stat.S_ISUID: Set user ID on execution.
stat.S_ISGID: Set group ID on execution.
stat.S_ENFMT: Record locking enforced.
stat.S_ISVTX: Save text image after execution.
stat.S_IREAD: Read by owner.
stat.S_IWRITE: Write by owner.
stat.S_IEXEC: Execute by owner.
stat.S_IRWXU: Read, write, and execute by owner.
stat.S_IRUSR: Read by owner.
stat.S_IWUSR: Write by owner.
stat.S_IXUSR: Execute by owner.
stat.S_IRWXG: Read, write, and execute by group.
stat.S_IRGRP: Read by group.
stat.S_IWGRP: Write by group.
stat.S_IXGRP: Execute by group.
stat.S_IRWXO: Read, write, and execute by others.
stat.S_IROTH: Read by others.
stat.S_IWOTH: Write by others.
stat.S_IXOTH: Execute by others.
2、语法:
os.chmod(path, mode)
3、参数:
path: This is the path for which mode would be set.
mode: This may take one of the above mentioned values or bitwise ORedcombinations of them:
Python内置方法实现访问权限控制:方法中使用了Simple RBAC 库和 Python 内置的 Powerful AOP Support ,完成了实现访问权限的控制效果。#!/usr/bin/env python
#-*- coding:utf-8 -*-
import rbac.acl
import rbac.context
import myapp
#: 建立访问规则注册表和用户标识上下文
acl = rbac.acl.Registry()
identity = rbac.context.IdentityContext(acl)
#: 注册角色
acl.add_role("everyone")
acl.add_role("editor", ["everyone"])
acl.add_role("admin", ["everyone"])
#: 注册资源
acl.add_resource("post")
acl.add_resource("blog-post", ["post"])
acl.add_resource("blog-post:10001", ["blog-post"])
#: 规则断言www.iplaypy.com
def assert_is_author(acl, role, op, res):
"""检查 blog-post 类型的资源是否属于当前用户所有.
若一个规则的断言返回 False, 权限检查时视为这条规则不存在.
"""
#: 对资源标识不属于 blog-post 的, 断言无效
if not isinstance(res, basestring):
return False
#: 分割形如 "blog-post:10001" 的资源标识
splited = res.split(":", 1)
#: 对资源标识不属于 blog-post 的, 断言无效
if len(splited) != 2 or splited[0] != "blog-post":
return False
#: 取出资源对应的模型
blog_post = myapp.get_blog_post_by_id(splited[1])
#: 断言是否生效取决于博文的作者是否是当前用户
return blog_post.author == myapp.get_current_user()
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)