Contributing¶
Want to contribute back to Lemur? This page describes the general development flow, our philosophy, the test suite, and issue tracking.
Documentation¶
If you’re looking to help document Lemur, you can get set up with Sphinx, our documentation tool, but first you will want to make sure you have a few things on your local system:
- python-dev (if you’re on OS X, you already have this)
- pip
- virtualenvwrapper
Once you’ve got all that, the rest is simple:
# If you have a fork, you'll want to clone it instead
git clone git://github.com/netflix/lemur.git
# Create a python virtualenv
mkvirtualenv lemur
# Make the magic happen
make dev-docs
Running make dev-docs
will install the basic requirements to get Sphinx running.
Building Documentation¶
Inside the docs
directory, you can run make
to build the documentation.
See make help
for available options and the Sphinx Documentation for more information.
Developing Against HEAD¶
We try to make it easy to get up and running in a development environment using a git checkout of Lemur. You’ll want to make sure you have a few things on your local system first:
- python-dev (if you’re on OS X, you already have this)
- pip
- virtualenv (ideally virtualenvwrapper)
- node.js (for npm and building css/javascript)
- (Optional) Potgresql
Once you’ve got all that, the rest is simple:
# If you have a fork, you'll want to clone it instead
git clone git://github.com/lemur/lemur.git
# Create a python virtualenv
mkvirtualenv lemur
# Make the magic happen
make
Running make
will do several things, including:
- Setting up any submodules (including Bootstrap)
- Installing Python requirements
- Installing NPM requirements
Note
You will want to store your virtualenv out of the lemur
directory you cloned above,
otherwise make
will fail.
Create a default Lemur configuration just as if this were a production instance:
lemur init
You’ll likely want to make some changes to the default configuration (we recommend developing against Postgres, for example). Once done, migrate your database using the following command:
lemur upgrade
Note
The upgrade
shortcut is simply a shorcut to Alembic’s upgrade command.
Coding Standards¶
Lemur follows the guidelines laid out in pep8 with a little bit of flexibility on things like line length. We always give way for the Zen of Python. We also use strict mode for JavaScript, enforced by jshint.
You can run all linters with make lint
, or respectively lint-python
or lint-js
.
Spacing¶
- Python:
- 4 Spaces
- JavaScript:
- 2 Spaces
- CSS:
- 2 Spaces
- HTML:
- 2 Spaces
Running the Test Suite¶
The test suite consists of multiple parts, testing both the Python and JavaScript components in Lemur. If you’ve setup your environment correctly, you can run the entire suite with the following command:
make test
If you only need to run the Python tests, you can do so with make test-python
, as well as test-js
for the JavaScript tests.
You’ll notice that the test suite is structured based on where the code lives, and strongly encourages using the mock library to drive more accurate individual tests.
Note
We use py.test for the Python test suite, and a combination of phantomjs and jasmine for the JavaScript tests.
Static Media¶
Lemur uses a library that compiles it’s static media assets (LESS and JS files) automatically. If you’re developing using runserver you’ll see changes happen not only in the original files, but also the minified or processed versions of the file.
If you’ve made changes and need to compile them by hand for any reason, you can do so by running:
lemur compilestatic
The minified and processed files should be committed alongside the unprocessed changes.
Developing with Flask¶
Because Lemur is just Flask, you can use all of the standard Flask functionality. The only difference is you’ll be accessing commands that would normally go through manage.py using the lemur
CLI helper instead.
For example, you probably don’t want to use lemur start
for development, as it doesn’t support anything like
automatic reloading on code changes. For that you’d want to use the standard builtin runserver
command:
lemur runserver
DDL (Schema Changes)¶
Schema changes should always introduce the new schema in a commit, and then introduce code relying on that schema in a followup commit. This also means that new columns must be NULLable.
Removing columns and tables requires a slightly more painful flow, and should resemble the follow multi-commit flow:
- Remove all references to the column or table (but dont remove the Model itself)
- Remove the model code
- Remove the table or column
Contributing Back Code¶
All patches should be sent as a pull request on GitHub, include tests, and documentation where needed. If you’re fixing a bug or making a large change the patch must include test coverage.
Uncertain about how to write tests? Take a look at some existing tests that are similar to the code you’re changing, and go from there.
