Fix naming convention; general cleanup

README.md

@@ -160,7 +160,7 @@ Other configuration options which are helpful to know about:
 # The second for a given group from an external Identity provider
 # The third would be only videos with panopto public permissions
 # The fourth would be all authenticated users at your organization
-permission_whitelist:
+principal_allowlist:
     - Group:Panopto:mygroup
     - Group:MyAdProvider:anothergroup
     - Group:Panopto:Public

src/panoptoindexconnector/connector.py

@@ -163,28 +163,31 @@ def should_push(video_content_response, config):
     """
     Returns true/false for whether we should push this video.
 
-    Will return "true" if either the permission whitelist is not set, or
-    if the video content contains the whitelisted permission
+    Will return "true" if either the permission allowlist is not set, or
+    if the video content contains the allowlisted permission
     """
-    # if there's no whitelist, proceed
-    if not config.principal_whitelist:
+    # if there's no allowlist, proceed
+    if not config.principal_allowlist:
         return True
-    # else we have a whitelist; let's match against it
+    # else we have a allowlist; let's match against it
     principals = video_content_response['VideoContent']['Principals']
-    # we'll just walk the permission whitelist and check match against each principal
-    for whitelisted_principal in config.principal_whitelist:
-        # Format it as <User|Group>:<IdProvider>:<Name>, case invariant
+    # we'll just walk the permission allowlist and check match against each principal
+    for allowed_principal in config.principal_allowlist:
+        # Format it as <User|Group>:<IdProvider>:<Name>
+        LOG.debug('Considering allowed principal %s', allowed_principal)
         try:
-            principal_type, id_provider, name = whitelisted_principal.split(':')
+            principal_type, id_provider, name = allowed_principal.split(':')
             assert principal_type in ('User', 'Group')
         except Exception:  # pylint: disable=broad-except
-            LOG.error('Invalid principal in principal whitelist. Expected format '
-                      '<User|Group>:<IdProvider>:<Name>, received %s', whitelisted_principal)
+            LOG.error('Invalid principal in principal allowlist. Expected format '
+                      '<User|Group>:<IdProvider>:<Name>, received %s', allowed_principal)
             sys.exit(2)
         name_key = principal_type + 'name'  # Username or Groupname
         for principal in principals:
             LOG.debug('Considering principal %s', principal)
-            if principal.get(name_key) == name and id_provider == principal.get('IdentityProvider'):
+            principal_name = principal.get(name_key)
+            principal_provider = principal.get('IdentityProvider') or 'Panopto'
+            if principal_name == name and principal_provider == id_provider:
                 return True
     return False
 
@@ -202,7 +205,7 @@ def sync_video_by_id(handler, oauth_token, config, video_id):
             target_content = handler.convert_to_target(video_content_response)
             handler.push_to_target(target_content, config)
         else:
-            LOG.info('Skipping update for video %s as it did not match principal whitelist', video_id)
+            LOG.info('Skipping update for video %s as it did not match principal allowlist', video_id)
 
 
 def trigger_rebuild(profile_name):

src/panoptoindexconnector/connector_config.py

@@ -62,7 +62,7 @@ def _get_securely_displayble_config(yaml_config):
                 continue
             node = yaml_config[key]
             for node_key in node:
-                # whitelist -- only username and client id should be shown
+                # allowlist -- only username and client id should be shown
                 if node_key not in ('username', 'client_id', 'grant_type'):
                     node[node_key] = '********'
 
@@ -97,8 +97,8 @@ def polling_retry_minimum(self):
         return timedelta(seconds=self._yaml_config.get('polling_retry_minimum', 300))
 
     @property
-    def principal_whitelist(self):
-        return self._yaml_config.get('principal_whitelist', None)
+    def principal_allowlist(self):
+        return self._yaml_config.get('principal_allowlist', None)
 
     @property
     def sleep_seconds(self):

src/panoptoindexconnector/implementations/template.yaml

@@ -25,15 +25,15 @@ target_credentials:
 # The name of your implementation
 target_implementation: debug_implementation
 
-# Should we whitelist videos based on source permissions
-# leave this blank if you will not whitelist which videos are pushed
+# Should we allowlist videos based on source permissions
+# leave this blank if you will not allowlist which videos are pushed
 # based on the source Panopto permissions
-principal_whitelist:
+principal_allowlist:
 #   - User:Panopto:myuser
 #   - Group:MyIdentityProvider:friends-and-family
 
 # Set to "true" if we should not push permissions to the target;
-# often used with the principal_whitelist to control permissions by
+# often used with the principal_allowlist to control permissions by
 # what is synced rather than matching the ID Provider on the target
 skip_permissions: false