Role-based Authorization

Category: Object-Oriented Programming

Tags: classes, encapsulation, Objects

Implement a class Authorization with private attributes for roles and permissions. Include methods to grant and revoke permissions, ensuring that only valid roles can have certain permissions.

Example 1:

Input: Grant: "admin", "write" 
Output: "Permission granted"

Example 2:

Input: Grant: "user", "write"
Output: "Permission denied"

Maintain a dictionary for roles and their permissions. Check the role before granting permissions.

class Authorization:
    def __init__(self):
        self._roles = {'admin': set(), 'user': set()}

    def grant(self, role, permission):
        if role in self._roles and (role == 'admin' or permission == 'read'):
            self._roles[role].add(permission)
            return "Permission granted"
        else:
            return "Permission denied"

    def revoke(self, role, permission):
        if role in self._roles and permission in self._roles[role]:
            self._roles[role].remove(permission)

# Test the class
authorization = Authorization()
authorization.grant('admin', 'write')  # Output: Permission granted
authorization.grant('user', 'write')  # Output: Permission denied

NOTE Owing to browser caching, any code input into the Trinket IDE might carry over across page refreshes or when transitioning between different questions. To commence with a clean slate, either click on the 'Reset Button' found within the IDE's Hamburger icon (☰) menu or resort to using Chrome's Incognito Mode.

Role-based Authorization

LOGIN