You can see a list of open pull requests (pending changes) by visiting https://github.com/netflix/lemur/pulls
Pull requests should be against master and pass all TravisCI checks
Writing a Plugin¶
REST API¶
Lemur’s front end is entirely API driven. Any action that you can accomplish via the UI can also be accomplished by the UI. The following is documents and provides examples on how to make requests to the Lemur API.
Authentication¶
-
class
lemur.auth.views.
Google
¶ Bases:
flask_restful.Resource
-
endpoint
= 'google'¶
-
mediatypes
(resource_cls)¶
-
methods
= ['POST']¶
-
post
()¶
-
-
class
lemur.auth.views.
Login
¶ Bases:
flask_restful.Resource
Provides an endpoint for Lemur’s basic authentication. It takes a username and password combination and returns a JWT token.
This token token is required for each API request and must be provided in the Authorization Header for the request.
Authorization:Bearer <token>
Tokens have a set expiration date. You can inspect the token expiration by base64 decoding the token and inspecting it’s contents.
Note
It is recommended that the token expiration is fairly short lived (hours not days). This will largely depend on your uses cases but. It is important to not that there is currently no build in method to revoke a users token and force re-authentication.
-
endpoint
= 'login'¶
-
get
()¶
-
mediatypes
(resource_cls)¶
-
methods
= ['GET', 'POST']¶
-
post
()¶ -
POST
/auth/login
¶ Login with username:password
Example request:
POST /auth/login HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "username": "test", "password": "test" }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "token": "12343243243" }
Parameters: - username – username
- password – password
Status Codes: - 401 Unauthorized – invalid credentials
- 200 OK – no error
-
-
-
class
lemur.auth.views.
Ping
¶ Bases:
flask_restful.Resource
This class serves as an example of how one might implement an SSO provider for use with Lemur. In this example we use a OpenIDConnect authentication flow, that is essentially OAuth2 underneath. If you have an OAuth2 provider you want to use Lemur there would be two steps:
- Define your own class that inherits from
flask.ext.restful.Resource
and create the HTTP methods the provider uses for it’s callbacks. - Add or change the Lemur AngularJS Configuration to point to your new provider
-
endpoint
= 'ping'¶
-
mediatypes
(resource_cls)¶
-
methods
= ['POST']¶
-
post
()¶
- Define your own class that inherits from
Destinations¶
-
class
lemur.destinations.views.
CertificateDestinations
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘certificate/<int:certificate_id/destinations’’ endpoint
-
endpoint
= 'certificateDestinations'¶
-
get
(*args, **kwargs)¶ -
GET
/certificates/1/destinations
¶ The current account list for a given certificates
Example request:
GET /certificates/1/destinations HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "destinationOptions": [ { "name": "accountNumber", "required": true, "value": 111111111112, "helpMessage": "Must be a valid AWS account number!", "validation": "/^[0-9]{12,12}$/", "type": "int" } ], "pluginName": "aws-destination", "id": 3, "description": "test", "label": "test" } ], "total": 1 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.destinations.views.
Destinations
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
delete
(*args, **kw)¶
-
endpoint
= 'destination'¶
-
get
(*args, **kwargs)¶ -
GET
/destinations/1
¶ Get a specific account
Example request:
GET /destinations/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "destinationOptions": [ { "name": "accountNumber", "required": true, "value": 111111111112, "helpMessage": "Must be a valid AWS account number!", "validation": "/^[0-9]{12,12}$/", "type": "int" } ], "pluginName": "aws-destination", "id": 3, "description": "test", "label": "test" }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['DELETE', 'GET', 'PUT']¶
-
put
(*args, **kw)¶ -
PUT
/destinations/1
¶ Updates an account
Example request:
POST /destinations/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "destinationOptions": [ { "name": "accountNumber", "required": true, "value": 111111111112, "helpMessage": "Must be a valid AWS account number!", "validation": "/^[0-9]{12,12}$/", "type": "int" } ], "pluginName": "aws-destination", "id": 3, "description": "test", "label": "test" }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "destinationOptions": [ { "name": "accountNumber", "required": true, "value": 111111111112, "helpMessage": "Must be a valid AWS account number!", "validation": "/^[0-9]{12,12}$/", "type": "int" } ], "pluginName": "aws-destination", "id": 3, "description": "test", "label": "test" }
Parameters: - accountNumber – aws account number
- label – human readable account label
- description – some description about the account
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
-
class
lemur.destinations.views.
