Description
Feature:
It would have been useful to have a relevant method that will return a True/False in access manager to check easily a given user's access level on an object (data objects, collections?). Say I have an object and the user A has the "read" access on it and the group A (the user A is member of) has the "own" access. In order to know whether the user A has the "own" access I need to query the group A. If there are more group based permissions available, then I need to query each of them. Also I need to check the user name's access level.
what is needed might be something like:
session.acls.check_user_acl("bob", "own", "path/to/object")
I have this solution below for a specific need, but I think it might be useful to have a functionality that will work for each access type and for each entity.
access_rights = []
with iRODSSession(**zone_environment, password=password) as session:
obj = session.data_objects.get(object_path)
for acl in session.acls.get(obj):
if acl.access_name == "own":
if acl.user_name == g.irods_session.user.name:
access_rights.append(acl.access_name)
if acl.user_type == "rodsgroup":
group = session.groups.get(acl.user_name)
for user in group.members:
if user.name == g.irods_session.user.name:
access_rights.append(acl.access_name)
return True if "own" in access_rights else False