:tocdepth: 3 :py:mod:`gws.base.auth.user` ============================ .. py:module:: gws.base.auth.user **Source code:** :source:`gws.base.auth.user` Module Contents --------------- .. py:class:: AdminUser(provider, roles) Bases: :py:obj:`User` User object. .. py:method:: acl_bit(access, obj) Get the ACL bit for a specific object. :param access: Access mode. :param obj: Requested object. :returns: ``1`` or ``0`` if the user's permissions have the bit and ``None`` otherwise. .. py:class:: AuthorizedUser(provider, roles) Bases: :py:obj:`User` User object. .. py:function:: from_dict(provider: gws.AuthProvider, d: dict) -> gws.User .. py:function:: from_record(provider: gws.AuthProvider, user_rec: dict) -> gws.User Create a User from a raw record as returned from a provider. A provider can return an arbitrary dict of values. Entries whose keys are in the `_FIELDS` list (case-insensitively), are copied to the newly created `User` object. Entries ``roles`` and ``attributes`` are copied as well, other entries are stored in the user's ``data`` dict. .. py:class:: GuestUser(provider, roles) Bases: :py:obj:`User` User object. .. py:attribute:: isGuest :value: True User is a Guest. .. py:class:: NobodyUser(provider, roles) Bases: :py:obj:`User` User object. .. py:method:: acl_bit(access, obj) Get the ACL bit for a specific object. :param access: Access mode. :param obj: Requested object. :returns: ``1`` or ``0`` if the user's permissions have the bit and ``None`` otherwise. .. py:class:: Props(*args, **kwargs) Bases: :py:obj:`gws.Props` Object properties. .. py:attribute:: attributes :type: dict .. py:attribute:: displayName :type: str .. py:class:: SystemUser(provider, roles) Bases: :py:obj:`User` User object. .. py:method:: acl_bit(access, obj) Get the ACL bit for a specific object. :param access: Access mode. :param obj: Requested object. :returns: ``1`` or ``0`` if the user's permissions have the bit and ``None`` otherwise. .. py:function:: to_dict(usr) -> dict .. py:class:: User(provider, roles) Bases: :py:obj:`gws.User` User object. .. py:attribute:: attributes Public user attributes. .. py:attribute:: authProvider User authorization provider. .. py:attribute:: data Private user data. .. py:attribute:: isGuest :value: False User is a Guest. .. py:attribute:: roles User roles. .. py:attribute:: uid :value: '' Global user uid. .. py:method:: acl_bit(access, obj) Get the ACL bit for a specific object. :param access: Access mode. :param obj: Requested object. :returns: ``1`` or ``0`` if the user's permissions have the bit and ``None`` otherwise. .. py:method:: acquire(uid=None, classref=None, access=None) Get a readable object by uid. :param uid: Object uid. :param classref: Class reference. If provided, ensures that the object matches the reference. :param access: Access mode, assumed ``Access.read`` if omitted. :returns: A readable object or ``None`` if the object does not exists or user doesn't have a permission. .. py:method:: can(access, obj, *context) Check if the user can access an object. :param access: Access mode. :param obj: Requested object. :param \*context: Further objects to check. :returns: ``True`` is access is granted. .. py:method:: can_create(obj, *context) Check if the user has "create" permission on an object. .. py:method:: can_delete(obj, *context) Check if the user has "delete" permission on an object. .. py:method:: can_edit(obj, *context) Check if the user has "edit" permissions on an object. .. py:method:: can_read(obj, *context) Check if the user has "read" permission on an object. .. py:method:: can_use(obj, *context) Check if the user has "read" permission on an object. .. py:method:: can_write(obj, *context) Check if the user has "write" permission on an object. .. py:method:: has_role(role) .. py:method:: props(user) Generate a ``Props`` struct for this object. :param user: The user for which the props should be generated. .. py:method:: require(uid=None, classref=None, access=None) Get a readable object by uid and fail if not found. :param uid: Object uid. :param classref: Class reference. If provided, ensures that the object matches the reference. :param access: Access mode, assumed ``Access.read`` if omitted. :returns: A readable object. :raises ``NotFoundError`` if the object doesn't exist.: :raises ``ForbiddenError`` if the user cannot read the object.: .. py:method:: require_layer(uid=None) Get a readable Layer object. :param uid: Layer uid. :returns: A Layer object. .. py:method:: require_project(uid=None) Get a readable Project object. :param uid: Project uid. :returns: A Project object.