+ +
+

PyAMS security

+
+

Module contents

+
+
+pyams_security.includeme(config)
+

Pyramid include

+

Split in another package to remove cyclic dependencies with TranslationStringFactory

+
+ +
+ +
+

Submodules

+
+

pyams_security.credential module

+
+
+class pyams_security.credential.Credentials(prefix, id, **attributes)
+

Bases: object

+

Credentials class

+
+
+attributes
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+id
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+prefix
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+ +
+
+

pyams_security.include module

+
+
+pyams_security.include.include_package(config)
+

Pyramid include

+
+ +
+
+

pyams_security.index module

+
+
+class pyams_security.index.PrincipalsRoleIndex(role_id, family=None)
+

Bases: hypatia.keyword.KeywordIndex

+

Principals role index

+
+
+discriminate(obj, default)
+
+ +
+ +
+
+

pyams_security.notification module

+
+
+class pyams_security.notification.NotificationSettings
+

Bases: persistent.Persistent

+

Notification settings

+
+
+enable_notifications
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+mailer
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+sender_email
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+sender_name
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+service_name
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+service_owner
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+signature
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+subject_prefix
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+ +
+
+pyams_security.notification.SecurityNotificationSettingsFactory(context)
+

Security manager notifications factory adapter

+
+ +
+
+

pyams_security.permission module

+
+
+class pyams_security.permission.Permission(values=None, **args)
+

Bases: object

+

Permission utility class

+
+
+description
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+id
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+title
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+ +
+
+class pyams_security.permission.PermissionsVocabulary(*args, **kwargs)
+

Bases: zope.schema.vocabulary.SimpleVocabulary

+

Permissions vocabulary

+
+
+interface = <InterfaceClass pyams_security.interfaces.IPermission>
+
+ +
+ +
+
+pyams_security.permission.register_permission(config, permission)
+

Register a new permission

+

Permissions registry is not required. +But only registered permissions can be applied via default +ZMI features

+
+ +
+
+

pyams_security.principal module

+
+
+class pyams_security.principal.MissingPrincipal(**kwargs)
+

Bases: object

+

Missing principal info

+

This class can be used when a stored principal ID +references a principal which can’t be found anymore

+
+
+id
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+title
+
+ +
+ +
+
+class pyams_security.principal.PrincipalInfo(**kwargs)
+

Bases: object

+

Generic principal info

+
+
+attributes
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+id
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+title
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+ +
+
+pyams_security.principal.get_principal_annotations(principal)
+

Principal annotations adapter

+
+ +
+
+

pyams_security.profile module

+
+
+pyams_security.profile.PrincipalPublicProfileFactory(principal)
+

Principal public profile factory adapter

+
+ +
+
+class pyams_security.profile.ProfileTraverser(context, request)
+

Bases: pyams_utils.adapter.ContextRequestAdapter

+

++profile++ namespace traverser

+
+
+traverse(name, furtherpath=None)
+
+ +
+ +
+
+class pyams_security.profile.PublicProfile
+

Bases: persistent.Persistent, zope.container.contained.Contained

+

Public profile persistent class

+
+
+avatar
+

Property class used to handle files

+
+ +
+ +
+
+class pyams_security.profile.PublicProfileExtension(context, request)
+

Bases: pyams_utils.adapter.ContextRequestAdapter

+

public_profile TALES extension

+
+
+render(request=None)
+
+ +
+ +
+
+pyams_security.profile.PublicProfileFactory(context)
+
+ +
+
+

pyams_security.property module

+
+
+class pyams_security.property.RolePrincipalsFieldProperty(field, role_id=None, name=None, **args)
+

Bases: object

+

Custom field property used to handle role principals

+
+ +
+
+

pyams_security.role module

+
+
+class pyams_security.role.Role(values=None, **args)
+

Bases: object

+

Role utility class

+
+
+description
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+id
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+managers
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+permissions
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+title
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+ +
+
+class pyams_security.role.RolesVocabulary(*args, **kwargs)
+

Bases: zope.schema.vocabulary.SimpleVocabulary

+

Roles vocabulary

+
+
+interface = <InterfaceClass pyams_security.interfaces.IRole>
+
+ +
+ +
+
+pyams_security.role.register_role(config, role)
+

Register a new role

+

Roles registry is not required. +But only registered roles can be applied via default +ZMI features.

+

If a role is registered several times, previous registrations +will just be updated to add new permissions. +Title and description are not updated after first registration.

