Bases: personis.server.base.Access
Access class with active additions
Parameters: |
|
---|
Parameters: |
|
---|
model database stored in ”.model” in the model directory:
Identifier modelname
Description of the model
owner owner of the model
password md5 hash of owner password for this model
apps dictionary of app names and keys
appname dictionary of info about that app
password md5 hash of the apps access key (password)
description of the app
context database stored in ”.context” in each context directory:
Identifier context name
Description of the context
perms a dictionary of permissions for apps
appname dictionary of permission info for that app
permname True/False value indicates permname permission for the app
eg {"ask":False, "tell":True} can tell values but not ask
"resolvers" list of resolvers that the app is allowed to use
eg {"resolvers":["last1", "goal"]}
Bases: personis.server.resolvers.Access, personis.server.ev_filters.Access
Parameters: |
|
---|---|
Returns: | a user model access object |
Raise : |
Parameters: |
|
---|---|
Returns: | a list of component objects |
Raise : |
gets permissions for a context (if componentid is None) or a component # not implemented #### :return: True is the app has the nominated permission False if not
check subscriptions for componentid in current context. implemented in active
Parameters: |
|
---|---|
Returns: | |
Raise : |
Delete an existing component in a given context
Parameters: |
|
---|---|
Returns: | None on success a string error message on error |
Delete a context saves an archive of the context (debug)
deletes an app
Delete an existing view within a given context
Parameters: |
|
---|---|
Returns: | on success, None on failure, a string reporting the problem |
Parameters: | context – a list giving the path to the required context |
---|---|
Returns: | True if context exists False if the context doesn’t exist |
Export a model to a json representation
Parameters: |
|
---|---|
Returns: | returns a JSON encoded representation of the um tree |
Raise : |
Parameters: | context – a list giving the path to the required context |
---|---|
Returns: | a dictionary containing information associated with the context |
Raise : |
gets permissions for a context (if componentid is None) or a component # not implemented yet ####
Returns: | a tuple (ask,tell) |
---|
Import a model
Parameters: |
|
---|---|
Returns: | |
Raise : |
returns an dictionary of apps that are registered key is app name, ‘description’ is app description
Make a new component in a given context
Parameters: |
|
---|---|
Returns: | None on success a string error message on error |
Make a new context in a given context
Parameters: |
|
---|---|
Returns: | True if created ok, False otherwise |
Make a new view in a given context
Parameters: |
|
---|
registers a password for an app
Parameters: |
|
---|---|
Returns: | returns a dictionary containing description and password(access key) |
set the goal list for a component. requires “tell” permission
Parameters: |
|
---|---|
Returns: | |
Raise : |
Parameters: |
|
---|---|
Returns: | True on success False if the component doesn’t exist |
Set the context
Parameters: |
|
---|---|
Returns: | True on success False if the context doesn’t exist |
sets ask/tell permission for a context (if componentid is None) or a component
Tell the model something
Parameters: |
|
---|---|
Returns: | |
Raise : |
make a model with name “model” in directory modeldir for “user” with “description”
Parameters: |
|
---|---|
Raise : |
Bases: object
Parser for crontab expressions. Any expression of the form ‘groups’ (see BNF grammar below) is accepted and expanded to a set of numbers. These numbers represent the units of time that the crontab needs to run on:
digit :: '0'..'9'
dow :: 'a'..'z'
number :: digit+ | dow+
steps :: number
range :: number ( '-' number ) ?
numspec :: '*' | range
expr :: numspec ( '/' steps ) ?
