AuthZ | Python SDK

AuthZ client

AuthZ(token, config, logger_name, config_id)

Initializes a new AuthZ client.

required parameters

token

str

Pangea API token.

optional parameters

config

PangeaConfig | None

Configuration.

logger_name

str

Logger name.

config_id

str | None

Configuration ID.

config = PangeaConfig(domain="aws.us.pangea.cloud")
authz = AuthZ(token="pangea_token", config=config)

Perform a check request.

AuthZ.check(resource, action, subject, debug, attributes)

Check if a subject has permission to perform an action on the resource.

required parameters

resource

Resource

The resource to check.

action

str

The action to check.

subject

Subject

The subject to check.

optional parameters

debug

Optional[bool]

Setting this value to True will provide a detailed analysis of the check.

attributes

Optional[Dict[str, Any]]

Additional attributes for the check.

Response Object

Pangea Response with the result of the check. Available response fields can be found in our API Documentation.

response = authz.check(
    resource=Resource(type="file", id="file_1"),
    action="update",
    subject=Subject(type="user", id="user_1"),
    debug=True,
)

Download file

AuthZ.download_file(url, filename)

Download a file from the specified URL and save it with the given filename.

required parameters

url

str

URL of the file to download

optional parameters

filename

str | None

Name to save the downloaded file as. If not provided, the filename will be determined from the Content-Disposition header or the URL.

List resources.

AuthZ.list_resources(type, action, subject, attributes)

Given a type, action, and subject, list all the resources in the type that the subject has access to the action with.

required parameters

type

str

The type to filter resources.

action

str

The action to filter resources.

subject

Subject

The subject to filter resources.

optional parameters

attributes

Optional[Dict[str, Any]]

A JSON object of attribute data.

Response Object

Pangea Response with a list of resource IDs. Available response fields can be found in our API Documentation.

authz.list_resources(
    type="file",
    action="update",
    subject=Subject(type="user", id="user_1"),
)

List subjects.

AuthZ.list_subjects(resource, action, attributes)

Given a resource and an action, return the list of subjects who have access to the action for the given resource.

required parameters

resource

Resource

The resource to filter subjects.

action

str

The action to filter subjects.

optional parameters

attributes

Optional[Dict[str, Any]]

A JSON object of attribute data.

Response Object

Pangea Response with a list of subjects. Available response fields can be found in our API Documentation.

response = authz.list_subjects(
    resource=Resource(type="file", id="file_1"),
    action="update",
)

Poll result

AuthZ.poll_result(exception)

Returns request's result that has been accepted by the server

optional parameters

exception

Optional[AcceptedRequestException]

Exception that was previously raised by the SDK on a call that is being processed.

Response Object

PangeaResponse

response = service.poll_result(exception)

Create tuples.

AuthZ.tuple_create(tuples)

Create tuples in the AuthZ Service. The request will fail if there is no schema or the tuples do not validate against the schema.

required parameters

tuples

List[Tuple]

List of tuples to be created.

Response Object

Pangea Response with empty result. Available response fields can be found in our API Documentation.

response = authz.tuple_create(
    tuples=[
        Tuple(
            resource=Resource(type="file", id="file_1"),
            relation="owner",
            subject=Subject(type="user", id="user_1"),
        )
    ]
)

Delete tuples.

AuthZ.tuple_delete(tuples)

Delete tuples in the AuthZ Service.

required parameters

tuples

List[Tuple]

List of tuples to be deleted.

Response Object

Pangea Response with empty result. Available response fields can be found in our API Documentation.

response = authz.tuple_delete(
    tuples=[
        Tuple(
            resource=Resource(type="file", id="file_1"),
            relation="owner",
            subject=Subject(type="user", id="user_1"),
        )
    ]
)

List tuples.

AuthZ.tuple_list(filter, size, last, order, order_by)

Return a paginated list of filtered tuples. The filter is given in terms of a tuple. Fill out the fields that you want to filter. If the filter is empty it will return all the tuples.

required parameters

filter

TupleListFilter

The filter for listing tuples.

optional parameters

size

Optional[int]

The size of the result set. Default is None.

last

Optional[str]

The last token from a previous response. Default is None.

order

Optional[ItemOrder]

Order results asc(ending) or desc(ending).

order_by

Optional[TupleOrderBy]

Which field to order results by.

Response Object

Pangea Response with a list of tuples and the last token. Available response fields can be found in our API Documentation.

authz.tuple_list(TupleListFilter(subject_type="user", subject_id="user_1"))