AccessSystem.py

from datetime import datetime, time

ROLES = ["Regular_Client", "Premium_Client", "Teller", "Investment_Analyst", "Financial_Advisor", "Financial_Planner", "Compliance_Officer", "Technical_Support"]

def checkAccess(userRole):
    """
    Check if a user has access into the system based on their role.
    @param userRole: the role of the user.
    @return true if they have access, false otherwise.
    """
    # if the user is a teller, check if they have access
    if(userRole.lower() == "teller"):
        currentTime = datetime.now().time()
        startTime = time(9, 0)
        endTime = time(17, 0)
        return (startTime <= currentTime and currentTime < endTime)
    # if the user's role is a valid role, besides a teller, grant them access
    else:
        for role in ROLES:
            if(userRole.lower() == role.lower()):
                return True
    return False # if the user role is invalid, deny access

def getAccessControlMatrix():
    """
    Get the access control matrix.
    @return a two-dimensional array of each role's permissions.
    """
    acm = []
    acm.append(["ROLE", "AccBalanceAccess", "PortAccess", "FinAdrContactAccess", "FinPlrContactAccess", "InvAnlContactAccess", "CltAccAccess", "CltAccBlcAccess", "CltPortAccess", "DervTradAccess", "IntInstrumentAccess", "MnyMktInstrumentAccess", "PrvConsInstrumentAccess", "VldPortMod"])

    for role in ROLES:
        acm.append(getRoleAccess(role))
    return acm

def getRoleAccess(role):
    """
    Get the permissions allowed for each role.
    @param role: the role to get permissions for.
    @return an array of the role's permissions.
    """
    # all the default permissions for clients
    accountBalanceAccess = "-"
    portfolioAccess = "-"
    financialAdvisorContactAccess = "-"
    financialPlannerContactAccess = "-"
    investmentAnalystContactAccess = "-"

    # all the default permissions for employees
    clientAccountAccess = "-"
    clientAccountBalanceAccess = "-"
    clientPortfolioAccess = "-"
    derivativesTradingAccess = "-"
    interestInstrumentAccess = "-"
    moneyMarketInstrumentAccess = "-"
    privateConsumerInstrumentAccess = "-"
    validatePortfolioModification = "-"

    # modify the permissions based on their role
    if(role == "Regular_Client"):
        accountBalanceAccess = "r"
        portfolioAccess = "r"
        financialAdvisorContactAccess = "r"
    elif(role == "Premium_Client"):
        accountBalanceAccess = "r"
        portfolioAccess = "rw"
        financialAdvisorContactAccess = "r"
        financialPlannerContactAccess = "r"
        investmentAnalystContactAccess = "r"
    elif(role == "Compliance_Officer"):
        clientAccountBalanceAccess = "r"
        clientPortfolioAccess = "r"
        validatePortfolioModification = "x"
    elif(role == "Financial_Advisor"):
        clientAccountBalanceAccess = "r"
        clientPortfolioAccess = "rw"
        privateConsumerInstrumentAccess = "r"
    elif(role == "Financial_Planner"):
        clientAccountBalanceAccess = "r"
        clientPortfolioAccess = "rw"
        moneyMarketInstrumentAccess = "r"
        privateConsumerInstrumentAccess = "r"
    elif(role == "Investment_Analyst"):
        clientAccountBalanceAccess = "r"
        clientPortfolioAccess = "rw"
        derivativesTradingAccess = "r"
        interestInstrumentAccess = "r"
        moneyMarketInstrumentAccess = "r"
        privateConsumerInstrumentAccess = "r"
    elif(role == "Technical_Support"):
        clientAccountAccess = "rx"
    elif(role == "Teller"):
        clientAccountBalanceAccess = "r"
        clientPortfolioAccess = "r"
    
    return [role, accountBalanceAccess, portfolioAccess, financialAdvisorContactAccess, financialPlannerContactAccess, investmentAnalystContactAccess, clientAccountAccess, clientAccountBalanceAccess, clientPortfolioAccess, derivativesTradingAccess, interestInstrumentAccess, moneyMarketInstrumentAccess, privateConsumerInstrumentAccess, validatePortfolioModification]