From 7522a8eb4232a4fcb03c1af41b70e3f9c25702ca Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Tue, 22 Jul 2025 17:03:37 -0500
Subject: Begin working on simple DSL for privileges checking.

---
 gn_libs/privileges.py | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 gn_libs/privileges.py

(limited to 'gn_libs')

diff --git a/gn_libs/privileges.py b/gn_libs/privileges.py
new file mode 100644
index 0000000..47cb735
--- /dev/null
+++ b/gn_libs/privileges.py
@@ -0,0 +1,28 @@
+"""Utilities for handling privileges."""
+from typing import Union, TypeAlias
+
+PrivilegesList = tuple[str, ...]
+CheckObj = tuple[str, PrivilegesList] # where the first item is either "OR" or "AND"
+Checks: TypeAlias = Union[
+    CheckObj,
+    tuple[str, tuple['Checks', ...]]]
+
+
+class SpecificationValueError(ValueError):
+    """Raised when there is an error in the specification string."""
+    pass
+
+
+def parse(spec: str) -> Checks:
+    """Parse a string specification for privileges and return a tree of data
+    objects of the form (<operator> (<check>))"""
+    # if(spec.strip() == ""):
+    #     raise SpecificationValueError(
+    #         "You passed an empty specification. I do not know what to do.")
+
+    return tuple()
+
+
+def check(spec: str, privileges: tuple[str, ...]) -> bool:
+    """Check that the sequence of `privileges` satisfies `spec`."""
+    return False
-- 
cgit 1.4.1