DestinationsList
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘destinations’ endpoint
-
endpoint
= 'destinations'¶
-
get
(*args, **kwargs)¶ -
GET
/destinations
¶ The current account list
Example request:
GET /destinations HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "destinationOptions": [ { "name": "accountNumber", "required": true, "value": 111111111112, "helpMessage": "Must be a valid AWS account number!", "validation": "/^[0-9]{12,12}$/", "type": "int" } ], "pluginName": "aws-destination", "id": 3, "description": "test", "label": "test" } ], "total": 1 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int. default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET', 'POST']¶
-
post
(*args, **kw)¶ -
POST
/destinations
¶ Creates a new account
Example request:
POST /destinations HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "destinationOptions": [ { "name": "accountNumber", "required": true, "value": 111111111112, "helpMessage": "Must be a valid AWS account number!", "validation": "/^[0-9]{12,12}$/", "type": "int" } ], "pluginName": "aws-destination", "id": 3, "description": "test", "label": "test" }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "destinationOptions": [ { "name": "accountNumber", "required": true, "value": 111111111112, "helpMessage": "Must be a valid AWS account number!", "validation": "/^[0-9]{12,12}$/", "type": "int" } ], "pluginName": "aws-destination", "id": 3, "description": "test", "label": "test" }
Parameters: - label – human readable account label
- description – some description about the account
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
Notifications¶
-
class
lemur.notifications.views.
CertificateNotifications
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘certificate/<int:certificate_id/notifications’’ endpoint
-
endpoint
= 'certificateNotifications'¶
-
get
(*args, **kwargs)¶ -
GET
/certificates/1/notifications
¶ The current account list for a given certificates
Example request:
GET /certificates/1/notifications HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "description": "An example", "notificationOptions": [ { "name": "interval", "required": true, "value": 555, "helpMessage": "Number of days to be alert before expiration.", "validation": "^\d+$", "type": "int" }, { "available": [ "days", "weeks", "months" ], "name": "unit", "required": true, "value": "weeks", "helpMessage": "Interval unit", "validation": "", "type": "select" }, { "name": "recipients", "required": true, "value": "kglisson@netflix.com,example@netflix.com", "helpMessage": "Comma delimited list of email addresses", "validation": "^([\w+-.%]+@[\w-.]+\.[A-Za-z]{2,4},?)+$", "type": "str" } ], "label": "example", "pluginName": "email-notification", "active": true, "id": 2 } ], "total": 1 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.notifications.views.
Notifications
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
delete
(notification_id)¶
-
endpoint
= 'notification'¶
-
get
(*args, **kwargs)¶ -
GET
/notifications/1
¶ Get a specific account
Example request:
GET /notifications/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "description": "a test", "notificationOptions": [ { "name": "interval", "required": true, "value": 5, "helpMessage": "Number of days to be alert before expiration.", "validation": "^\d+$", "type": "int" }, { "available": [ "days", "weeks", "months" ], "name": "unit", "required": true, "value": "weeks", "helpMessage": "Interval unit", "validation": "", "type": "select" }, { "name": "recipients", "required": true, "value": "kglisson@netflix.com,example@netflix.com", "helpMessage": "Comma delimited list of email addresses", "validation": "^([\w+-.%]+@[\w-.]+\.[A-Za-z]{2,4},?)+$", "type": "str" } ], "label": "test", "pluginName": "email-notification", "active": true, "id": 2 }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['DELETE', 'GET', 'PUT']¶
-
put
(*args, **kwargs)¶ -
PUT
/notifications/1
¶ Updates an account
Example request:
POST /notifications/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "accountNumber": 11111111111, "label": "labelChanged", "comments": "this is a thing" }
Parameters: - accountNumber – aws account number
- label – human readable account label
- comments – some description about the account
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
-
class
lemur.notifications.views.
