Hugging Face's logo

sundaycoil
/
access-control-manager

Model card Files
xet
 Community
access-control-manager
File size: 2,684 Bytes
641a3ab
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
"""Access Control Manager — Permission service layer."""
from __future__ import annotations

import logging
from typing import Any, Dict, List, Optional

logger = logging.getLogger(__name__)


class AccessProcessor:
    """Business-logic service for Permission operations in Access Control Manager."""

    def __init__(
        self,
        repo: Any,
        events: Optional[Any] = None,
    ) -> None:
        self._repo   = repo
        self._events = events
        logger.debug("AccessProcessor started")

    def assign(
        self, payload: Dict[str, Any]
    ) -> Dict[str, Any]:
        """Execute the assign workflow for a new Permission."""
        if "action" not in payload:
            raise ValueError("Missing required field: action")
        record = self._repo.insert(
            payload["action"], payload.get("expires_at"),
            **{k: v for k, v in payload.items()
              if k not in ("action", "expires_at")}
        )
        if self._events:
            self._events.emit("permission.assignd", record)
        return record

    def grant(self, rec_id: str, **changes: Any) -> Dict[str, Any]:
        """Apply *changes* to a Permission and emit a change event."""
        ok = self._repo.update(rec_id, **changes)
        if not ok:
            raise KeyError(f"Permission {rec_id!r} not found")
        updated = self._repo.fetch(rec_id)
        if self._events:
            self._events.emit("permission.grantd", updated)
        return updated

    def revoke(self, rec_id: str) -> None:
        """Remove a Permission and emit a removal event."""
        ok = self._repo.delete(rec_id)
        if not ok:
            raise KeyError(f"Permission {rec_id!r} not found")
        if self._events:
            self._events.emit("permission.revoked", {"id": rec_id})

    def search(
        self,
        action: Optional[Any] = None,
        status: Optional[str] = None,
        limit:  int = 50,
    ) -> List[Dict[str, Any]]:
        """Search permissions by *action* and/or *status*."""
        filters: Dict[str, Any] = {}
        if action is not None:
            filters["action"] = action
        if status is not None:
            filters["status"] = status
        rows, _ = self._repo.query(filters, limit=limit)
        logger.debug("search permissions: %d hits", len(rows))
        return rows

    @property
    def stats(self) -> Dict[str, int]:
        """Quick summary of Permission counts by status."""
        result: Dict[str, int] = {}
        for status in ("active", "pending", "closed"):
            _, count = self._repo.query({"status": status}, limit=0)
            result[status] = count
        return result