You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Context
For more flexible management of telegram bot users and their rights to the bot, it is necessary to expand user attributes, add additional methods for working with these attributes and rewrite existing class methods for a new model.
add a rate limit check method for an account: if rl is applied, return the end time, if not applied, none
the rights check method should accept user_id and role_name as input: return allowed if user_id contains role_name and denied if not
for the convenience of using the module by bots, select an entry point in a separate method that will immediately call all three methods: authentication(), authorization(), rl_controller() - aggregate the responses of these methods into a single dictionary and give in the response
if the authorization of the role and user was successful, write +1 request to the request counter
if the incoming role is startup, the rate limit counter should not be taken into account
if the hourly rate_limit + random_shift_minutes has expired, reset the hourly rate_limit counter
…w module concept (#24)
### What's Changed
**Full Changelog**: v1.0.5...v2.0.0 by @obervinov in #24
#### 📚 Documentation
* (Users:v2 expand access rights and user attributes)[#21]
* (Improvements to the Vault dependency )[#27]
#### 💥 Breaking Changes
* (Users:v2 expand access rights and user attributes)[#21]
* (Deprecate outdated class and methods users:v1)[#26]
#### 🚀 Features
* (Update template workflow to v1.0.5)[#23]
* (Users:v2 expand access rights and user attributes)[#21]
* (Improvements to the Vault dependency )[#27]
Context
For more flexible management of telegram bot users and their rights to the bot, it is necessary to expand user attributes, add additional methods for working with these attributes and rewrite existing class methods for a new model.
Data structure requirements
Requirements
the end time
, if not applied,none
user_id
androle_name
as input: returnallowed
if user_id contains role_name anddenied
if notauthentication()
,authorization()
,rl_controller()
- aggregate the responses of these methods into a single dictionary and give in the responseauthorization
of the role and user was successful, write +1 request to the request counterData structure in vault
For configuration:
configuration/users/{user_id}:status
->authentication()
configuration/users/{user_id}:roles
->authorization()
configuration/users/{user_id}:requests
->rl_controller()
For dynamic data:
data/users/{user_id}:requests_counters
->rl_controller()
data/users/{user_id}:rate_limits
->rl_controller()
data/users/{user_id}:authorization
->authorization()
data/users/{user_id}:authentication
->authentication()
New methods:
user_access_check()
- an entry point that aggregates function calls and responses for unification and ease of use in bots.authentication()
- method for checking user access rights to the botauthorization()
- method for checking access rights to a specific bot functionality (assigning roles)rl_controller()
- method for implementing request accounting and request rate limiting in the context of usersDocumentation:
The text was updated successfully, but these errors were encountered: