Skip to main content

AuthZ | Python SDK

AuthZ client

AuthZ(token, config, logger_name, config_id)

Initializes a new AuthZ client.

str

Pangea API token.

PangeaConfig | None

Configuration.

str

Logger name.

str | None

Configuration ID.

config = PangeaConfig(domain="aws.us.pangea.cloud")
authz = AuthZ(token="pangea_token", config=config)

Perform a check request.

AuthZ.check(resource, action, subject, debug, attributes)

Check if a subject has permission to perform an action on the resource.

Resource

The resource to check.

str

The action to check.

Subject

The subject to check.

Optional[bool]

Setting this value to True will provide a detailed analysis of the check.

Optional[Dict[str, Any]]

Additional attributes for the check.

Pangea Response with the result of the check. Available response fields can be found in our API Documentation.

response = authz.check(
    resource=Resource(type="file", id="file_1"),
    action="update",
    subject=Subject(type="user", id="user_1"),
    debug=True,
)

Download file

AuthZ.download_file(url, filename)

Download a file from the specified URL and save it with the given filename.

str

URL of the file to download

str | None

Name to save the downloaded file as. If not provided, the filename will be determined from the Content-Disposition header or the URL.

List resources.

AuthZ.list_resources(type, action, subject, attributes)

Given a type, action, and subject, list all the resources in the type that the subject has access to the action with.

str

The type to filter resources.

str

The action to filter resources.

Subject

The subject to filter resources.

Optional[Dict[str, Any]]

A JSON object of attribute data.

Pangea Response with a list of resource IDs. Available response fields can be found in our API Documentation.

authz.list_resources(
    type="file",
    action="update",
    subject=Subject(type="user", id="user_1"),
)

List subjects.

AuthZ.list_subjects(resource, action, attributes)

Given a resource and an action, return the list of subjects who have access to the action for the given resource.

Resource

The resource to filter subjects.

str

The action to filter subjects.

Optional[Dict[str, Any]]

A JSON object of attribute data.

Pangea Response with a list of subjects. Available response fields can be found in our API Documentation.

response = authz.list_subjects(
    resource=Resource(type="file", id="file_1"),
    action="update",
)

Poll result

AuthZ.poll_result(exception)

Returns request's result that has been accepted by the server

Optional[AcceptedRequestException]

Exception that was previously raised by the SDK on a call that is being processed.

PangeaResponse

response = service.poll_result(exception)

Create tuples.

AuthZ.tuple_create(tuples)

Create tuples in the AuthZ Service. The request will fail if there is no schema or the tuples do not validate against the schema.

List[Tuple]

List of tuples to be created.

Pangea Response with empty result. Available response fields can be found in our API Documentation.

response = authz.tuple_create(
    tuples=[
        Tuple(
            resource=Resource(type="file", id="file_1"),
            relation="owner",
            subject=Subject(type="user", id="user_1"),
        )
    ]
)

Delete tuples.

AuthZ.tuple_delete(tuples)

Delete tuples in the AuthZ Service.

List[Tuple]

List of tuples to be deleted.

Pangea Response with empty result. Available response fields can be found in our API Documentation.

response = authz.tuple_delete(
    tuples=[
        Tuple(
            resource=Resource(type="file", id="file_1"),
            relation="owner",
            subject=Subject(type="user", id="user_1"),
        )
    ]
)

List tuples.

AuthZ.tuple_list(filter, size, last, order, order_by)

Return a paginated list of filtered tuples. The filter is given in terms of a tuple. Fill out the fields that you want to filter. If the filter is empty it will return all the tuples.

TupleListFilter

The filter for listing tuples.

Optional[int]

The size of the result set. Default is None.

Optional[str]

The last token from a previous response. Default is None.

Optional[ItemOrder]

Order results asc(ending) or desc(ending).

Optional[TupleOrderBy]

Which field to order results by.

Pangea Response with a list of tuples and the last token. Available response fields can be found in our API Documentation.

authz.tuple_list(TupleListFilter(subject_type="user", subject_id="user_1"))