roles Package¶
models
Module¶
-
class
lemur.roles.models.
Role
(**kwargs) Bases:
sqlalchemy.ext.declarative.api.Model
-
authorities
-
authority
-
authority_id
-
certificate
-
certificates
-
description
-
id
-
name
-
password
-
pending_cert
-
pending_certificates
-
sensitive_fields
= ('password',)
-
third_party
-
user
-
user_id
-
username
-
users
-
service
Module¶
-
lemur.roles.service.
create
(name, password=None, description=None, username=None, users=None, third_party=False) Create a new role
- Parameters
name –
users –
description –
username –
password –
- Returns
-
lemur.roles.service.
delete
(role_id) Remove a role
- Parameters
role_id –
- Returns
-
lemur.roles.service.
get
(role_id) Retrieve a role by ID
- Parameters
role_id –
- Returns
-
lemur.roles.service.
get_by_name
(role_name) Retrieve a role by its name
- Parameters
role_name –
- Returns
-
lemur.roles.service.
get_or_create
(role_name, description)
-
lemur.roles.service.
render
(args) Helper that filters subsets of roles depending on the parameters passed to the REST Api
- Parameters
args –
- Returns
-
lemur.roles.service.
set_third_party
(role_id, third_party_status=False) Sets a role to be a third party role. A user should pretty much never call this directly.
- Parameters
role_id –
third_party_status –
- Returns
-
lemur.roles.service.
update
(role_id, name, description, users) Update a role
- Parameters
role_id –
name –
description –
users –
- Returns
views
Module¶
-
class
lemur.roles.views.
AuthorityRolesList
Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘roles’ endpoint
-
endpoint
= 'authorityRoles'
-
get
(authority_id) List of roles for a given authority
Example request:
GET /authorities/1/roles HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "role1", "description": "this is role1" }, { "id": 2, "name": "role2", "description": "this is role2" } ] "total": 2 }
- Query Parameters
sortBy – field to sort on
sortDir – asc or desc
page – int default is 1
filter – key value pair format is k;v
count – count number default is 10
- Request Headers
Authorization – OAuth token to authenticate
- Status Codes
200 OK – no error
-
mediatypes
()
-
methods
= {'GET'} A list of methods this view can handle.
-
-
class
lemur.roles.views.
RoleViewCredentials
Bases:
lemur.auth.service.AuthenticatedResource
-
endpoint
= 'roleCredentials`'
-
get
(role_id) -
GET
/roles/1/credentials
¶ View a roles credentials
Example request:
GET /users/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "username": "ausername", "password": "apassword" }
- Request Headers
Authorization – OAuth token to authenticate
- Status Codes
200 OK – no error
403 Forbidden – unauthenticated
-
-
mediatypes
()
-
methods
= {'GET'} A list of methods this view can handle.
-
-
class
lemur.roles.views.
Roles
Bases:
lemur.auth.service.AuthenticatedResource
-
delete
(role_id) -
DELETE
/roles/1
¶ Delete a role
Example request:
DELETE /roles/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "message": "ok" }
- Request Headers
Authorization – OAuth token to authenticate
- Status Codes
200 OK – no error
403 Forbidden – unauthenticated
-
-
endpoint
= 'role'
-
get
(role_id) -
GET
/roles/1
¶ Get a particular role
Example request:
GET /roles/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "role1", "description": "this is role1" }
- Request Headers
Authorization – OAuth token to authenticate
- Status Codes
200 OK – no error
403 Forbidden – unauthenticated
-
-
mediatypes
()
-
methods
= {'DELETE', 'GET', 'PUT'} A list of methods this view can handle.
-
put
(role_id, data=None) -
PUT
/roles/1
¶ Update a role
Example request:
PUT /roles/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript Content-Type: application/json;charset=UTF-8 { "name": "role1", "description": "This is a new description" }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "role1", "description": "this is a new description" }
- Request Headers
Authorization – OAuth token to authenticate
- Status Codes
200 OK – no error
403 Forbidden – unauthenticated
-
-
-
class
lemur.roles.views.
RolesList
Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘roles’ endpoint
-
endpoint
= 'roles'
-
get
() -
GET
/roles
¶ The current role list
Example request:
GET /roles HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "role1", "description": "this is role1" }, { "id": 2, "name": "role2", "description": "this is role2" } ] "total": 2 }
- Query Parameters
sortBy – field to sort on
sortDir – asc or desc
page – int default is 1
filter – key value pair format is k;v
count – count number default is 10
- Request Headers
Authorization – OAuth token to authenticate
- Status Codes
200 OK – no error
403 Forbidden – unauthenticated
-
-
mediatypes
()
-
methods
= {'GET', 'POST'} A list of methods this view can handle.
-
post
(data=None) -
POST
/roles
¶ Creates a new role
Example request:
POST /roles HTTP/1.1 Host: example.com Accept: application/json, text/javascript Content-Type: application/json;charset=UTF-8 { "name": "role3", "description": "this is role3", "username": null, "password": null, "users": [ {"id": 1} ] }
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 3, "description": "this is role3", "name": "role3" }
- Parameters
name – name for new role
description – description for new role
password – password for new role
username – username for new role
users – list, of users to associate with role
- Request Headers
Authorization – OAuth token to authenticate
- Status Codes
200 OK – no error
403 Forbidden – unauthenticated
-
-
-
class
lemur.roles.views.
UserRolesList
Bases:
lemur.auth.service.AuthenticatedResource
Defines the ‘roles’ endpoint
-
endpoint
= 'userRoles'
-
get
(user_id) -
GET
/users/1/roles
¶ List of roles for a given user
Example request:
GET /users/1/roles HTTP/1.1 Host: example.com Accept: application/json, text/javascript
Example response:
HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 1, "name": "role1", "description": "this is role1" }, { "id": 2, "name": "role2", "description": "this is role2" } ] "total": 2 }
- Query Parameters
sortBy – field to sort on
sortDir – asc or desc
page – int default is 1
filter – key value pair format is k;v
count – count number default is 10
- Request Headers
Authorization – OAuth token to authenticate
- Status Codes
200 OK – no error
-
-
mediatypes
()
-
methods
= {'GET'} A list of methods this view can handle.
-