caps.serializers

This module provides serializer (and base serializers) for Django-Caps’ models.

** Note: we never expose internal db id to the external world as they are predictable for an attacker. Instead we refer to them using their UUID. **

class AccessSerializer(*args, **kwargs)

Bases: UUIDSerializer, Serializer

Serializer for Access.

Implemented as simple Serializer, since the corresponding models are generated based on concrete models.object.Owned.

class Meta

Bases: object

fields = ['id', 'origin', 'emitter', 'receiver', 'expiration', 'grants']

read_only_fields = ['id', 'origin', 'emitter', 'receiver', 'expiration', 'grants']

get_emitter(obj)

get_origin(obj)

get_receiver(obj)

class AgentSerializer(*args, **kwargs)

Bases: UUIDSerializer, ModelSerializer

Serializer for Agent.

class Meta

Bases: object

fields = ['id', 'user', 'group', 'name']

model

alias of Agent

get_name(obj)

name

Provided fields for utility

class OwnedSerializer(*args, **kwargs)

Bases: UUIDSerializer, ModelSerializer

Base serializer for Owned.

When the owned object has access set, it will use the access’ uuid as id. This happens for example when it is fetched from database using the access() method.

It is highly recommanded to set the user’s agent and agents in the serializer context (implemented API view already does it for you). This allows validation of the owner.

class Meta

Bases: object

fields = ['access']

read_only_fields = ['access', 'uuid']

access

Access

get_id(obj)

Get uuid from obj.access if present.

validate(data)

validate_owner(value)

Parameters:

value (Agent)

class ShareSerializer(*args, **kwargs)

Bases: Serializer

This serializer is used to deserialize requests to derive a Access (share()).

validate_receiver(value)