users Package

models Module

class lemur.users.models.User(**kwargs)

Bases: Model

active
authorities
certificates
check_password(password)

Hash a given password and check it against the stored value to determine it’s validity.

Parameters:

password

Returns:

confirmed_at
email
hash_password()

Generate the secure hash for the password.

Returns:

id
property is_admin

Determine if the current user has the ‘admin’ role associated with it.

Returns:

property is_admin_or_global_cert_issuer

Determine if the current user is a global cert issuer. The user has either ‘admin’ or ‘global_cert_issuer’ role associated with them.

Returns:

keys
logs
password
pending_certificates
profile_picture
role
roles
sensitive_fields = ('password',)
username
lemur.users.models.hash_password(mapper, connect, target)

Helper function that is a listener and hashes passwords before insertion into the database.

Parameters:

  • mapper

  • connect

  • target

service Module

lemur.users.service.create(username, password, email, active, profile_picture, roles)

Create a new user

Parameters:

  • username

  • password

  • email

  • active

  • profile_picture

  • roles

Returns:

lemur.users.service.get(user_id)

Retrieve a user from the database

Parameters:

user_id

Returns:

lemur.users.service.get_all()

Retrieve all users from the database.

Returns:

lemur.users.service.get_by_email(email)

Retrieve a user from the database by their email address

Parameters:

email

Returns:

lemur.users.service.get_by_username(username)

Retrieve a user from the database by their username

Parameters:

username

Returns:

lemur.users.service.render(args)

Helper that paginates and filters data when requested through the REST Api

Parameters:

args

Returns:

lemur.users.service.update(user_id, username, email, active, profile_picture, roles, password=None)

Updates an existing user

Parameters:

  • user_id

  • username

  • email

  • active

  • profile_picture

  • roles

  • password

Returns:

lemur.users.service.update_roles(user, roles)

Replaces the roles with new ones. This will detect when are roles added as well as when there are roles removed.

Parameters:

  • user

  • roles

views Module

class lemur.users.views.CertificateUsers

Bases: AuthenticatedResource

endpoint = 'certificateCreator'
get(certificate_id)
GET /certificates/1/creator

Get a certificate’s creator

Example request:

GET /certificates/1/creator HTTP/1.1
Host: example.com
Accept: application/json, text/javascript

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript

{
    "id": 1,
    "active": false,
    "email": "user1@example.com",
    "username": "user1",
    "profileImage": null
}
Request Headers:
Status Codes:
mediatypes()
methods: t.ClassVar[t.Collection[str] | None] = {'GET'}

The methods this view is registered for. Uses the same default (["GET", "HEAD", "OPTIONS"]) as route and add_url_rule by default.

class lemur.users.views.Me

Bases: AuthenticatedResource

endpoint = 'me'
get()
GET /auth/me

Get the currently authenticated user

Example request:

GET /auth/me HTTP/1.1
Host: example.com
Accept: application/json, text/javascript

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript

{
    "id": 1,
    "active": false,
    "email": "user1@example.com",
    "username": "user1",
    "profileImage": null
}
Request Headers:
Status Codes:
mediatypes()
methods: t.ClassVar[t.Collection[str] | None] = {'GET'}

The methods this view is registered for. Uses the same default (["GET", "HEAD", "OPTIONS"]) as route and add_url_rule by default.

class lemur.users.views.RoleUsers

Bases: AuthenticatedResource

endpoint = 'roleUsers'
get(role_id)
GET /roles/1/users

Get all users associated with a role

Example request:

GET /roles/1/users HTTP/1.1
Host: example.com
Accept: application/json, text/javascript

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript

{
  "items": [
      {
        "id": 2,
        "active": True,
        "email": "user2@example.com",
        "username": "user2",
        "profileImage": null
      },
      {
        "id": 1,
        "active": False,
        "email": "user1@example.com",
        "username": "user1",
        "profileImage": null
      }
    ]
  "total": 2
}
Request Headers:
Status Codes:
mediatypes()
methods: t.ClassVar[t.Collection[str] | None] = {'GET'}

The methods this view is registered for. Uses the same default (["GET", "HEAD", "OPTIONS"]) as route and add_url_rule by default.

class lemur.users.views.Users

Bases: AuthenticatedResource

endpoint = 'user'
get(user_id)
GET /users/1

Get a specific user

Example request:

GET /users/1 HTTP/1.1
Host: example.com
Accept: application/json, text/javascript

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript

{
    "id": 1,
    "active": false,
    "email": "user1@example.com",
    "username": "user1",
    "profileImage": null
}
Request Headers:
Status Codes:
mediatypes()
methods: t.ClassVar[t.Collection[str] | None] = {'GET', 'PUT'}

The methods this view is registered for. Uses the same default (["GET", "HEAD", "OPTIONS"]) as route and add_url_rule by default.

put(user_id, data=None)
PUT /users/1

Update a user

Example request with ID:

PUT /users/1 HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
Content-Type: application/json;charset=UTF-8

{
   "username": "user1",
   "email": "user1@example.com",
   "active": false,
   "roles": [
       {"id": 1}
   ]
}

Example request with name:

PUT /users/1 HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
Content-Type: application/json;charset=UTF-8

{
   "username": "user1",
   "email": "user1@example.com",
   "active": false,
   "roles": [
       {"name": "myRole"}
   ]
}

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript

{
   "id": 1,
   "username": "user1",
   "email": "user1@example.com",
   "active": false,
   "profileImage": null
}
Request Headers:
Status Codes:
class lemur.users.views.UsersList

Bases: AuthenticatedResource

Defines the ‘users’ endpoint

endpoint = 'users'
get()
GET /users

The current user list

Example request:

GET /users HTTP/1.1
Host: example.com
Accept: application/json, text/javascript

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript

{
   "items": [
      {
         "id": 2,
         "active": True,
         "email": "user2@example.com",
         "username": "user2",
         "profileImage": null
      },
      {
         "id": 1,
         "active": False,
         "email": "user1@example.com",
         "username": "user1",
         "profileImage": null
      }
   ]
   "total": 2
}
Query Parameters:

  • sortBy – field to sort on

  • sortDir – asc or desc

  • page – int default is 1

  • filter – key value pair format is k;v

  • count – count number default is 10

Request Headers:
Status Codes:
mediatypes()
methods: t.ClassVar[t.Collection[str] | None] = {'GET', 'POST'}

The methods this view is registered for. Uses the same default (["GET", "HEAD", "OPTIONS"]) as route and add_url_rule by default.

post(data=None)
POST /users

Creates a new user

Example request with ID:

POST /users HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
Content-Type: application/json;charset=UTF-8

{
   "username": "user3",
   "email": "user3@example.com",
   "active": true,
   "roles": [
      {"id": 1}
   ]
}

Example request with name:

POST /users HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
Content-Type: application/json;charset=UTF-8

{
   "username": "user3",
   "email": "user3@example.com",
   "active": true,
   "roles": [
      {"name": "myRole"}
   ]
}

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript

{
    "id": 3,
    "active": True,
    "email": "user3@example.com",
    "username": "user3",
    "profileImage": null
}
Parameters:

  • username – username for new user

  • email – email address for new user

  • password – password for new user

  • active – boolean, if the user is currently active

  • roles – list, roles that the user should be apart of

Request Headers:
Status Codes: