Tooling & docs for implementing our auth policy


flexmeasures.auth.policy.check_access(context: AuthModelMixin, permission: str)

Check if current user can access this auth context if this permission is required, either with admin rights or principal(s).

Raises 401 or 403 otherwise.

flexmeasures.auth.policy.check_account_membership(user, principal: str) bool
flexmeasures.auth.policy.check_account_role(user, principal: str) bool
flexmeasures.auth.policy.check_user_identity(user, principal: str) bool
flexmeasures.auth.policy.check_user_role(user, principal: str) bool
flexmeasures.auth.policy.user_has_admin_access(user, permission: str) bool
flexmeasures.auth.policy.user_matches_principals(user, principals: str | Tuple[str] | List[str | Tuple[str]]) bool

Tests if the user matches all passed principals. Returns False if no principals are passed.


class flexmeasures.auth.policy.AuthModelMixin