NotificationsList
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘notifications’ endpoint
-
endpoint
= 'notifications'¶
-
get
(*args, **kwargs)¶ -
GET
/notifications
¶ The current account list
Example request:
GET /notifications HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "description": "An example", "notificationOptions": [ { "name": "interval", "required": true, "value": 5, "helpMessage": "Number of days to be alert before expiration.", "validation": "^\d+$", "type": "int" }, { "available": [ "days", "weeks", "months" ], "name": "unit", "required": true, "value": "weeks", "helpMessage": "Interval unit", "validation": "", "type": "select" }, { "name": "recipients", "required": true, "value": "kglisson@netflix.com,example@netflix.com", "helpMessage": "Comma delimited list of email addresses", "validation": "^([\w+-.%]+@[\w-.]+\.[A-Za-z]{2,4},?)+$", "type": "str" } ], "label": "example", "pluginName": "email-notification", "active": true, "id": 2 } ], "total": 1 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET', 'POST']¶
-
post
(*args, **kwargs)¶ -
POST
/notifications
¶ Creates a new account
Example request:
POST /notifications HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "description": "a test", "notificationOptions": [ { "name": "interval", "required": true, "value": 5, "helpMessage": "Number of days to be alert before expiration.", "validation": "^\d+$", "type": "int" }, { "available": [ "days", "weeks", "months" ], "name": "unit", "required": true, "value": "weeks", "helpMessage": "Interval unit", "validation": "", "type": "select" }, { "name": "recipients", "required": true, "value": "kglisson@netflix.com,example@netflix.com", "helpMessage": "Comma delimited list of email addresses", "validation": "^([\w+-.%]+@[\w-.]+\.[A-Za-z]{2,4},?)+$", "type": "str" } ], "label": "test", "pluginName": "email-notification", "active": true, "id": 2 }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "description": "a test", "notificationOptions": [ { "name": "interval", "required": true, "value": 5, "helpMessage": "Number of days to be alert before expiration.", "validation": "^\d+$", "type": "int" }, { "available": [ "days", "weeks", "months" ], "name": "unit", "required": true, "value": "weeks", "helpMessage": "Interval unit", "validation": "", "type": "select" }, { "name": "recipients", "required": true, "value": "kglisson@netflix.com,example@netflix.com", "helpMessage": "Comma delimited list of email addresses", "validation": "^([\w+-.%]+@[\w-.]+\.[A-Za-z]{2,4},?)+$", "type": "str" } ], "label": "test", "pluginName": "email-notification", "active": true, "id": 2 }
Parameters: - accountNumber – aws account number
- label – human readable account label
- comments – some description about the account
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
-
lemur.notifications.views.
notification
(value, name)¶ Validates a given notification exits :param value: :param name: :return:
-
lemur.notifications.views.
notification_list
(value, name)¶ Validates a given notification exists and returns a list :param value: :param name: :return:
Users¶
-
class
lemur.users.views.
CertificateUsers
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'certificateCreator'¶
-
get
(*args, **kwargs)¶ -
GET
/certificates/1/creator
¶ Get a certificate’s creator
Example request:
GET /certificates/1/creator HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "active": false, "email": "user1@example.com", "username": "user1", "profileImage": null }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.users.views.
Me
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'me'¶
-
get
(*args, **kwargs)¶ -
GET
/auth/me
¶ Get the currently authenticated user
Example request:
GET /auth/me HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "active": false, "email": "user1@example.com", "username": "user1", "profileImage": null }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.users.views.
RoleUsers
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'roleUsers'¶
-
get
(*args, **kwargs)¶ -
GET
/roles/1/users
¶ Get all users associated with a role
Example request:
GET /roles/1/users HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 2, "active": True, "email": "user2@example.com", "username": "user2", "profileImage": null }, { "id": 1, "active": False, "email": "user1@example.com", "username": "user1", "profileImage": null } ] "total": 2 }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.users.views.
Users
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'user'¶
-
get
(*args, **kwargs)¶ -
GET
/users/1
¶ Get a specific user
Example request:
GET /users/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "active": false, "email": "user1@example.com", "username": "user1", "profileImage": null }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET', 'PUT']¶
-
put
(*args, **kw)¶ -
PUT
/users/1
¶ Update a user
Example request:
PUT /users/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "username": "user1", "email": "user1@example.com", "active": false, "roles": [] }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "username": "user1", "email": "user1@example.com", "active": false, "profileImage": null }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
-
class
lemur.users.views.
