Skip to content

Permissions

synapseclient.Permissions dataclass

The permission a user has for a given Entity. The set of permissoins is a calculation based several factors including the permission granted by the Entity's ACL and the User's group membership.

ATTRIBUTE DESCRIPTION
can_view

Can the user view this entity?

can_edit

Can the user edit this entity?

can_move

(Read Only) Can the user move this entity by changing its parentId?

can_add_child

Can the user add a child entity to this entity?

can_certified_user_edit

(Read Only) Can the user edit this entity once they become a Certified User?

can_certified_user_add_child

(Read Only) Can the user add a child entity to this entity once they become a Certified User?

is_certified_user

(Read Only) True, if the user has passed the user certification quiz.

can_change_permissions

Can the user change the permissions of this entity?

can_change_settings

Can the user change the settings of this entity?

can_delete

Can the user delete this entity?

can_download

Are there any access requirements precluding the user from downloading this entity?

can_upload

(Read Only) Are there any access requirements precluding the user from uploading into this entity (folder or project)?

can_enable_inheritance

(Read Only) Can the user delete the entity's access control list (so it inherits settings from an ancestor)?

owner_principal_id

(Read Only) The principal ID of the entity's owner (i.e. the entity's 'createdBy').

can_public_read

(Read Only) Is this entity considered public?

can_moderate

Can the user moderate the forum associated with this entity? Note that only project entity has forum.

is_certification_required

(Read Only) Is the certification requirement enabled for the project of the entity?

is_entity_open_data

(Read Only) Returns true if the Entity's DateType equals 'OPEN_DATA', indicating that the data is safe to be released to the public.

Source code in synapseclient/core/models/permission.py
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
@dataclass
class Permissions:
    """
    The permission a user has for a given Entity. The set of permissoins is a calculation
    based several factors including the permission granted by the Entity's ACL and the
    User's group membership.


    Attributes:
        can_view : Can the user view this entity?
        can_edit : Can the user edit this entity?
        can_move : (Read Only) Can the user move this entity by changing its parentId?
        can_add_child : Can the user add a child entity to this entity?
        can_certified_user_edit : (Read Only) Can the user edit this entity once they become a Certified User?
        can_certified_user_add_child : (Read Only) Can the user add a child entity to this entity once they become
            a Certified User?
        is_certified_user : (Read Only) True, if the user has passed the user certification quiz.
        can_change_permissions : Can the user change the permissions of this entity?
        can_change_settings : Can the user change the settings of this entity?
        can_delete : Can the user delete this entity?
        can_download : Are there any access requirements precluding the user from downloading this entity?
        can_upload : (Read Only) Are there any access requirements precluding the user from uploading into this entity
            (folder or project)?
        can_enable_inheritance : (Read Only) Can the user delete the entity's access control list (so it inherits
            settings from an ancestor)?
        owner_principal_id : (Read Only) The principal ID of the entity's owner (i.e. the entity's 'createdBy').
        can_public_read : (Read Only) Is this entity considered public?
        can_moderate : Can the user moderate the forum associated with this entity?
            Note that only project entity has forum.
        is_certification_required : (Read Only) Is the certification requirement enabled for the project of the entity?
        is_entity_open_data : (Read Only) Returns true if the Entity's DateType equals 'OPEN_DATA', indicating that the
            data is safe to be released to the public.
    """

    can_view: Optional[bool] = None
    """Can the user view this entity?"""

    can_edit: Optional[bool] = None
    """Can the user edit this entity?"""

    can_move: Optional[bool] = None
    """(Read Only) Can the user move this entity by changing its parentId?"""

    can_add_child: Optional[bool] = None
    """Can the user add a child entity to this entity?"""

    can_certified_user_edit: Optional[bool] = None
    """(Read Only) Can the user edit this entity once they become a Certified User?"""

    can_certified_user_add_child: Optional[bool] = None
    """(Read Only) Can the user add a child entity to this entity once they become a Certified User?"""

    is_certified_user: Optional[bool] = None
    """(Read Only) True, if the user has passed the user certification quiz."""

    can_change_permissions: Optional[bool] = None
    """Can the user change the permissions of this entity?"""

    can_change_settings: Optional[bool] = None
    """Can the user change the settings of this entity?"""

    can_delete: Optional[bool] = None
    """Can the user delete this entity?"""

    can_download: Optional[bool] = None
    """Are there any access requirements precluding the user from downloading this entity?"""

    can_upload: Optional[bool] = None
    """(Read Only) Are there any access requirements precluding the user
    from uploading into this entity (folder or project)?"""

    can_enable_inheritance: Optional[bool] = None
    """(Read Only) Can the user delete the entity's access control list (so it inherits settings from an ancestor)?"""

    owner_principal_id: Optional[int] = None
    """(Read Only) The principal ID of the entity's owner (i.e. the entity's 'createdBy')."""

    can_public_read: Optional[bool] = None
    """(Read Only) Is this entity considered public?"""

    can_moderate: Optional[bool] = None
    """Can the user moderate the forum associated with this entity? Note that only project entity has forum."""

    is_certification_required: Optional[bool] = None
    """(Read Only) Is the certification requirement enabled for the project of the entity?"""

    is_entity_open_data: Optional[bool] = None
    """(Read Only) Returns true if the Entity's DateType equals 'OPEN_DATA',
    indicating that the data is safe to be released to the public."""

