1.2.7.1 AuthAdmin Object

The AuthAdmin object is aliased as web.auth.admin and should be used as web.auth.admin.

class AuthAdmin( driver, [autoCreate=0], [encryption=None], [**driverParams])

Auth Manager for creating modifying and removing users and applications.

driver: The type of driver being used. Currently only 'database' is allowed
autoCreate: If set to True the necessary tables will be created (removing any existing tables) if any of the tables are missing and a user named john with a password bananas will be set up with an access level of 1 to the application app. This is designed for easy testing of the module.
encryption: The encryption method used to encrypt the password. Can be None or 'md5'. Warning you cannot change the encryption method once a user is added without resetting the password.
**driverParams: Any parameters to be specified in the format name=value which are needed by the driver specified by driver

autoCreated: Will be True if the tables and user were autoCreated, False otherwise.

completeAuthEnvironment( ): Returns True if the environment is correctly setup, False otherwise. In the case of the database driver this method simply checks that all the necessary tables exist.

createAuthEnvironment( ): Creates the necessary environment. In the case of the database driver this method creates all the required tables. If any of the tables already exist an AuthError is raised.

removeAuthEnvironment( [ignoreErrors=False]): Removes the environment. In the case of the database driver this method drops all the tables. If any of the tables are not present an AuthError is raised unless ignoreErrors is True

appExists( app): Return True if there is an application named app, False otherwise.

removeApp( app,[force=0]): Remove the application named app. If force=1, the application is removed even if access levels or roles are specified for users using the application.

users( [group=[]], [active=None], [app=None], [role=None]): Return a list of usernames.

userExists( username): Returns True if there is a user with the username username, False otherwise.

addUser( username, password[,firstname=''][,surname=''][email=''], [active=1], [group=None]): Adds a user with the username username and password password to the system. You can optionally also specify the firstname, surname and email address of the user. You can choose a group for the user and whether or not the user is active. If encryption is used the password is encrypted.

levels( username, [app=None]): Returns the access level of the user username for the application named app. If app is not specified or None, a dictionary of application name, access level pairs is returned.

setLevel( username, app, level): Sets the access level of the user username for the application named app to level.

roles( [username=None], [app=None]): Returns the roles based on the options specified. If username and app are not specified, the available roles are returned as a sequence. If username is specified, a dictionary of application namd role pairs are returned for that user, if username and app are both specified, the roles for the particular user and application are returned.

roleExists( role): Returns True if there is a role named role, False otherwise.

addRole( role): Adds the new role role to the database. If it already exists an AuthError is raised.

removeRole( role, [force=0]): Remove the role named role. If force=1, the role is removed even if it is being used by any users.

setRole( username, app, role): Give the role role to the user username for the application app

setRole( username, app, role): Remove the role role from the user username for the application app

groupExists( group): Returns True if there is a group named group, False otherwise. None is a valid group since a user can have no group.

addGroup( group): Adds the new group group to the database. If it already exists an AuthError is raised.

removeGroup( group, [force=0]): Remove the group named group. If force=1, the group is removed even if it is being used by any users.