gn_libs/privileges/system.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

"""Checks for privileges for system-level actions."""
import logging
from functools import partial

from .authspec import check


logger = logging.getLogger(__name__)


def can_link_data(system_privileges: tuple[str, ...]) -> bool:
    """Check whether user is allowed to link data to user groups."""
    return check("(AND system:data:link-to-group)", system_privileges)


def can_masquerade(system_privileges: tuple[str, ...]) -> bool:
    """Check whether the user is allowed to masquerade as a different user."""
    return check("(AND system:user:masquerade)", system_privileges)