+
+ +
+
+

pyams_security.schema module

+
+
+class pyams_security.schema.PermissionField(**kwargs)
+

Bases: zope.schema._field.Choice

+

Permission field

+
+ +
+
+class pyams_security.schema.PermissionsSetField(**kwargs)
+

Bases: zope.schema._field.Set

+

Permissions set field

+
+ +
+
+class pyams_security.schema.Principal(**kwargs)
+

Bases: zope.schema._bootstrapfields.TextLine

+

Principal field

+
+
+role_id = None
+
+ +
+ +
+
+class pyams_security.schema.PrincipalsSet(**kwargs)
+

Bases: zope.schema._field.Set

+

Principals set field

+
+
+role_id = None
+
+ +
+ +
+
+

pyams_security.security module

+
+
+class pyams_security.security.ProtectedObject
+

Bases: object

+

Base protected object class

+
+ +
+
+pyams_security.security.ProtectedObjectFactory(context)
+

Default protected object factory

+
+ +
+
+class pyams_security.security.RoleProtectedObject
+

Bases: persistent.Persistent, zope.container.contained.Contained

+

Base class for object protected by roles

+
+
+authenticated_denied
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+authenticated_granted
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+everyone_denied
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+everyone_granted
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+get_authenticated_denied()
+
+ +
+
+get_authenticated_granted()
+
+ +
+
+get_everyone_denied()
+
+ +
+
+get_everyone_granted()
+
+ +
+
+get_granted_roles()
+
+ +
+
+get_permissions(principal_id)
+
+ +
+
+get_principals(role_id)
+
+ +
+
+get_roles(principal_id)
+
+ +
+
+grant_role(role_id, principal_ids)
+
+ +
+
+inherit_parent_roles
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+inherit_parent_security
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+revoke_role(role_id, principal_ids)
+
+ +
+ +
+
+

pyams_security.site module

+
+
+class pyams_security.site.SecurityGenerationsChecker
+

Bases: object

+

I18n generations checker

+
+
+evolve(site, current=None)
+

Check for required utilities

+
+ +
+
+generation = 1
+
+ +
+ +
+
+pyams_security.site.get_admin_user()
+

Get system manager profile

+
+ +
+
+pyams_security.site.get_service_user()
+

Get internal services profile

+
+ +
+
+pyams_security.site.handle_new_local_site(event)
+

Create a new security manager when a site is created

+
+ +
+
+pyams_security.site.handle_new_security_manager(event)
+

Automatically create a new administration login

+
+ +
+
+

pyams_security.utility module

+
+
+class pyams_security.utility.PyAMSAuthenticationPolicy(secret, credentials=('http', ), cookie_name='auth_ticket', secure=False, include_ip=False, timeout=None, reissue_time=None, max_age=None, path='/', http_only=False, wild_domain=True, hashalg='sha256', parent_domain=False, domain=None)
+

Bases: object

+

PyAMS authentication policy

+

This authentication policy relies on a registered ISecurityManager utility. +Use same authentication ticket as AuthTktAuthenticationPolicy.

+

credentials is the list of credentials extraction utilities which can be +used to get credentials.

+

See pyramid.authentication.AuthTktAuthenticationPolicy to get description +of other constructor arguments.

+
+
+authenticated_userid(request)
+
+ +
+
+credentials_plugins
+
+ +
+
+effective_principals(x, *args, **kwargs)
+
+ +
+
+forget(request)
+
+ +
+
+remember(request, principal, **kw)
+
+ +
+
+unauthenticated_userid(request)
+
+ +
+ +
+
+class pyams_security.utility.SecurityManager
+

Bases: zope.container.folder.Folder

+

Security manager utility

+
+
+authenticate(credentials, request)
+
+ +
+
+authenticated_userid(request)
+
+ +
+
+authentication_plugins_names
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+authomatic_secret
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+credentials_plugins_names
+
+ +
+
+directory_plugins_names
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+effective_principals(principal_id, request=None, context=None)
+
+ +
+
+enable_social_login
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+extract_credentials(request, **kwargs)
+
+ +
+
+find_principals(query)
+
+ +
+
+get_all_principals(principal_id)
+
+ +
+
+get_authentication_plugins()
+
+ +
+
+get_credentials_plugins(request=None)
+
+ +
+
+get_directory_plugins()
+
+ +
+
+get_groups_directory_plugins()
+
+ +
+
+get_plugin(name)
+
+ +
+
+get_principal
+
+ +
+
+open_registration
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+social_login_use_popup
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+social_users_folder
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+
+users_folder
+

Computed attributes based on schema fields

+

Field properties provide default values, data validation and error messages +based on data found in field meta-data.

+

Note that FieldProperties cannot be used with slots. They can only +be used for attributes stored in instance dictionaries.

+
+ +
+ +
+
+pyams_security.utility.get_principal(request, principal_id=None)
+

Get principal associated with given request

+
+ +
+
+

pyams_security.vocabulary module

+
+
+class pyams_security.vocabulary.PasswordManagerVocabulary(context, **kw)
+

Bases: zope.componentvocabulary.vocabulary.UtilityVocabulary

+

Password managers vocabulary

+
+
+interface = <InterfaceClass zope.password.interfaces.IPasswordManager>
+
+ +
+
+nameOnly = True
+
+ +
+ +
+
+
+ + +