ACL management support.

[astryia]

In Chef 12 every object have permissions list associated with it.
I've introduced a class which should help to manage object permissions.

Acl class provides access to the Acl in the Chef 12.

Acl(object_type, name, api, skip_load=False)

• object_type - type of the Chef object. Can be one of the following value: "clients", "containers", "cookbooks", "data", "environments", "groups", "nodes", "roles"
• name - name of the Chef object (e.g. node name)
• api - object of the ChefAPI class, configured to work with Chef server
• skip_load - is skip_load is False, new object will be initialized with current Acl settings of the specified object

from chef import ChefAPI
from chef import Acl

api = ChefAPI('http://chef.com:4000', 'chef-developer.pem', 'chef-developer', '12.0.0')
acl = Acl('nodes', 'i-022fcb0d', api)

Each object of the Acl class contains the following properties:
create, read, update, delete, grant
each property represents corresponding access rights to the Chef object.
each property contains the following fields :

• actors - list of the users, which have corresponding permissions
• groups - list of the groups, which have corresponding permissions

print acl.update.groups
>>> ['admins', 'clients']

Each object of the class Acl contains the following methods:

• reload() - reload current Acls from the Chef server
• save() - save updated Acl object to the Chef server
• is_supported() - return true if current Api version supports work with Acls

from chef import ChefAPI
from chef import Acl

api = ChefAPI('http://chef.com:4000', 'chef-developer.pem', 'chef-developer', '12.0.0')
acl = Acl('nodes', 'i-022fcb0d', api)
print acl.update.groups
>>> ['admins']
acl.update.groups.append('clients')
acl.save()
acl.reload()
print acl.update.groups
>>> ['admins', 'clients']

Also, I've added get_acl() method to each class which represents Chef object

from chef import ChefAPI
from chef import Node

api = ChefAPI('http://chef.com:4000', 'chef-developer.pem', 'chef-developer', '12.0.0')
node = Node('i-022fcb0d', api)
acl = node.get_acl()
print acl.read.groups
>>> ['admins']
acl.save()

Note about versions
Chef server with version < 12 doesn't have Acl endpoint, so, I've introduced method is_supported() for Acl class.
This method check if api version is greater than 12.
So you should pass valid Chef server version to the ChefAPI constructor

api = ChefAPI('http://chef.com:4000', 'chef-developer.pem', 'chef-developer', '12.0.0')
acl = Acl('nodes', 'i-022fcb0d', api)
print acl.is_supported()
>>> True

api = ChefAPI('http://chef.com:4000', 'chef-developer.pem', 'chef-developer', '11.2.0')
acl = Acl('nodes', 'i-022fcb0d', api)
print acl.is_supported()
>>> False

But if you pass string '12.0.0' when actual Chef server version is 11.2, you will receive an error when you try to build Acl object.