PyAMS security¶
+Module contents¶
+-
+
-
+
pyams_security.
includeme
(config)¶
+ Pyramid include
+Split in another package to remove cyclic dependencies with TranslationStringFactory
+
Subpackages¶
+-
+
- pyams_security.interfaces package + +
- pyams_security.plugin package + +
- pyams_security.tests package + +
- pyams_security.views package + +
- pyams_security.widget package + +
- pyams_security.zmi package + +
Submodules¶
+pyams_security.credential module¶
+-
+
-
+class
pyams_security.credential.
Credentials
(prefix, id, **attributes)¶
+ Bases:
+object
Credentials class
+-
+
-
+
attributes
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
id
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
prefix
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
pyams_security.include module¶
+-
+
-
+
pyams_security.include.
include_package
(config)¶
+ Pyramid include
+
pyams_security.index module¶
+ + +pyams_security.notification module¶
+-
+
-
+class
pyams_security.notification.
NotificationSettings
¶
+ Bases:
+persistent.Persistent
Notification settings
+-
+
-
+
enable_notifications
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
mailer
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
sender_email
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
sender_name
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
service_name
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
service_owner
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
signature
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
subject_prefix
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
-
+
pyams_security.notification.
SecurityNotificationSettingsFactory
(context)¶
+ Security manager notifications factory adapter
+
pyams_security.permission module¶
+-
+
-
+class
pyams_security.permission.
Permission
(values=None, **args)¶
+ Bases:
+object
Permission utility class
+-
+
-
+
description
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
id
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
title
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
-
+class
pyams_security.permission.
PermissionsVocabulary
(*args, **kwargs)¶
+ Bases:
+zope.schema.vocabulary.SimpleVocabulary
Permissions vocabulary
+-
+
-
+
interface
= <InterfaceClass pyams_security.interfaces.IPermission>¶
+
-
+
-
+
-
+
pyams_security.permission.
register_permission
(config, permission)¶
+ Register a new permission
+Permissions registry is not required. +But only registered permissions can be applied via default +ZMI features
+
pyams_security.principal module¶
+-
+
-
+class
pyams_security.principal.
MissingPrincipal
(**kwargs)¶
+ Bases:
+object
Missing principal info
+This class can be used when a stored principal ID +references a principal which can’t be found anymore
+-
+
-
+
id
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
title
¶
+
-
+
-
+
-
+class
pyams_security.principal.
PrincipalInfo
(**kwargs)¶
+ Bases:
+object
Generic principal info
+-
+
-
+
attributes
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
id
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
title
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
-
+
pyams_security.principal.
get_principal_annotations
(principal)¶
+ Principal annotations adapter
+
pyams_security.profile module¶
+-
+
-
+
pyams_security.profile.
PrincipalPublicProfileFactory
(principal)¶
+ Principal public profile factory adapter
+
-
+
-
+class
pyams_security.profile.
ProfileTraverser
(context, request)¶
+ Bases:
+pyams_utils.adapter.ContextRequestAdapter
++profile++ namespace traverser
+-
+
-
+
traverse
(name, furtherpath=None)¶
+
-
+
-
+
-
+class
pyams_security.profile.
PublicProfile
¶
+ Bases:
+persistent.Persistent
,zope.container.contained.Contained
Public profile persistent class
+-
+
-
+
avatar
¶
+ Property class used to handle files
+
-
+
-
+
-
+class
pyams_security.profile.
PublicProfileExtension
(context, request)¶
+ Bases:
+pyams_utils.adapter.ContextRequestAdapter
public_profile TALES extension
+-
+
-
+
render
(request=None)¶
+
-
+
-
+
-
+
pyams_security.profile.
PublicProfileFactory
(context)¶
+
pyams_security.property module¶
+-
+
-
+class
pyams_security.property.
RolePrincipalsFieldProperty
(field, role_id=None, name=None, **args)¶
+ Bases:
+object
Custom field property used to handle role principals
+
pyams_security.role module¶
+-
+
-
+class
pyams_security.role.
Role
(values=None, **args)¶
+ Bases:
+object
Role utility class
+-
+
-
+
description
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
id
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
managers
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
permissions
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
title
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
-
+class
pyams_security.role.
RolesVocabulary
(*args, **kwargs)¶
+ Bases:
+zope.schema.vocabulary.SimpleVocabulary
Roles vocabulary
+-
+
-
+
interface
= <InterfaceClass pyams_security.interfaces.IRole>¶
+
-
+
-
+
-
+
pyams_security.role.
register_role
(config, role)¶
+ Register a new role
+Roles registry is not required. +But only registered roles can be applied via default +ZMI features.
+If a role is registered several times, previous registrations +will just be updated to add new permissions. +Title and description are not updated after first registration.