UsersList
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘users’ endpoint
-
endpoint
= 'users'¶
-
get
(*args, **kwargs)¶ -
GET
/users
¶ The current user list
Example request:
GET /users HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 2, "active": True, "email": "user2@example.com", "username": "user2", "profileImage": null }, { "id": 1, "active": False, "email": "user1@example.com", "username": "user1", "profileImage": null } ] "total": 2 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET', 'POST']¶
-
post
(*args, **kw)¶ -
POST
/users
¶ Creates a new user
Example request:
POST /users HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "username": "user3", "email": "user3@example.com", "active": true, "roles": [] }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 3, "active": True, "email": "user3@example.com, "username": "user3", "profileImage": null }
Parameters: - username – username for new user
- email – email address for new user
- password – password for new user
- active – boolean, if the user is currently active
- roles – list, roles that the user should be apart of
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
-
lemur.users.views.
roles
(values)¶ Validate that the passed in roles exist.
Parameters: values – Returns: raise ValueError:
Roles¶
-
class
lemur.roles.views.
AuthorityRolesList
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘roles’ endpoint
-
endpoint
= 'authorityRoles'¶
-
get
(*args, **kwargs)¶ List of roles for a given authority
Example request:
GET /authorities/1/roles HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "role1", "description": "this is role1" }, { "id": 2, "name": "role2", "description": "this is role2" } ] "total": 2 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.roles.views.
RoleViewCredentials
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'roleCredentials`'¶
-
get
(role_id)¶ -
GET
/roles/1/credentials
¶ View a roles credentials
Example request:
GET /users/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "username: "ausername", "password": "apassword" }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.roles.views.
Roles
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
delete
(*args, **kw)¶ -
DELETE
/roles/1
¶ Delete a role
Example request:
DELETE /roles/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "message": "ok" }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
endpoint
= 'role'¶
-
get
(*args, **kwargs)¶ -
GET
/roles/1
¶ Get a particular role
Example request:
GET /roles/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "role1", "description": "this is role1" }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['DELETE', 'GET', 'PUT']¶
-
put
(*args, **kwargs)¶ -
PUT
/roles/1
¶ Update a role
Example request:
PUT /roles/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "name": "role1", "description": "This is a new description" }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "role1", "description": "this is a new description" }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
-
class
lemur.roles.views.
RolesList
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘roles’ endpoint
-
endpoint
= 'roles'¶
-
get
(*args, **kwargs)¶ -
GET
/roles
¶ The current role list
Example request:
GET /roles HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "role1", "description": "this is role1" }, { "id": 2, "name": "role2", "description": "this is role2" } ] "total": 2 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET', 'POST']¶
-
post
(*args, **kw)¶ -
POST
/roles
¶ Creates a new role
Example request:
POST /roles HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "name": "role3", "description": "this is role3", "username": null, "password": null, "users": [] }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 3, "description": "this is role3", "name": "role3" }
Parameters: - name – name for new role
- description – description for new role
- password – password for new role
- username – username for new role
- users – list, of users to associate with role
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
-
class
lemur.roles.views.
UserRolesList
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘roles’ endpoint
-
endpoint
= 'userRoles'¶
-
get
(*args, **kwargs)¶ -
GET
/users/1/roles
¶ List of roles for a given user
Example request:
GET /users/1/roles HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "role1", "description": "this is role1" }, { "id": 2, "name": "role2", "description": "this is role2" } ] "total": 2 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
Certificates¶
-
class
lemur.certificates.views.
CertificateExport
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'exportCertificate'¶
-
mediatypes
(resource_cls)¶
-
methods
= ['POST']¶
-
post
(certificate_id)¶ -
POST
/certificates/1/export
¶ Export a certificate
Example request:
PUT /certificates/1/export HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "export": { "plugin": { "pluginOptions": [{ "available": ["Java Key Store (JKS)"], "required": true, "type": "select", "name": "type", "helpMessage": "Choose the format you wish to export", "value": "Java Key Store (JKS)" }, { "required": false, "type": "str", "name": "passphrase", "validation": "^(?=.*[A-Za-z])(?=.*\d)(?=.*[$@$!%*#?&])[A-Za-z\d$@$!%*#?&]{8,}$", "helpMessage": "If no passphrase is given one will be generated for you, we highly recommend this. Minimum length is 8." }, { "required": false, "type": "str", "name": "alias", "helpMessage": "Enter the alias you wish to use for the keystore." }], "version": "unknown", "description": "Attempts to generate a JKS keystore or truststore", "title": "Java", "author": "Kevin Glisson", "type": "export", "slug": "java-export" } } }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "data": "base64encodedstring", "passphrase": "UAWOHW#&@_%!tnwmxh832025", "extension": "jks" }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
-
class
lemur.certificates.views.
CertificatePrivateKey
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'privateKeyCertificates'¶
-
get
(certificate_id)¶ -
GET
/certificates/1/key
¶ Retrieves the private key for a given certificate
Example request:
GET /certificates/1/key HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "key": "----Begin ...", }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.certificates.views.
Certificates
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'certificate'¶
-
get
(*args, **kwargs)¶ -
GET
/certificates/1
¶ One certificate
Example request:
GET /certificates/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "cert1", "description": "this is cert1", "bits": 2048, "deleted": false, "issuer": "ExampeInc.", "serial": "123450", "chain": "-----Begin ...", "body": "-----Begin ...", "san": true, "owner": "bob@example.com", "active": true, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39", "signingAlgorithm": "sha2", "cn": "example.com", "status": "unknown" }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET', 'PUT']¶
-
put
(*args, **kwargs)¶ -
PUT
/certificates/1
¶ Update a certificate
Example request:
PUT /certificates/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "owner": "jimbob@example.com", "active": false "notifications": [], "destinations": [], "replacements": [] }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "cert1", "description": "this is cert1", "bits": 2048, "deleted": false, "issuer": "ExampeInc.", "serial": "123450", "chain": "-----Begin ...", "body": "-----Begin ...", "san": true, "owner": "jimbob@example.com", "active": false, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39", "cn": "example.com", "status": "unknown", }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
-
class
lemur.certificates.views.
CertificatesList
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘certificates’ endpoint
-
endpoint
= 'certificates'¶
-
get
(*args, **kwargs)¶ -
GET
/certificates
¶ The current list of certificates
Example request:
GET /certificates HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "cert1", "description": "this is cert1", "bits": 2048, "deleted": false, "issuer": "ExampeInc.", "serial": "123450", "chain": "-----Begin ...", "body": "-----Begin ...", "san": true, "owner": 'bob@example.com", "active": true, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39", "cn": "example.com", "status": "unknown" } ] "total": 1 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int. default is 1
- filter – key value pair format is k;v
- limit – limit number. default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET', 'POST']¶
-
post
(*args, **kwargs)¶ -
POST
/certificates
¶ Creates a new certificate
Example request:
POST /certificates HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "country": "US", "state": "CA", "location": "A Place", "organization": "ExampleInc.", "organizationalUnit": "Operations", "owner": "bob@example.com", "description": "test", "selectedAuthority": "timetest2", "csr", "authority": { "body": "-----BEGIN...", "name": "timetest2", "chain": "", "notBefore": "2015-06-05T15:20:59", "active": true, "id": 50, "notAfter": "2015-06-17T15:21:08", "description": "dsfdsf" }, "notifications": [ { "description": "Default 30 day expiration notification", "notificationOptions": [ { "name": "interval", "required": true, "value": 30, "helpMessage": "Number of days to be alert before expiration.", "validation": "^\d+$", "type": "int" }, { "available": [ "days", "weeks", "months" ], "name": "unit", "required": true, "value": "days", "helpMessage": "Interval unit", "validation": "", "type": "select" }, { "name": "recipients", "required": true, "value": "bob@example.com", "helpMessage": "Comma delimited list of email addresses", "validation": "^([\w+-.%]+@[\w-.]+\.[A-Za-z]{2,4},?)+$", "type": "str" } ], "label": "DEFAULT_KGLISSON_30_DAY", "pluginName": "email-notification", "active": true, "id": 7 } ], "extensions": { "basicConstraints": {}, "keyUsage": { "isCritical": true, "useKeyEncipherment": true, "useDigitalSignature": true }, "extendedKeyUsage": { "isCritical": true, "useServerAuthentication": true }, "subjectKeyIdentifier": { "includeSKI": true }, "subAltNames": { "names": [] } }, "commonName": "test", "validityStart": "2015-06-05T07:00:00.000Z", "validityEnd": "2015-06-16T07:00:00.000Z", "replacements": [ {'id': 123} ] }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "cert1", "description": "this is cert1", "bits": 2048, "deleted": false, "issuer": "ExampeInc.", "serial": "123450", "chain": "-----Begin ...", "body": "-----Begin ...", "san": true, "owner": "jimbob@example.com", "active": false, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39", "cn": "example.com", "status": "unknown" }
Parameters: - extensions – extensions to be used in the certificate
- description – description for new certificate
- owner – owner email
- validityStart – when the certificate should start being valid
- validityEnd – when the certificate should expire
- authority – authority that should issue the certificate
- country – country for the CSR
- state – state for the CSR
- location – location for the CSR
- organization – organization for CSR
- commonName – certiifcate common name
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
-
class
lemur.certificates.views.
