======================
PyAMS_security package
======================
.. contents::
What is PyAMS?
==============
PyAMS (Pyramid Application Management Suite) is a small suite of packages written for applications
and content management with the Pyramid framework.
**PyAMS** is actually mainly used to manage web sites through content management applications (CMS,
see PyAMS_content package), but many features are generic and can be used inside any kind of web
application.
All PyAMS documentation is available on `ReadTheDocs <https://pyams.readthedocs.io>`_; source code
is available on `Gitlab <https://gitlab.com/pyams>`_ and pushed to `Github
<https://github.com/py-ams>`_.
What is PyAMS_security?
=======================
PyAMS_security is a core extension package for PyAMS which provides all base security-related
features; the package provides a custom authentication policy which is based on a custom "security
manager". This utility is a pluggable tool which is handling system users, local users and groups;
external packages are available to provide other authentication and security mechanisms, like
HTTP authentication, JWT tokens management, and OAuth, Azure or LDAP based authentication.
Finally, PyAMS_security provides ACLs and roles management, as well as custom schema fields to
store roles assigned to principals.
Changelog
=========
2.5.0
-----
- added principal annotations utility sublocations adapter
- replaced deprecated PersistentDict class with PersistentMapping
2.4.5
-----
- removed duplicated information in user profile registration message
2.4.4
-----
- updated user profile confirmation delay management
2.4.3
-----
- rollback on setuptools package upgrade
2.4.2
-----
- activate user profile on password reset
- replaced "datetime.utcnow()" with "datetime.now(timezone.utc)"
2.4.1
-----
- added SonarCloud support
2.4.0
-----
- added internal service credentials plug-in
2.3.4
-----
- disable authentication of pre-authenticated credentials as defined by remote user
authentication package
2.3.3
-----
- added exception handler in identity getter
2.3.2
-----
- updated internal service identity checker
2.3.1
-----
- updated translations
2.3.0
-----
- allow case-insensitive local user login
2.2.1
-----
- added support for custom attributes in roles
2.2.0
-----
- added marker interface to handle unknown or missing principals
- added argument to security manager authentication method to get plugins instance
instead of plugin name
2.1.2
-----
- renamed UnknownPrincipal class to avoid strange pickle behaviour...
2.1.1
-----
- optimized principal getter helper function
- moved PyAMS_utils finder helper to new module
2.1.0
-----
- "forbidden" permission is not granted automatically to system manager automatically anymore;
an optional configuration setting must be used to grant this permission
2.0.1
-----
- updated Buildout configuration
2.0.0
-----
- migrated to Pyramid 2.0
- added interface and adapter to get user roles
- added REST API authentication checker
1.11.2
------
- renamed settings parameter used to disable default security policy on site root
1.11.1
------
- updated doctests
- added support for Python 3.11
1.11.0
------
- added support for user registration
- moved open registration settings to PyAMS_security_views package
1.10.6
------
- updated CORS requests handler
- use f-strings in logger output
1.10.5
------
- added constant to set unchanged password value
1.10.4
------
- added allowed methods argument to CORS requests handler
- rollback on Gitlab-CI test coverage report integration
1.10.3
------
- added Gitlab-CI test coverage report
1.10.2
------
- added custom CORS requests handler adapter
1.10.1
------
- updated Gitlab-CI configuration
1.10.0
------
- added REST services configuration and validators to handle CORS requests
1.9.0
-----
- moved security plugins interfaces to dedicated module
- added support for Python 3.10
1.8.4
-----
- added method to security manager to get a raw principal, bypassing cache
1.8.3
-----
- updated translations
1.8.2
-----
- reStructuredText formatting error...
