yirifi-ops-auth-client 3.2.3__py3-none-any.whl

yirifi_ops_auth/models.py

@@ -0,0 +1,80 @@
+"""Data models for auth client."""
+from dataclasses import dataclass, field
+from typing import Optional
+
+
+@dataclass
+class AuthUser:
+    """Authenticated user information with RBAC support."""
+
+    user_id: str  # Immutable UUID, use for storage in domain tables
+    id: int  # Internal ID (kept for backward compatibility)
+    email: str
+    display_name: str
+    is_admin: bool  # deprecated - use has_permission() instead
+    microsites: list[str]
+
+    # RBAC fields
+    roles: list[str] = field(default_factory=list)
+    permissions: list[str] = field(default_factory=list)
+    effective_role: Optional[str] = None
+
+    def has_access_to(self, microsite_id: str) -> bool:
+        """Check if user has access to a microsite."""
+        return microsite_id in self.microsites
+
+    def has_permission(self, permission: str) -> bool:
+        """Check if user has a specific permission.
+
+        Args:
+            permission: Permission code (e.g., 'report:create')
+
+        Returns:
+            True if user has the permission
+        """
+        return permission in self.permissions
+
+    def has_role(self, role: str) -> bool:
+        """Check if user has a specific role.
+
+        Args:
+            role: Role code (e.g., 'editor')
+
+        Returns:
+            True if user has the role
+        """
+        return role in self.roles
+
+    def has_any_permission(self, *permissions: str) -> bool:
+        """Check if user has any of the specified permissions.
+
+        Args:
+            *permissions: Permission codes to check
+
+        Returns:
+            True if user has at least one of the permissions
+        """
+        return any(p in self.permissions for p in permissions)
+
+    def has_all_permissions(self, *permissions: str) -> bool:
+        """Check if user has all of the specified permissions.
+
+        Args:
+            *permissions: Permission codes to check
+
+        Returns:
+            True if user has all of the permissions
+        """
+        return all(p in self.permissions for p in permissions)
+
+
+@dataclass
+class VerifyResult:
+    """Result from auth verification."""
+
+    valid: bool
+    user: Optional[AuthUser] = None
+    error: Optional[str] = None
+    redirect_url: Optional[str] = None
+    has_access: bool = True
+    role: Optional[str] = None  # deprecated - use user.effective_role instead

yirifi_ops_auth_client-3.2.3.dist-info/METADATA

@@ -0,0 +1,15 @@
+Metadata-Version: 2.4
+Name: yirifi-ops-auth-client
+Version: 3.2.3
+Summary: Authentication client library for Yirifi Ops microsites with RBAC support
+Requires-Python: >=3.10
+Requires-Dist: httpx>=0.27
+Requires-Dist: flask>=2.0
+Requires-Dist: sqlalchemy>=2.0.45
+Provides-Extra: yaml
+Requires-Dist: pyyaml>=6.0; extra == "yaml"
+Provides-Extra: dev
+Requires-Dist: pytest>=8.0; extra == "dev"
+Requires-Dist: pytest-cov>=4.0; extra == "dev"
+Requires-Dist: responses>=0.24; extra == "dev"
+Requires-Dist: pyyaml>=6.0; extra == "dev"

yirifi_ops_auth_client-3.2.3.dist-info/RECORD

@@ -0,0 +1,19 @@
+yirifi_ops_auth/__init__.py,sha256=uy3QK_KyZ3crKgtT5P7MqBGYFEh3hzf7Dt68VAn0rsE,1457
+yirifi_ops_auth/client.py,sha256=zQIsDB8MadIf5PDhZKOI8yflYEV95f6NprmCDpZDv0o,5649
+yirifi_ops_auth/decorators.py,sha256=PZvrYJ_SgIjHhPVY1tOpuL72rxgIg2i5zgSe7AnkpGY,6418
+yirifi_ops_auth/exceptions.py,sha256=8hQhoQKumhRCWmZB8XPQMT9ThqocnqM2jRhpetP6Z2U,923
+yirifi_ops_auth/local_user.py,sha256=cyFNeEFBeR4wBPHJhrfLHwOn-gtCV-ysQNLr-B2qc4A,3713
+yirifi_ops_auth/middleware.py,sha256=KMSf_kZTDT1ItGaSHw7NV-jzL68PwsUGWaVi6mR5X_8,10593
+yirifi_ops_auth/models.py,sha256=1qX8kVeUpRpjj-mN69jXn6hobX9N-KXq1NfK3GCQ8WQ,2326
+yirifi_ops_auth/deeplink/__init__.py,sha256=R5GF-Sr78cdiEoinOOygBX2-CxnVfsa3wfAg0Xrsvlo,5772
+yirifi_ops_auth/deeplink/blueprint.py,sha256=6rLFdoudJWCMc5xi0cZeWKV3dmhTWmaK8dy-QETgNlw,4605
+yirifi_ops_auth/deeplink/environment.py,sha256=am1NlSDyje8lrwer9TdyqcPyR8iQlx4vBhOpHcxVISA,4479
+yirifi_ops_auth/deeplink/federation.py,sha256=MnTftYEtgRA01yf4NDp_XZ3cqT_9G5XuJkVSJPqmpxk,13591
+yirifi_ops_auth/deeplink/jinja.py,sha256=FaziyBzqm8b65hoCakO3yH8eZWpJAr5O3soafSpS1JA,11265
+yirifi_ops_auth/deeplink/registry.py,sha256=vgDvQawobmTAoorDV8wjHzhLKEqBXjC-9JszWyJGB9o,12486
+yirifi_ops_auth/deeplink/resolver.py,sha256=tZJsiJczNt-EdafKF_WdHcJ-Od0Ie-gLkEyNpZgjoJI,6340
+yirifi_ops_auth/deeplink/yaml_loader.py,sha256=Nj2Oywr_ISJuAnadUBMWolcAGq_DxvR44VYNTQzFQkI,6928
+yirifi_ops_auth_client-3.2.3.dist-info/METADATA,sha256=1Z_CiwvQFaFxDRZfMiCWppdoyzTbg1RHt1iyZqRbl0I,525
+yirifi_ops_auth_client-3.2.3.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+yirifi_ops_auth_client-3.2.3.dist-info/top_level.txt,sha256=yclAYwZIF30ir5Gh_iNoRetLESkHocnPV6yOCRxb2E8,16
+yirifi_ops_auth_client-3.2.3.dist-info/RECORD,,

yirifi_ops_auth_client-3.2.3.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: setuptools (80.9.0)
+Root-Is-Purelib: true
+Tag: py3-none-any
+

yirifi_ops_auth_client-3.2.3.dist-info/top_level.txt

@@ -0,0 +1 @@
+yirifi_ops_auth