    @classmethod
    def from_dict(cls, data: Dict[str, bool]) -> "Permissions":
        """Convert a data dictionary to an instance of this dataclass

        Arguments:
            data: a data dictionary of the
                [UserEntityPermissions](https://rest-docs.synapse.org/rest/org/sagebionetworks/repo/model/auth/UserEntityPermissions.html)

        Returns:
            A Permission object
        """

        return cls(
            can_view=data["canView"],
            can_edit=data["canEdit"],
            can_move=data["canMove"],
            can_add_child=data["canAddChild"],
            can_certified_user_edit=data["canCertifiedUserEdit"],
            can_certified_user_add_child=data["canCertifiedUserAddChild"],
            is_certified_user=data["isCertifiedUser"],
            can_change_permissions=data["canChangePermissions"],
            can_change_settings=data["canChangeSettings"],
            can_delete=data["canDelete"],
            can_download=data["canDownload"],
            can_upload=data["canUpload"],
            can_enable_inheritance=data["canEnableInheritance"],
            owner_principal_id=data["ownerPrincipalId"],
            can_public_read=data["canPublicRead"],
            can_moderate=data["canModerate"],
            is_certification_required=data["isCertificationRequired"],
            is_entity_open_data=data["isEntityOpenData"],
        )

    @property
    def access_types(self) -> List[str]:
        """
        Determine from the permissions set on this object what the access types are.

        Returns:
            A list of access type strings for this object based off of what permissions are set.


        Example: Using this property
            A permission that has nothing set

                no_permissions = Permissions()
                print(no_permissions.access_types)
                # Prints: []

            A permission that has can_view set to True and nothing else set

                read_permission = Permissions()
                read_permission.can_view = True
                print(read_permission.access_types)
                # Prints: ['READ']

            Special Case: a permission that has can_view set to True and nothing else set on an entity created by you.
            CHANGE_SETTINGS is bound to ownerId. Since the entity is created by you,
            the CHANGE_SETTINGS will always be True.

                read_permission = Permissions()
                read_permission.can_view = True
                print(read_permission.access_types)
                # Prints: ['READ','CHANGE_SETTINGS']

            A permission that has can_view and can_edit set to True and nothing else set

                read_write_permission = Permissions()
                read_write_permission.can_view = True
                read_write_permission.can_edit = True
                print(read_write_permission.access_types)
                # Prints: ['READ', 'UPDATE']
        """

        access_types = []
        if self.can_view:
            access_types.append("READ")
        if self.can_edit:
            access_types.append("UPDATE")
        if self.can_add_child:
            access_types.append("CREATE")
        if self.can_delete:
            access_types.append("DELETE")
        if self.can_download:
            access_types.append("DOWNLOAD")
        if self.can_moderate:
            access_types.append("MODERATE")
        if self.can_change_permissions:
            access_types.append("CHANGE_PERMISSIONS")
        if self.can_change_settings:
            access_types.append("CHANGE_SETTINGS")
        return access_types

Attributes

access_types property

access_types: List[str]

Determine from the permissions set on this object what the access types are.

RETURNS DESCRIPTION
List[str]

A list of access type strings for this object based off of what permissions are set.

Using this property

A permission that has nothing set

no_permissions = Permissions()
print(no_permissions.access_types)
# Prints: []

A permission that has can_view set to True and nothing else set

read_permission = Permissions()
read_permission.can_view = True
print(read_permission.access_types)
# Prints: ['READ']

Special Case: a permission that has can_view set to True and nothing else set on an entity created by you. CHANGE_SETTINGS is bound to ownerId. Since the entity is created by you, the CHANGE_SETTINGS will always be True.

read_permission = Permissions()
read_permission.can_view = True
print(read_permission.access_types)
# Prints: ['READ','CHANGE_SETTINGS']

A permission that has can_view and can_edit set to True and nothing else set

read_write_permission = Permissions()
read_write_permission.can_view = True
read_write_permission.can_edit = True
print(read_write_permission.access_types)
# Prints: ['READ', 'UPDATE']

Functions

from_dict classmethod

from_dict(data: Dict[str, bool]) -> Permissions

Convert a data dictionary to an instance of this dataclass

PARAMETER DESCRIPTION
data

a data dictionary of the UserEntityPermissions

TYPE: Dict[str, bool]

RETURNS DESCRIPTION
Permissions

A Permission object

Source code in synapseclient/core/models/permission.py
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
@classmethod
def from_dict(cls, data: Dict[str, bool]) -> "Permissions":
    """Convert a data dictionary to an instance of this dataclass

    Arguments:
        data: a data dictionary of the
            [UserEntityPermissions](https://rest-docs.synapse.org/rest/org/sagebionetworks/repo/model/auth/UserEntityPermissions.html)

    Returns:
        A Permission object
    """

    return cls(
        can_view=data["canView"],
        can_edit=data["canEdit"],
        can_move=data["canMove"],
        can_add_child=data["canAddChild"],
        can_certified_user_edit=data["canCertifiedUserEdit"],
        can_certified_user_add_child=data["canCertifiedUserAddChild"],
        is_certified_user=data["isCertifiedUser"],
        can_change_permissions=data["canChangePermissions"],
        can_change_settings=data["canChangeSettings"],
        can_delete=data["canDelete"],
        can_download=data["canDownload"],
        can_upload=data["canUpload"],
        can_enable_inheritance=data["canEnableInheritance"],
        owner_principal_id=data["ownerPrincipalId"],
        can_public_read=data["canPublicRead"],
        can_moderate=data["canModerate"],
        is_certification_required=data["isCertificationRequired"],
        is_entity_open_data=data["isEntityOpenData"],
    )