adhocracy_core.resources.principal module

Principal types (user/group) and helpers to search/get user information.

interface IPrincipalsService

Extends: adhocracy_core.interfaces.IServicePool

Service Pool representing a collection of principals.

If the object is created via substanced.content.ContentRegistry.create(), it will contain three sub services:

users: an instance of the content type IUsers

group: an instance of the content type Groups

resets: an instance of the content type Password Resets

create_initial_content_for_principals(context: <InterfaceClass adhocracy_core.interfaces.IPool>, registry: pyramid.registry.Registry, options: dict)

Add users, groups and resets subobjects to context.

interface IUser

Extends: adhocracy_core.interfaces.IPool

User resource.

This inherits from IPool in order to allow to use this resource as a namespace for user objects.

active

Whether the user account has been activated (bool)

activation_path

Activation path for not-yet-activated accounts (str)

roles

List of roles

group_ids

List of groupids

class User(data=None, family=None)

Bases: adhocracy_core.resources.pool.Pool

User implementation.

With attributes to be compatible with substanced.principals.User

Initialize self.

tzname = 'UTC'

password = ''

email = ''

name = ''

active = False

activation_path = None

group_ids = None

Readonly groupids for this user.

timezone

activate(active: bool=True)

Activate or deactivate the user.

Inactivate users are always hidden.

has_new_email_pending()

activate_new_email()

Activate email stored in the IEmailNew sheet.

is_password_valid(registry: pyramid.registry.Registry, password: str)

Validate password against the IPasswordAuthentication sheet.

interface ISystemUser

Extends: adhocracy_core.resources.principal.IUser

User resource without login/password, created by the application.

allow_create_asset_authenticated(context: <InterfaceClass adhocracy_core.interfaces.IPool>, registry: pyramid.registry.Registry, options: dict)

Set local permission to create assets for authenticated.

This is needed to assure user can create their user image.

sdi_user_columns(folder, subobject, request, default_columnspec)

Mapping function to add info columns to the sdi user listing.

interface IUsersService

Extends: adhocracy_core.interfaces.IServicePool

Service Pool for Users.

interface IGroup

Extends: adhocracy_core.interfaces.IPool

Group for Users.

class Group(data=None, family=None)

Bases: adhocracy_core.resources.pool.Pool

Group implementation with roles attribute to improve performance.

Initialize self.

interface IGroupsService

Extends: adhocracy_core.interfaces.IServicePool

Pool for Groups.

deny_view_permission(context: <InterfaceClass adhocracy_core.interfaces.IResource>, registry: pyramid.registry.Registry, options: dict)

Remove view permission for everyone for context.

hide(context: <InterfaceClass adhocracy_core.interfaces.IResource>, registry: pyramid.registry.Registry, options: dict)

Hide context.

interface IPasswordReset

Extends: adhocracy_core.interfaces.IResource

Resource to do one user password reset.

class PasswordReset

Bases: adhocracy_core.resources.base.Base

Password reset implementation.

Initialize self.

reset_password(password)

Set password for creator user and delete itself.

interface IPasswordResetsService

Extends: adhocracy_core.interfaces.IServicePool

Service Pool for Password Resets.

class UserLocatorAdapter(context, request)

Bases: object

Provides helper methods to find users.

Initialize self.

get_user_by_login(login: str) → <InterfaceClass adhocracy_core.resources.principal.IUser>

Find user per login name or return None.

get_users() → [<InterfaceClass adhocracy_core.resources.principal.IUser>]

Return all users.

get_user_by_userid(userid: str) → <InterfaceClass adhocracy_core.resources.principal.IUser>

Find user by userid or return None.

get_user_by_email(email: str) → <InterfaceClass adhocracy_core.resources.principal.IUser>

Find user per email or return None.

get_user_by_activation_path(activation_path: str) → <InterfaceClass adhocracy_core.resources.principal.IUser>

Find user per activation path or return None.

get_user_by_service_konto_userid(userid: str) → <InterfaceClass adhocracy_core.resources.principal.IUser>

Find user per service konto userid or return None.

get_groupids(userid: str) → [<class 'str'>]

Get groupids for term:userid or return None.

get_groups(userid: str) → [<InterfaceClass adhocracy_core.resources.principal.IGroup>]

Get groups for term:userid or return None.

get_role_and_group_roleids(userid: str) → [<class 'str'>]

Return the roles for userid and all its groups or None.

get_roleids(userid: str) → [<class 'str'>]

Return the roles for userid or None.

get_group_roleids(userid: str) → [<class 'str'>]

Return the group roleids for userid or None.

get_user_or_anonymous(request: pyramid.request.Request) → <InterfaceClass adhocracy_core.resources.principal.IUser>

Get authenticated user or anonymous if anonymized request or None.

Meant to be use as request method ‘user’.

get_system_user_anonymous(request: pyramid.request.Request) → <InterfaceClass adhocracy_core.resources.principal.IUser>

Return user used to anonymize other users.

get_anonymized_user(request: pyramid.request.Request) → <InterfaceClass adhocracy_core.resources.principal.IUser>

Get authenticated user if anonymized request or None.

Meant to be use as request method ‘anonymized_user’.

groups_and_roles_finder(userid: str, request: pyramid.request.Request) → list

A Pyramid authentication policy groupfinder callback.

delete_not_activated_users(request: pyramid.request.Request, age_in_days: int)

Delete not activate users that are older than age_in_days.

delete_password_resets(request: pyramid.request.Request, age_in_days: int)

Delete password resets that are older than age_in_days.

includeme(config)

Add resource types to registry.