groups :: expr ( ',' expr ) *
The parser is a general purpose one, useful for parsing hours, minutes and day_of_week expressions. Example usage:
>>> minutes = crontab_parser(60).parse("*/15")
[0, 15, 30, 45]
>>> hours = crontab_parser(24).parse("*/4")
[0, 4, 8, 12, 16, 20]
>>> day_of_week = crontab_parser(7).parse("*")
[0, 1, 2, 3, 4, 5, 6]
Evidence filter mixin for Personis Access
Contains evidence filter methods that are used before a resolver runs To add a new filter, add the method to this class and add an entry to the self.evidencefilterlist dictionary
return elements with flag “goal”
return last 10 evidence items
return last 1 evidence item
return the last arguments[“recent_count”] elements
return elements with creation_time after arguments[“since_time”]
Exceptions used in the Personis System
Bases: exceptions.IOError
Used to indicate that no model can be found for given modelname
Bases: exceptions.IOError
Used to indicate that the required model server is returning an error
mkmodel takes a definition of a model (stored in modeldefinitionfile) and creates a model in modeldirectory for each model
function to parse a modeldef statement arg is a string containing the mdef statement
Create a model from the model definition in the string “lines”
Resolver mixin for Personis Access
Contains resolver methods that can be specified on an “ask” operation To add a new resolver, add the method to this class and add an entry to the self.resolverlist dictionary
resolver function used if none specified sets component value to the value from the last piece of given, goal evidence
resolver function used if none specified sets component value to the value from the last piece of given, goal evidence
The personis server
Parameters: |
|
---|
In the case that they do want the client to use personis on their behalf, we register the client in um, and redirect back to the client with a temporary authorization key. (Accessed by a user with a web browser, redirected from /logged_in)
This is the entry point for client authentication against Personis. (accessed by a user with a web browser, redirected from a client). Personis becomes an oauth2 server at this point. The session now contains the client_id but not much else. Only for oauth use. Don’t come in this way if you want to use list_clients!!
Step 2 of the oauth dance. At this point Google has said this is a known user. We then go and get more user info about them from google, save the info in a persistant store, create a model if none exists, and then ask them if they’re happy to let the client they’re using access personis on their behalf. (Accessed by the user with a web browser redirected from /authorized)
Step 1.5. This is where clients of the personis web interface enter. there is no client_id etc because personis is not being used as an oauth server.
The client (mneme) has a temporary key (see /allow) but the key has been to web browsers and back so it is not safe. It must be exchanged by the client taking to personis directly (no web browser involvement) for a real token. Tokens have expiration dates etc. (Accessed by the client (Mneme, etc) on behalf of a user.) NOTE! This should only be exported over TLS/SSL (ahem!)
Utility to run the personis server.
Parameters: |
|
---|
Functions for handling subscriptions
Uses the pyparsing module to parse and execute the subscription statement.
Run as a standalone program for testing.
Subscription statement grammar:
resolvername := ID evidencetype := ID componentval := ‘<’ [ resolvername ‘!’ ] component ‘>’ componentname := ID | componentval modelname := ‘.’ | componentname component := modelname [ ‘/’ componentname ]* cronspec := ‘[‘ QUOTEDSTRING ‘]’ item := component | QUOTEDSTRING patternmatch := item ‘~’ item tell := ‘TELL’ item ‘,’ evidencetype ‘:’ item tellchanged := ‘TELLCHANGED’ item ‘,’ evidencetype ‘:’ item notify := ‘NOTIFY’ item [item]* action := tell | tellchanged | notify statement := [ cronspec ] patternmatch ‘:’ action
Examples:
<froomBT/seen> ~ ‘.*’ : TELL <froomBT/seen>/location, <froomBT/location>” <froomBT/seen> ~ ‘.*’ : NOTIFY ‘http://www/qqq.cgi‘” <froomBT/seen> ~ ‘.*’ : TELL bob/personal/location, explicit:<froomBT/location> <bob/personal/location> ~ ‘.*’ : NOTIFY ‘http://www.it.usyd.edu.au/~bob/Personis/tst.cgi‘ [“/15 * * * *”] <bob/personal/location> ~ ‘.‘ : NOTIFY ‘http://www.it.usyd.edu.au/~bob/Personis/tst.cgi‘ <default!bob/personal/location> ~ ‘.*’ : NOTIFY ‘http://www.it.usyd.edu.au/~bob/Personis/tst.cgi‘ <default!bob/personal/location> ~ ‘.*’ : NOTIFY ‘http://www.it.usyd.edu.au/~bob/Personis/tst.cgi‘ <bobPhone/seenby> ~ ‘.*’ : TELL bobPhone/location, explicit:<<bobPhone/seenby>/location> <default!./personal/location> ~ ‘.*’ : NOTIFY ‘http://www.it.usyd.edu.au/~bob/Personis/tst.cgi?’ ‘location=’ <./personal/location> ‘&name=’ <./personal/firstname>
function to parse and execute a subscription statement takes one dictionary argument containing: user, password to be used in Access’ing the model and statement, a string containing the subscription statement