CertificatesReplacementsList
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'replacements'¶
-
get
(*args, **kwargs)¶ -
GET
/certificates/1/replacements
¶ One certificate
Example request:
GET /certificates/1/replacements HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript [{ "id": 1, "name": "cert1", "description": "this is cert1", "bits": 2048, "deleted": false, "issuer": "ExampeInc.", "serial": "123450", "chain": "-----Begin ...", "body": "-----Begin ...", "san": true, "owner": "bob@example.com", "active": true, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39", "signingAlgorithm": "sha2", "cn": "example.com", "status": "unknown" }]
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.certificates.views.
CertificatesStats
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘certificates’ stats endpoint
-
endpoint
= 'certificateStats'¶
-
get
()¶
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.certificates.views.
CertificatesUpload
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘certificates’ upload endpoint
-
endpoint
= 'certificateUpload'¶
-
mediatypes
(resource_cls)¶
-
methods
= ['POST']¶
-
post
(*args, **kwargs)¶ -
POST
/certificates/upload
¶ Upload a certificate
Example request:
POST /certificates/upload HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "owner": "joe@exmaple.com", "publicCert": "---Begin Public...", "intermediateCert": "---Begin Public...", "privateKey": "---Begin Private..." "destinations": [], "notifications": [], "replacements": [], "name": "cert1" }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "cert1", "description": "this is cert1", "bits": 2048, "deleted": false, "issuer": "ExampeInc.", "serial": "123450", "chain": "-----Begin ...", "body": "-----Begin ...", "san": true, "owner": "joe@example.com", "active": true, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39", "signingAlgorithm": "sha2" "cn": "example.com", "status": "unknown" }
Parameters: - owner – owner email for certificate
- publicCert – valid PEM public key for certificate
:arg intermediateCert valid PEM intermediate key for certificate :arg privateKey: valid PEM private key for certificate :arg destinations: list of aws destinations to upload the certificate to :reqheader Authorization: OAuth token to authenticate :statuscode 403: unauthenticated :statuscode 200: no error
-
-
-
class
lemur.certificates.views.
NotificationCertificatesList
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘certificates’ endpoint
-
endpoint
= 'notificationCertificates'¶
-
get
(*args, **kwargs)¶ -
GET
/notifications/1/certificates
¶ The current list of certificates for a given notification
Example request:
GET /notifications/1/certificates HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "cert1", "description": "this is cert1", "bits": 2048, "deleted": false, "issuer": "ExampeInc.", "serial": "123450", "chain": "-----Begin ...", "body": "-----Begin ...", "san": true, "owner": 'bob@example.com", "active": true, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39", "signingAlgorithm": "sha2", "cn": "example.com", "status": "unknown" } ] "total": 1 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
lemur.certificates.views.
check_sensitive_domains
(domains)¶ Determines if any certificates in the given certificate are marked as sensitive :param domains: :return:
-
lemur.certificates.views.
get_domains_from_options
(options)¶ Retrive all domains from certificate options :param options: :return:
-
lemur.certificates.views.
pem_str
(value, name)¶ Used to validate that the given string is a PEM formatted string
Parameters: - value –
- name –
Returns: raise ValueError:
-
lemur.certificates.views.