1.8.1
-----
- added constant for unknown principal ID
- added constants for principal and group ID formatters
1.8.0
-----
- added attribute to security manager to show link in home page
1.7.1
-----
- added strings constants for plug-ins labels
1.7.0
-----
- added ProtectedViewObjectMixin, to be used as base for any object using dynamic
*permission* property
- added "action" argument to "get_edit_permission()" function; this allows to register
custom adapters to *IViewContextPermissionChecker* with this name, to be able to check
edit permissions for custom actions
- added ISecurityContext interface
1.6.2
-----
- renamed 'skin' module to 'api'
1.6.1
-----
- correction in Gitlab-CI Pylint task
1.6.0
-----
- removed support for Python < 3.7
- added custom password encoders
- updated doctests
1.5.5
-----
- updated Gitlab-CI configuration
1.5.4
-----
- updated Gitlab-CI configuration
1.5.3
-----
- added wheels to Buildout configuration
1.5.2
-----
- updated Gitlab-CI configuration for last Python versions
1.5.1
-----
- updated doctests
1.5.0
-----
- added ISecurityManager factory configuration
- removed Travis-CI configuration
1.4.0
-----
- added config.upgrade_role function, to be able to add permissions to an existing role
- updated default site roles
- updated doctests
1.3.1
-----
- updated security manager interface to add registered credentials plug-ins names
1.3.0
-----
- added argument in "find_principals" methods to only allow exact match
1.2.1
-----
- use updated WSGI decorator to prevent storage of null values into request environment
1.2.0
-----
- updated roles management; this will allow to extend supported roles of a given class just
by adding adapters, without modifying the original class
- moved PyAMS security policy to dedicated module
- added registration of standard roles and security policy
- add factories registration in default security plug-ins
- updated users registration process
- updated adapter_config decorator arguments
- updated doctests
1.1.3
-----
- small updates in policy management of *authenticated_user_id*
1.1.2
-----
- updated doctests with configured cache
1.1.1
-----
- removed dependency on *pyams_auth_http* package
1.1.0
-----
- moved authentication plug-ins to dedicated packages (see pyams_auth_http, pyams_auth_jwt...)
- moved PyAMS authentication policy to dedicated module
- handle ConnectionStateError in authentication policy
- updated doctests
1.0.5
-----
- simple version switch to avoid mismatch in Buildout configuration file... :(
1.0.4
-----
- code cleanup
1.0.3
-----
- handle ConnectionStateError in JWT authentication plug-in
- updated doctests
1.0.2
-----
- added support for HS512 and RS512 JWT encryption protocols
1.0.1
-----
- updated imports in include file for tests integration
1.0.0
-----
- initial release
Raw data
{
"_id": null,
"home_page": "https://pyams.readthedocs.io",
"name": "pyams-security",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": null,
"keywords": "Pyramid PyAMS",
"author": "Thierry Florac",
"author_email": "tflorac@ulthar.net",
"download_url": "https://files.pythonhosted.org/packages/3a/e4/caa2d847cef7fd12e75b0ed08ac65447fa1d3cd2d626eac8e7eac2342a0c/pyams_security-2.5.0.tar.gz",
"platform": null,
"description": "======================\nPyAMS_security package\n======================\n\n.. contents::\n\n\nWhat is PyAMS?\n==============\n\nPyAMS (Pyramid Application Management Suite) is a small suite of packages written for applications\nand content management with the Pyramid framework.\n\n**PyAMS** is actually mainly used to manage web sites through content management applications (CMS,\nsee PyAMS_content package), but many features are generic and can be used inside any kind of web\napplication.\n\nAll PyAMS documentation is available on `ReadTheDocs <https://pyams.readthedocs.io>`_; source code\nis available on `Gitlab <https://gitlab.com/pyams>`_ and pushed to `Github\n<https://github.com/py-ams>`_.\n\n\nWhat is PyAMS_security?