+
pyams_security.schema module¶
+-
+
-
+class
pyams_security.schema.
PermissionField
(**kwargs)¶
+ Bases:
+zope.schema._field.Choice
Permission field
+
-
+
-
+class
pyams_security.schema.
PermissionsSetField
(**kwargs)¶
+ Bases:
+zope.schema._field.Set
Permissions set field
+
pyams_security.security module¶
+-
+
-
+class
pyams_security.security.
ProtectedObject
¶
+ Bases:
+object
Base protected object class
+
-
+
-
+
pyams_security.security.
ProtectedObjectFactory
(context)¶
+ Default protected object factory
+
-
+
-
+class
pyams_security.security.
RoleProtectedObject
¶
+ Bases:
+persistent.Persistent
,zope.container.contained.Contained
Base class for object protected by roles
+-
+
-
+
authenticated_denied
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
authenticated_granted
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
everyone_denied
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
everyone_granted
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
get_authenticated_denied
()¶
+
-
+
-
+
get_authenticated_granted
()¶
+
-
+
-
+
get_everyone_denied
()¶
+
-
+
-
+
get_everyone_granted
()¶
+
-
+
-
+
get_granted_roles
()¶
+
-
+
-
+
get_permissions
(principal_id)¶
+
-
+
-
+
get_principals
(role_id)¶
+
-
+
-
+
get_roles
(principal_id)¶
+
-
+
-
+
grant_role
(role_id, principal_ids)¶
+
-
+
-
+
inherit_parent_roles
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
inherit_parent_security
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
revoke_role
(role_id, principal_ids)¶
+
-
+
pyams_security.site module¶
+-
+
-
+class
pyams_security.site.
SecurityGenerationsChecker
¶
+ Bases:
+object
I18n generations checker
+-
+
-
+
evolve
(site, current=None)¶
+ Check for required utilities
+
-
+
-
+
generation
= 1¶
+
-
+
-
+
-
+
pyams_security.site.
get_admin_user
()¶
+ Get system manager profile
+
-
+
-
+
pyams_security.site.
get_service_user
()¶
+ Get internal services profile
+
-
+
-
+
pyams_security.site.
handle_new_local_site
(event)¶
+ Create a new security manager when a site is created
+
-
+
-
+
pyams_security.site.
handle_new_security_manager
(event)¶
+ Automatically create a new administration login
+
pyams_security.utility module¶
+-
+
-
+class
pyams_security.utility.
PyAMSAuthenticationPolicy
(secret, credentials=('http', ), cookie_name='auth_ticket', secure=False, include_ip=False, timeout=None, reissue_time=None, max_age=None, path='/', http_only=False, wild_domain=True, hashalg='sha256', parent_domain=False, domain=None)¶
+ Bases:
+object
PyAMS authentication policy
+This authentication policy relies on a registered ISecurityManager utility. +Use same authentication ticket as AuthTktAuthenticationPolicy.
+
+credentials
is the list of credentials extraction utilities which can be +used to get credentials.See pyramid.authentication.AuthTktAuthenticationPolicy to get description +of other constructor arguments.
+-
+
-
+
authenticated_userid
(request)¶
+
-
+
-
+
credentials_plugins
¶
+
-
+
-
+
effective_principals
(x, *args, **kwargs)¶
+
-
+
-
+
forget
(request)¶
+
-
+
-
+
remember
(request, principal, **kw)¶
+
-
+
-
+
unauthenticated_userid
(request)¶
+
-
+
-
+
-
+class
pyams_security.utility.
SecurityManager
¶
+ Bases:
+zope.container.folder.Folder
Security manager utility
+-
+
-
+
authenticate
(credentials, request)¶
+
-
+
-
+
authenticated_userid
(request)¶
+
-
+
-
+
authentication_plugins_names
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
authomatic_secret
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
credentials_plugins_names
¶
+
-
+
-
+
directory_plugins_names
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
effective_principals
(principal_id, request=None, context=None)¶
+
-
+
Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
extract_credentials
(request, **kwargs)¶
+
-
+
-
+
find_principals
(query)¶
+
-
+
-
+
get_all_principals
(principal_id)¶
+
-
+
-
+
get_authentication_plugins
()¶
+
-
+
-
+
get_credentials_plugins
(request=None)¶
+
-
+
-
+
get_directory_plugins
()¶
+
-
+
-
+
get_groups_directory_plugins
()¶
+
-
+
-
+
get_plugin
(name)¶
+
-
+
-
+
get_principal
¶
+
-
+
-
+
open_registration
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
users_folder
¶
+ Computed attributes based on schema fields
+Field properties provide default values, data validation and error messages +based on data found in field meta-data.
+Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.
+
-
+
-
+
-
+
pyams_security.utility.
get_principal
(request, principal_id=None)¶
+ Get principal associated with given request
+