linotp.controllers.realms module¶

class linotp.controllers.realms.RealmsController(name, install_name='', **kwargs)¶

Bases: BaseController

The linotp.controllers are the implementation of the web-API to talk to the LinOTP server. The RealmController is used for creating, deleting and modifying realms.

The following is the type definition of a Realm:

{
    "name": string,
    "entry": string,
    "userIdResolvers": [string],
    "default": boolean,
    "admin": boolean,
}

after_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.AfterRequestCallable]]¶

A data structure of functions to call at the end of each request, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the after_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

before_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.BeforeRequestCallable]]¶

A data structure of functions to call at the beginning of each request, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the before_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

deferred_functions: t.List[DeferredSetupFunction]¶

error_handler_spec: t.Dict[ft.AppOrBlueprintKey, t.Dict[t.Optional[int], t.Dict[t.Type[Exception], ft.ErrorHandlerCallable]]]¶

A data structure of registered error handlers, in the format {scope: {code: {class: handler}}}. The scope key is the name of a blueprint the handlers are active for, or None for all requests. The code key is the HTTP status code for HTTPException, or None for other exceptions. The innermost dictionary maps exception classes to handler functions.

To register an error handler, use the errorhandler() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

get_realms()¶

Method: GET /api/v2/realms

Return the list of all realms visible to the logged-in administrator.

Visible realms are determined as follows:

If the admin has the permission for scope=system, action=read, all realms are visible.
If the admin has the permission scope=admin for a realm , that realm will be visible.

Returns:

a JSON-RPC response with result in the following format:

{
    "status": boolean,
    "value": [ Realm ]
}

Raises:

PolicyException – if the logged-in admin does not have the correct permissions to list realms, the exception message is serialized and returned. The response has status code 403.
Exception – if any other error occurs the exception message is serialized and returned. The response has status code 500.

get_users(realm_name: str)¶

Method: GET /api/v2/realms/<realmName>/users

Display the list of the users in a given realm, provided the users of the realm are visible to the logged-in administrator.

Visible users are determined as follows:

If the administrator has the permission for scope=admin, action=userlist, for a realm, users in that realm are visible. This is the case no matter how the permission is defined: either by explicitly naming a realm, by setting all realms via a wildcard (realm=”*”), or by implicitly giving permissions for everything in the admin scope by not setting any admin scope policies.

Parameters:

<searchexpr> (str, optional) – limit results to those matching the searchexpr. Will be retrieved from the UserIdResolverClass. Example: username=Alice.
searchTerm (str, optional) – limit results to those matching the searchTerm in at least one searchable field. Supports * as a wildcard operator.
rp (int, optional) – limit the number of returned users, defaults to 16 if page is given.
page (int, optional) – request a certain page, defaults to 0 if rp is given.

Returns:

a JSON-RPC response with result in the following format:

{
    "status": boolean,
    "value": [ User ]
}

Raises:

PolicyException – if the logged-in admin does not have the correct permissions to list users in the given realm, the exception message is serialized and returned. The response has status code 403.
Exception – if any other error occurs the exception message is serialized and returned. The response has status code 500.

name: str¶

teardown_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.TeardownCallable]]¶

A data structure of functions to call at the end of each request even if an exception is raised, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the teardown_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

template_context_processors: t.Dict[ft.AppOrBlueprintKey, t.List[ft.TemplateContextProcessorCallable]]¶

A data structure of functions to call to pass extra context values when rendering templates, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the context_processor() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

url_default_functions: t.Dict[ft.AppOrBlueprintKey, t.List[ft.URLDefaultCallable]]¶

A data structure of functions to call to modify the keyword arguments when generating URLs, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the url_defaults() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

url_value_preprocessors: t.Dict[ft.AppOrBlueprintKey, t.List[ft.URLValuePreprocessorCallable]]¶

A data structure of functions to call to modify the keyword arguments passed to the view function, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the url_value_preprocessor() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

view_functions: t.Dict[str, t.Callable]¶

A dictionary mapping endpoint names to view functions.

To register a view function, use the route() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

linotp.controllers.realms module¶

Table of Contents

Previous topic

Next topic

This Page