nvflare.security.security module¶
- class Action[source]¶
Bases:
object
- BYOC = 'byoc'¶
- CUSTOM_DATALIST = 'custom_datalist'¶
- DEPLOY = 'deploy'¶
- OPERATE = 'operate'¶
- TRAIN = 'train'¶
- UPLOAD = 'upload'¶
- VIEW = 'view'¶
- class EmptyAuthorizer[source]¶
Bases:
Authorizer
Base class containing the authorization policy.
- class FLAuthorizer[source]¶
Bases:
Authorizer
System-wide authorization class.
Examine if a user has certain rights on a specific site based on authorization.json file.
- authorize(ctx: FLAuthzContext)[source]¶
- evaluate_user_right_on_site(right_name: str, user_name: str, site_name: str)[source]¶
Check whether a user has a right in an org.
Superuser has all rights in all orgs.
- Parameters
right_name – right to be evaluated
user_name – user to be evaluated against
site_name – the org
- Returns
A tuple of (result, error).
result: True/False for bool type right; Int number for int rule; None if error occurred during evaluation
error: Error occurred during evaluation
- class FLAuthzContext(user_name: str, site_names: List[str], actions: List[str])[source]¶
Bases:
AuthzContext
System-wide authorization context.
Information about the authorization, such as roles, users, sites and actions
- Parameters
user_name (str) – user name
site_names (List[str]) – all the sites to be checked
actions (List[str]) – associated actions
- class Right[source]¶
Bases:
object
- DEPLOY_ALL = 'deploy_all'¶
- DEPLOY_SELF = 'deploy_self'¶
- OPERATE_ALL = 'operate_all'¶
- OPERATE_SELF = 'operate_self'¶
- TRAIN_ALL = 'train_all'¶
- TRAIN_SELF = 'train_self'¶
- UPLOAD_APP = 'upload_app'¶
- VIEW_ALL = 'view_all'¶
- VIEW_SELF = 'view_self'¶