.AccountAccess'>, <class 'care.security.authorization.activity_definition.ActivityDefinitionAccess'>, <class 'care.security.authorization.booking.BookingAccess'>, <class 'care.security.authorization.charge_item.ChargeItemAccess'>, <class 'care.security.authorization.charge_item_definition.ChargeItemDefinitionAccess'>, <class 'care.security.authorization.device.DeviceAccess'>, <class 'care.security.authorization.encounter.EncounterAccess'>, <class 'care.security.authorization.facility.FacilityAccess'>, <class 'care.security.authorization.facility_location.FacilityLocationAccess'>, <class 'care.security.authorization.facilityorganization.FacilityOrganizationAccess'>, <class 'care.security.authorization.healthcare_service.HealthcareServiceAccess'>, <class 'care.security.authorization.inventory_item.InventoryItemAccess'>, <class 'care.security.authorization.invoice.InvoiceAccess'>, <class 'care.security.authorization.medication.MedicationAccess'>, <class 'care.security.authorization.observation_definition.ObservationDefinitionAccess'>, <class 'care.security.authorization.organization.OrganizationAccess'>, <class 'care.security.authorization.patient.PatientAccess'>, <class 'care.security.authorization.patient_identifier_config.PatientIdentifierConfigAccess'>, <class 'care.security.authorization.payment_reconciliation.PaymentReconciliationAccess'>, <class 'care.security.authorization.product.ProductAccess'>, <class 'care.security.authorization.product_knowledge.ProductKnowledgeAccess'>, <class 'care.security.authorization.questionnaire.QuestionnaireAccess'>, <class 'care.security.authorization.resource_category.ResourceCategoryAccess'>, <class 'care.security.authorization.scheduling.ScheduleAccess'>, <class 'care.security.authorization.service_request.ServiceRequestAccess'>, <class 'care.security.authorization.specimen_definition.SpecimenDefinitionAccess'>, <class 'care.security.authorization.supply_delivery.SupplyDeliveryAccess'>, <class 'care.security.authorization.supply_request.SupplyRequestAccess'>, <class 'care.security.authorization.tag_config.TagConfigAccess'>, <class 'care.security.authorization.token.TokenCategoryAccess'>, <class 'care.security.authorization.token.TokenAccess'>, <class 'care.security.authorization.user.UserAccess'>]¶
- cache = {'actions': {}, 'queries': {}}¶
- classmethod build_cache()¶
- classmethod call(item, *args, **kwargs)¶
- classmethod register_internal_controller(controller)¶