MCPcopy
hub / github.com/feast-dev/feast / permitted_resources

Function permitted_resources

sdk/python/feast/permissions/security_manager.py:168–203  ·  view source on GitHub ↗

A utility function to invoke the `assert_permissions` method on the global security manager. If no global `SecurityManager` is defined (NoAuthConfig), all resources are permitted. If a SecurityManager exists but no user context and actions are requested, deny access for security. I

(
    resources: list[FeastObject],
    actions: Union[AuthzedAction, List[AuthzedAction]],
)

Source from the content-addressed store, hash-verified

166
167
168def permitted_resources(
169 resources: list[FeastObject],
170 actions: Union[AuthzedAction, List[AuthzedAction]],
171) -> list[FeastObject]:
172 """
173 A utility function to invoke the `assert_permissions` method on the global security manager.
174
175 If no global `SecurityManager` is defined (NoAuthConfig), all resources are permitted.
176 If a SecurityManager exists but no user context and actions are requested, deny access for security.
177 If a SecurityManager exists but user is intra-communication, allow access.
178
179 Args:
180 resources: The resources for which we need to enforce authorized permission.
181 actions: The requested actions to be authorized.
182 Returns:
183 list[FeastObject]]: A filtered list of the permitted resources, possibly empty.
184 """
185
186 sm = get_security_manager()
187 if not is_auth_necessary(sm):
188 # Check if this is NoAuthConfig (no security manager) vs missing user context vs intra-communication
189 if sm is None:
190 # NoAuthConfig: allow all resources
191 logger.debug("NoAuthConfig enabled - allowing access to all resources")
192 return resources
193 elif sm.current_user is not None:
194 # Intra-communication user: allow all resources
195 logger.debug("Intra-communication user - allowing access to all resources")
196 return resources
197 else:
198 # Security manager exists but no user context - deny access for security
199 logger.warning(
200 "Security manager exists but no user context - denying access to all resources"
201 )
202 return []
203 return sm.assert_permissions(resources=resources, actions=actions, filter_only=True) # type: ignore[union-attr]
204
205
206"""

Callers 15

ListEntitiesMethod · 0.90
ListDataSourcesMethod · 0.90
ListFeatureViewsMethod · 0.90
ListAllFeatureViewsMethod · 0.90
ListLabelViewsMethod · 0.90
ListFeatureServicesMethod · 0.90
ListSavedDatasetsMethod · 0.90
ListPermissionsMethod · 0.90
ListProjectsMethod · 0.90

Calls 3

get_security_managerFunction · 0.85
is_auth_necessaryFunction · 0.85
assert_permissionsMethod · 0.80

Tested by 1