private_key_str
(value, name)¶ User to validate that a given string is a RSA private key
Parameters: - value –
- name –
Returns: raise ValueError:
Defends against invalid authorities
Parameters: authority_options – Returns: raise ValueError:
Authorities¶
Bases:
lemur.auth.service.AuthenticatedResource
One authority
Example request:
GET /authorities/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "authority1", "description": "this is authority1", "pluginName": null, "chain": "-----Begin ...", "body": "-----Begin ...", "active": true, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39" "options": null }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
Update a authority
Example request:
PUT /authorities/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "roles": [], "active": false, "owner": "bob@example.com", "description": "this is authority1" }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "authority1", "description": "this is authority1", "pluginName": null, "chain": "-----begin ...", "body": "-----begin ...", "active": false, "notBefore": "2015-06-05t17:09:39", "notAfter": "2015-06-10t17:09:39" "options": null }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘authorities’ endpoint
The current list of authorities
Example request:
GET /authorities HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "authority1", "description": "this is authority1", "pluginName": null, "chain": "-----Begin ...", "body": "-----Begin ...", "active": true, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39" "options": null } ] "total": 1 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair. format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
Note: this will only show certificates that the current user is authorized to use
Create an authority
Example request:
POST /authorities HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "caDN": { "country": "US", "state": "CA", "location": "A Location", "organization": "ExampleInc", "organizationalUnit": "Operations", "commonName": "a common name" }, "caType": "root", "caSigningAlgo": "sha256WithRSA", "caSensitivity": "medium", "keyType": "RSA2048", "pluginName": "cloudca", "validityStart": "2015-06-11T07:00:00.000Z", "validityEnd": "2015-06-13T07:00:00.000Z", "caName": "DoctestCA", "ownerEmail": "jimbob@example.com", "caDescription": "Example CA", "extensions": { "subAltNames": { "names": [] } }, }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "authority1", "description": "this is authority1", "pluginName": null, "chain": "-----Begin ...", "body": "-----Begin ...", "active": true, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39" "options": null }
Parameters: - caName – authority’s name
- caDescription – a sensible description about what the CA with be used for
- ownerEmail – the team or person who ‘owns’ this authority
- validityStart – when this authority should start issuing certificates
- validityEnd – when this authority should stop issuing certificates
- extensions – certificate extensions
- pluginName – name of the plugin to create the authority
- caType – the type of authority (root/subca)
- caParent – the parent authority if this is to be a subca
- caSigningAlgo – algorithm used to sign the authority
- keyType – key type
- caSensitivity – the sensitivity of the root key, for CloudCA this determines if the root keys are stored
in an HSM :arg caKeyName: name of the key to store in the HSM (CloudCA) :arg caSerialNumber: serial number of the authority :arg caFirstSerial: specifies the starting serial number for certificates issued off of this authority :reqheader Authorization: OAuth token to authenticate :statuscode 403: unauthenticated :statuscode 200: no error
Bases:
lemur.auth.service.AuthenticatedResource
One authority for given certificate
Example request:
GET /certificates/1/authority HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "authority1", "description": "this is authority1", "pluginName": null, "chain": "-----Begin ...", "body": "-----Begin ...", "active": true, "notBefore": "2015-06-05T17:09:39", "notAfter": "2015-06-10T17:09:39" "options": null }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
Domains¶
-
class
lemur.domains.views.
CertificateDomains
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘domains’ endpoint
-
endpoint
= 'certificateDomains'¶
-
get
(*args, **kwargs)¶ -
GET
/certificates/1/domains
¶ The current domain list
Example request:
GET /domains HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "www.example.com", "sensitive": false }, { "id": 2, "name": "www.example2.com", "sensitive": false } ] "total": 2 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET']¶
-
-
class
lemur.domains.views.
Domains
¶ Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'domain'¶
-
get
(*args, **kwargs)¶ -
GET
/domains/1
¶ Fetch one domain
Example request:
GET /domains HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "www.example.com", "sensitive": false }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET', 'PUT']¶
-
put
(*args, **kwargs)¶ -
GET
/domains/1
¶ update one domain
Example request:
GET /domains HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "name": "www.example.com", "sensitive": false }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "www.example.com", "sensitive": false }
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
-
class
lemur.domains.views.
DomainsList
¶ Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘domains’ endpoint
-
endpoint
= 'domains'¶
-
get
(*args, **kwargs)¶ -
GET
/domains
¶ The current domain list
Example request:
GET /domains HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "www.example.com", "sensitive": false }, { "id": 2, "name": "www.example2.com", "sensitive": false } ] "total": 2 }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number. default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-
mediatypes
(resource_cls)¶
-
methods
= ['GET', 'POST']¶
-
post
(*args, **kwargs)¶ -
POST
/domains
¶ The current domain list
Example request:
GET /domains HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "name": "www.example.com", "sensitive": false }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "www.example.com", "sensitive": false }
Query Parameters: - sortBy – field to sort on
- sortDir – acs or desc
- page – int default is 1
- filter – key value pair format is k;v
- limit – limit number default is 10
Request Headers: - Authorization – OAuth token to authenticate
Status Codes: - 200 OK – no error
- 403 Forbidden – unauthenticated
-
-