User Folder objects¶
-
interface
Products.PluggableAuthService.interfaces.authservice.
IUserFolder
[source]¶ - Specify the interface called out in AccessControl.User.BasicUserFolder
- as the “Public UserFolder object interface”:
- o N.B: “enumeration” methods (‘getUserNames’, ‘getUsers’) are not
- part of the contract! See IEnumerableUserFolder.
-
getUser
(name)¶ Return the named user object or None.
-
getUserById
(id, default=None)¶ Return the user corresponding to the given id.
o If no such user can be found, return ‘default’.
-
validate
(request, auth='', roles=[])¶ Perform identification, authentication, and authorization.
- o Return an IUser-conformant user object, or None if we can’t
- identify / authorize the user.
o ‘request’ is the request object
- o ‘auth’ is any credential information already extracted by
- the caller
o roles is the list of roles the caller
-
interface
Products.PluggableAuthService.interfaces.authservice.
IPluggableAuthService
[source]¶ Extends:
Products.PluggableAuthService.interfaces.authservice.IUserFolder
The full, default contract for the pluggable authentication service.
-
searchUsers
(**kw)¶ Search for users. Returns a sequence of dicts, each dict representing a user matching the query, with the keys ‘userid’,’id’, ‘login’, ‘title’, and ‘principal_type’, possibly among others. ‘principal_type’ is always ‘user’.
Possible keywords include the following:
o id: user id
o name: user name
- o max_results: an int (or value castable to int) indicating
- the maximum number of results the method should return
- o sort_by: the key in the user dictionary that should be used
- to sort the results
o login: user login
-
searchGroups
(**kw)¶ Search for groups. Returns a sequence of dicts, each dict representing a group matching the query, with the keys ‘groupid’,’id’, ‘title’, and ‘principal_type’, possibly among others. ‘principal_type’ is always ‘group’.
Possible keywords include the following:
o id: user id
o name: user name
- o max_results: an int (or value castable to int) indicating
- the maximum number of results the method should return
- o sort_by: the key in the user dictionary that should be used
- to sort the results
-
searchPrincipals
(groups_first=False, **kw)¶ Search for principals (users, groups, or both). Returns a sequence of dicts, each dict representing a principal (group or user) matching the query. groups will be represented with dictionaries as described in searchGroups, and users as described in searchUsers. Possible keywords include id, name, max_results, sort_by, and login.
-
updateCredentials
(request, response, login, new_password)¶ Central updateCredentials method
This method is needed for cases where the credentials storage and the credentials extraction is handled by different plugins. Example case would be if the CookieAuthHelper is used as a Challenge and Extraction plugin only to take advantage of the login page feature but the credentials are not stored in the CookieAuthHelper cookie but somewhere else, like in a Session.
-
logout
(REQUEST)¶ Publicly accessible method to log out a user. A wrapper around resetCredentials that may implement some policy (the default implementation redirects to HTTP_REFERER).
-
resetCredentials
(request, response)¶ Reset credentials by informing all active resetCredentials plugins
-
updateLoginName
(user_id, login_name)¶ Update login name of user.
-
updateOwnLoginName
(login_name)¶ Update own login name of authenticated user.
-
updateAllLoginNames
(quit_on_first_error=True)¶ Update login names of all users to their canonical value.
This should be done after changing the login_transform property of PAS.
You can set quit_on_first_error to False to report all errors before quitting with an error. This can be useful if you want to know how many problems there are, if any.
-
-
interface
Products.PluggableAuthService.interfaces.authservice.
IMutableUserFolder
[source]¶ - Specify the interface called out in
- AccessControl.User.BasicUserFolder as the “Public UserFolder object interface”:
- o N.B: “enumeration” methods (‘getUserNames’, ‘getUsers’) are not
- part of the contract! See IEnumerableUserFolder.
-
userFolderAddUser
(name, password, roles, domains, **kw)¶ Create a new user object.
-
userFolderEditUser
(name, password, roles, domains, **kw)¶ Change user object attributes.
-
userFolderDelUsers
(names)¶ Delete one or more user objects.
-
interface
Products.PluggableAuthService.interfaces.authservice.
IEnumerableUserFolder
[source]¶ Extends:
Products.PluggableAuthService.interfaces.authservice.IUserFolder
Interface for user folders which can afford to enumerate their users.
-
getUserNames
()¶ Return a list of usernames.
-
getUsers
()¶ Return a list of user objects.
-