apifrom.utils.permissions_policy
================================




.. py:currentmodule:: apifrom.utils.permissions_policy

Overview
--------

**Classes**

* :py:class:`PermissionsPolicy`
* :py:class:`PermissionsPolicyMiddleware`
* :py:class:`Request`
* :py:class:`Response`


**Functions**

* :py:func:`permissions_policy`





Classes
-------

.. py:class:: PermissionsPolicy(policy = None)

Class for creating and validating Permissions-Policy headers.

   The Permissions-Policy header is used to allow or deny the use of browser
   features in a document or in any embedded frames.

   Initialize the permissions policy with the given directives.

   :param policy: A dictionary mapping feature names to their allowed origins


.. :: policy
   :annotation: PolicyDict







.. method:: _validate_policy()

   Validates that all policy directives are recognized.



.. method:: add_directive(feature, value)

   Add a directive to the permissions policy.

      :param feature: The feature name
      :param value: The allowed origins or special values like "self" or "none"



.. method:: remove_directive(feature)

   Remove a directive from the permissions policy.



.. method:: to_header_value()

   Convert the policy to a string for use in the Permissions-Policy header.

      :returns: The formatted header value




.. py:class:: PermissionsPolicyMiddleware(policy = None, exempt_paths = None)

Middleware that adds Permissions-Policy headers to responses.

   Initialize the permissions policy middleware.

   :param policy: The permissions policy to apply
   :param exempt_paths: Paths that should not have the policy applied


.. :: exempt_paths




.. :: policy





.. method:: __call__(request, call_next)
      :async:

   Process the request and add the Permissions-Policy header to the response.

      :param request: The HTTP request
      :param call_next: The next middleware or endpoint handler

      :returns: The HTTP response with permissions policy headers added





.. method:: _is_exempt(request)

   Check if the request path is exempt from the permissions policy.




.. py:class:: Request(request = None, path_params = None, method = None, path = None, query_params = None, headers = None, body = None, client_ip = None)

Request class for APIFromAnything.

   This class wraps a Starlette request and provides methods for accessing
   request data in a convenient way.

   .. attribute:: _request

      The underlying Starlette request.

   .. attribute:: path_params

      Path parameters extracted from the URL.

   .. attribute:: query_params

      Query parameters extracted from the URL.

   .. attribute:: headers

      HTTP headers.

   .. attribute:: method

      HTTP method.

   .. attribute:: path

      Request path.

   .. attribute:: _body

      Cached request body.

   Initialize a new Request instance.

   :param request: The underlying Starlette request.
   :param path_params: Path parameters extracted from the URL.
   :param method: The HTTP method.
   :param path: The request path.
   :param query_params: Query parameters.
   :param headers: HTTP headers.
   :param body: Request body.
   :param client_ip: Client IP address.


















.. py:class:: Response(content = None, status_code = 200, headers = None, content_type = 'application/json')

Response class for APIFromAnything.

   This class represents an HTTP response and provides methods for setting
   response data, status code, and headers.

   .. attribute:: content

      The response content.

   .. attribute:: status_code

      The HTTP status code.

   .. attribute:: headers

      HTTP headers.

   .. attribute:: content_type

      The content type of the response.

   Initialize a new Response instance.

   :param content: The response content.
   :param status_code: The HTTP status code.
   :param headers: HTTP headers.
   :param content_type: The content type of the response.























Functions
---------

.. py:function:: permissions_policy(accelerometer = None, ambient_light_sensor = None, autoplay = None, battery = None, camera = None, display_capture = None, document_domain = None, encrypted_media = None, execution_while_not_rendered = None, execution_while_out_of_viewport = None, fullscreen = None, gamepad = None, geolocation = None, gyroscope = None, layout_animations = None, legacy_image_formats = None, magnetometer = None, microphone = None, midi = None, navigation_override = None, oversized_images = None, payment = None, picture_in_picture = None, publickey_credentials_get = None, screen_wake_lock = None, sync_xhr = None, usb = None, vr = None, wake_lock = None, web_share = None, xr_spatial_tracking = None, clipboard_read = None, clipboard_write = None, cross_origin_isolated = None, idle_detection = None, interest_cohort = None, serial = None)


Creates a permissions policy with the specified directives.

   Each directive can be set to:
   - "self": allows the feature to be used only in the same origin
   - "none": disables the feature
   - "*": allows the feature to be used in any origin
   - List of strings: specifies allowed origins for the feature

   :param accelerometer: Controls access to accelerometer sensors
   :param ambient_light_sensor: Controls access to ambient light sensors
   :param autoplay: Controls whether media can autoplay
   :param battery: Controls access to Battery Status API
   :param camera: Controls access to video input devices
   :param display_capture: Controls the ability to capture screen content
   :param document_domain: Controls use of document.domain API
   :param encrypted_media: Controls access to Encrypted Media Extensions
   :param execution_while_not_rendered: Controls execution when not rendered
   :param execution_while_out_of_viewport: Controls execution when out of viewport
   :param fullscreen: Controls the ability to use fullscreen mode
   :param gamepad: Controls access to the Gamepad API
   :param geolocation: Controls access to Geolocation API
   :param gyroscope: Controls access to gyroscope sensors
   :param layout_animations: Controls the use of layout animations
   :param legacy_image_formats: Controls use of legacy image formats
   :param magnetometer: Controls access to magnetometer sensors
   :param microphone: Controls access to audio input devices
   :param midi: Controls access to the Web MIDI API
   :param navigation_override: Controls the ability to override navigation
   :param oversized_images: Controls the loading of oversized images
   :param payment: Controls access to the Payment Request API
   :param picture_in_picture: Controls the use of picture-in-picture mode
   :param publickey_credentials_get: Controls access to WebAuthn API
   :param screen_wake_lock: Controls the Screen Wake Lock API
   :param sync_xhr: Controls synchronous XHR requests
   :param usb: Controls access to the WebUSB API
   :param vr: Controls access to VR hardware through the WebVR API
   :param wake_lock: Controls the Wake Lock API
   :param web_share: Controls the Web Share API
   :param xr_spatial_tracking: Controls access to WebXR Device API
   :param clipboard_read: Controls read access to the clipboard
   :param clipboard_write: Controls write access to the clipboard
   :param cross_origin_isolated: Controls cross-origin isolation
   :param idle_detection: Controls the Idle Detection API
   :param interest_cohort: Controls the FLoC (Federated Learning of Cohorts) API
   :param serial: Controls access to the Web Serial API

   :returns: A PermissionsPolicy instance