\n=======================\n\nPyAMS_security is a core extension package for PyAMS which provides all base security-related\nfeatures; the package provides a custom authentication policy which is based on a custom \"security\nmanager\". This utility is a pluggable tool which is handling system users, local users and groups;\nexternal packages are available to provide other authentication and security mechanisms, like\nHTTP authentication, JWT tokens management, and OAuth, Azure or LDAP based authentication.\n\nFinally, PyAMS_security provides ACLs and roles management, as well as custom schema fields to\nstore roles assigned to principals.\n\n\nChangelog\n=========\n\n2.5.0\n-----\n - added principal annotations utility sublocations adapter\n - replaced deprecated PersistentDict class with PersistentMapping\n\n2.4.5\n-----\n - removed duplicated information in user profile registration message\n\n2.4.4\n-----\n - updated user profile confirmation delay management\n\n2.4.3\n-----\n - rollback on setuptools package upgrade\n\n2.4.2\n-----\n - activate user profile on password reset\n - replaced \"datetime.utcnow()\" with \"datetime.now(timezone.utc)\"\n\n2.4.1\n-----\n - added SonarCloud support\n\n2.4.0\n-----\n - added internal service credentials plug-in\n\n2.3.4\n-----\n - disable authentication of pre-authenticated credentials as defined by remote user\n authentication package\n\n2.3.3\n-----\n - added exception handler in identity getter\n\n2.3.2\n-----\n - updated internal service identity checker\n\n2.3.1\n-----\n - updated translations\n\n2.3.0\n-----\n - allow case-insensitive local user login\n\n2.2.1\n-----\n - added support for custom attributes in roles\n\n2.2.0\n-----\n - added marker interface to handle unknown or missing principals\n - added argument to security manager authentication method to get plugins instance\n instead of plugin name\n\n2.1.2\n-----\n - renamed UnknownPrincipal class to avoid strange pickle behaviour...\n\n2.1.1\n-----\n - optimized principal getter helper function\n - moved PyAMS_utils finder helper to new module\n\n2.1.0\n-----\n - \"forbidden\" permission is not granted automatically to system manager automatically anymore;\n an optional configuration setting must be used to grant this permission\n\n2.0.1\n-----\n - updated Buildout configuration\n\n2.0.0\n-----\n - migrated to Pyramid 2.0\n - added interface and adapter to get user roles\n - added REST API authentication checker\n\n1.11.2\n------\n - renamed settings parameter used to disable default security policy on site root\n\n1.11.1\n------\n - updated doctests\n - added support for Python 3.11\n\n1.11.0\n------\n - added support for user registration\n - moved open registration settings to PyAMS_security_views package\n\n1.10.6\n------\n - updated CORS requests handler\n - use f-strings in logger output\n\n1.10.5\n------\n - added constant to set unchanged password value\n\n1.10.4\n------\n - added allowed methods argument to CORS requests handler\n - rollback on Gitlab-CI test coverage report integration\n\n1.10.3\n------\n - added Gitlab-CI test coverage report\n\n1.10.2\n------\n - added custom CORS requests handler adapter\n\n1.10.1\n------\n - updated Gitlab-CI configuration\n\n1.10.0\n------\n - added REST services configuration and validators to handle CORS requests\n\n1.9.0\n-----\n - moved security plugins interfaces to dedicated module\n - added support for Python 3.10\n\n1.8.4\n-----\n - added method to security manager to get a raw principal, bypassing cache\n\n1.8.3\n-----\n - updated translations\n\n1.8.2\n-----\n - reStructuredText formatting error...\n\n1.8.1\n-----\n - added constant for unknown principal ID\n - added constants for principal and group ID formatters\n\n1.8.0\n-----\n - added attribute to security manager to show link in home page\n\n1.7.1\n-----\n - added strings constants for plug-ins labels\n\n1.7.0\n-----\n - added ProtectedViewObjectMixin, to be used as base for any object using dynamic\n *permission* property\n - added \"action\" argument to \"get_edit_permission()\" function; this allows to register\n custom adapters to *IViewContextPermissionChecker* with this name, to be able to check\n edit permissions for custom actions\n - added ISecurityContext interface\n\n1.6.2\n-----\n - renamed 'skin' module to 'api'\n\n1.6.1\n-----\n - correction in Gitlab-CI Pylint task\n\n1.6.0\n-----\n - removed support for Python < 3.7\n - added custom password encoders\n - updated doctests\n\n1.5.5\n-----\n - updated Gitlab-CI configuration\n\n1.5.4\n-----\n - updated Gitlab-CI configuration\n\n1.5.3\n-----\n - added wheels to Buildout configuration\n\n1.5.2\n-----\n - updated Gitlab-CI configuration for last Python versions\n\n1.5.1\n-----\n - updated doctests\n\n1.5.0\n-----\n - added ISecurityManager factory configuration\n - removed Travis-CI configuration\n\n1.4.0\n-----\n - added config.upgrade_role function, to be able to add permissions to an existing role\n - updated default site roles\n - updated doctests\n\n1.3.1\n-----\n - updated security manager interface to add registered credentials plug-ins names\n\n1.3.0\n-----\n - added argument in \"find_principals\" methods to only allow exact match\n\n1.2.1\n-----\n - use updated WSGI decorator to prevent storage of null values into request environment\n\n1.2.0\n-----\n - updated roles management; this will allow to extend supported roles of a given class just\n by adding adapters, without modifying the original class\n - moved PyAMS security policy to dedicated module\n - added registration of standard roles and security policy\n - add factories registration in default security plug-ins\n - updated users registration process\n - updated adapter_config decorator arguments\n - updated doctests\n\n1.1.3\n-----\n - small updates in policy management of *authenticated_user_id*\n\n1.1.2\n-----\n - updated doctests with configured cache\n\n1.1.1\n-----\n - removed dependency on *pyams_auth_http* package\n\n1.1.0\n-----\n - moved authentication plug-ins to dedicated packages (see pyams_auth_http, pyams_auth_jwt...)\n - moved PyAMS authentication policy to dedicated module\n - handle ConnectionStateError in authentication policy\n - updated doctests\n\n1.0.5\n-----\n - simple version switch to avoid mismatch in Buildout configuration file... :(\n\n1.0.4\n-----\n - code cleanup\n\n1.0.3\n-----\n - handle ConnectionStateError in JWT authentication plug-in\n - updated doctests\n\n1.0.2\n-----\n - added support for HS512 and RS512 JWT encryption protocols\n\n1.0.1\n-----\n - updated imports in include file for tests integration\n\n1.0.0\n-----\n - initial release\n",
"bugtrack_url": null,
"license": "ZPL",
"summary": "PyAMS security management package",
"version": "2.5.0",
"project_urls": {
"Homepage": "https://pyams.readthedocs.io"
},
"split_keywords": [
"pyramid",
"pyams"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "588d1731c58449d5a006905f5901adf0400fc89f90aaf2b8e9df6537f5df67d8",
"md5": "e2b8e95090bc237c1743b676124bbdcf",
"sha256": "8a5cd8e5ed1b4670f635c7ab115110ba6117a2f649851acee41f665ae333fc6e"
},
"downloads": -1,
"filename": "pyams_security-2.5.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "e2b8e95090bc237c1743b676124bbdcf",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 115119,
"upload_time": "2024-11-22T15:04:09",
"upload_time_iso_8601": "2024-11-22T15:04:09.142749Z",
"url": "https://files.pythonhosted.org/packages/58/8d/1731c58449d5a006905f5901adf0400fc89f90aaf2b8e9df6537f5df67d8/pyams_security-2.5.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "3ae4caa2d847cef7fd12e75b0ed08ac65447fa1d3cd2d626eac8e7eac2342a0c",
"md5": "7e351cc7717e257672e2ce09d9896fc3",
"sha256": "3563ba0e21ce98013f2e1dcd334f758f2e8fe76fa304d1941f597769af665e5b"
},
"downloads": -1,
"filename": "pyams_security-2.5.0.tar.gz",
"has_sig": false,
"md5_digest": "7e351cc7717e257672e2ce09d9896fc3",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 71896,
"upload_time": "2024-11-22T15:04:11",
"upload_time_iso_8601": "2024-11-22T15:04:11.122366Z",
"url": "https://files.pythonhosted.org/packages/3a/e4/caa2d847cef7fd12e75b0ed08ac65447fa1d3cd2d626eac8e7eac2342a0c/pyams_security-2.5.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-11-22 15:04:11",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "pyams-security"
}
JSON