MCPcopy Index your code
hub / github.com/feast-dev/feast / SecurityManager

Class SecurityManager

sdk/python/feast/permissions/security_manager.py:18–87  ·  view source on GitHub ↗

The security manager it's the entry point to validate the configuration of the current user against the configured permission policies. It is accessed and defined using the global functions `get_security_manager` and `set_security_manager`

Source from the content-addressed store, hash-verified

16
17
18class SecurityManager:
19 """
20 The security manager it's the entry point to validate the configuration of the current user against the configured permission policies.
21 It is accessed and defined using the global functions `get_security_manager` and `set_security_manager`
22 """
23
24 def __init__(
25 self,
26 project: str,
27 registry: BaseRegistry,
28 ):
29 self._project = project
30 self._registry = registry
31 self._current_user: ContextVar[Optional[User]] = ContextVar(
32 "current_user", default=None
33 )
34
35 def set_current_user(self, current_user: User):
36 """
37 Init the user for the current context.
38 """
39 self._current_user.set(current_user)
40
41 @property
42 def current_user(self) -> Optional[User]:
43 """
44 Returns:
45 str: the possibly empty instance of the current user. `contextvars` module is used to ensure that each concurrent request has its own
46 individual user.
47 """
48 return self._current_user.get()
49
50 @property
51 def permissions(self) -> list[Permission]:
52 """
53 Returns:
54 list[Permission]: the list of `Permission` configured in the Feast registry.
55 """
56 return self._registry.list_permissions(project=self._project)
57
58 def assert_permissions(
59 self,
60 resources: list[FeastObject],
61 actions: Union[AuthzedAction, List[AuthzedAction]],
62 filter_only: bool = False,
63 ) -> list[FeastObject]:
64 """
65 Verify if the current user is authorized to execute the requested actions on the given resources.
66
67 If no permissions are defined, the result is to deny the execution.
68
69 Args:
70 resources: The resources for which we need to enforce authorized permission.
71 actions: The requested actions to be authorized.
72 filter_only: If `True`, it removes unauthorized resources from the returned value, otherwise it raises a `FeastPermissionError` the
73 first unauthorized resource. Defaults to `False`.
74
75 Returns:

Callers 2

init_security_managerFunction · 0.90
security_managerFunction · 0.90

Calls

no outgoing calls

Tested by 1

security_managerFunction · 0.72