class AccessManager(AccessableContainer): (source)
Main access-management mixin for users, roles, and local permissions.
| Method | del |
Remove a local user assignment from a node. |
| Method | del |
Delete a user and all of its configured assignments. |
| Method | del |
Remove a stored user configuration entry. |
| Method | find |
Return the normalized user record for a given user id. |
| Method | get |
Return the localized display name for a role. |
| Method | get |
Return searchable attributes supported by the current user folder. |
| Method | get |
Return configured security-role definitions relevant for this home context. |
| Method | get |
Return configured security-user definitions for this home context. |
| Method | get |
Return the plugin responsible for creating and deleting users. |
| Method | get |
Retrieve a stored or derived user attribute. |
| Method | get |
Return user-defined roles from both the home object and the current object. |
| Method | get |
Return the active user folder, creating a default one if necessary. |
| Method | get |
Query user-folder backends and return normalized user records. |
| Method | init |
Initialize built-in role definitions and synchronize public access. |
| Method | manage_role |
Create, update, or delete role definitions and role-node bindings. |
| Method | manage_user |
Create, update, delete, import, export, or invite managed users. |
| Method | purge |
Remove stale local user assignments from a subtree. |
| Method | search |
Search the underlying user folder for matching users. |
| Method | set |
Assign a local user definition to a node and set local roles. |
| Method | set |
Persist a user attribute in the central security configuration. |
| Method | toggle |
Apply or remove local roles depending on the user's active state. |
| Class Variable | manage |
Undocumented |
| Class Variable | manage |
Undocumented |
Inherited from AccessableContainer:
| Method | grant |
Grant anonymous and authenticated public access for this container. |
| Method | revoke |
Revoke public access and restore restricted permission handling. |
| Method | synchronize |
Synchronize local role permission settings for this container. |
Inherited from AccessableObject (via AccessableContainer):
| Method | get |
Resolve effective language permissions for a user on this object. |
| Method | get |
Resolve effective user roles for this object. |
| Method | get |
Return all users with effective roles and languages on this object. |
| Method | has |
Check whether the authenticated user can view this object. |
| Method | has |
Return whether public access is effectively allowed for this object. |
| Method | has |
Return whether this object is explicitly marked as restricted. |
| Method | manage |
Update properties of the currently authenticated user. |
| Method | synchronize |
Synchronize public-access permissions with the current restriction flags. |
| Method | zmi |
Preprocess ZMI page requests and enforce access restrictions. |
| Class Variable | manage_user |
Undocumented |
Return the normalized user record for a given user id.
| Parameters | |
| name:str | User id or login name |
| Returns | |
| dict | User record or None |
Return configured security-user definitions for this home context.
| Parameters | |
| acquired:bool | Include acquired users from parent homes |
| Returns | |
| dict | User definition mapping |
Retrieve a stored or derived user attribute.
| Parameters | |
| user | User reference |
| name:str | Attribute name |
| default | Default value if attribute is missing |
| Returns | |
| Attribute value or full user definition | |
Query user-folder backends and return normalized user records.
| Parameters | |
| search | Search string |
| search | Optional backend-specific search attribute |
| without | Whether to skip local-role checks for simple folders |
| exact | Whether to return a single exact-match record |
| Returns | |
| Normalized user record or table data depending on exact_match | |
Create, update, or delete role definitions and role-node bindings.
| Parameters | |
| btn:str | Action button id |
| key:str | Edited object type selector |
| lang:str | UI language id |
| REQUEST | Zope request object |
| RESPONSE | Optional Zope response object |
Create, update, delete, import, export, or invite managed users.
| Parameters | |
| btn:str | Action button id |
| key:str | Edited object type selector |
| lang:str | UI language id |
| REQUEST | Zope request object |
| RESPONSE | Optional Zope response object |
Remove stale local user assignments from a subtree.
| Parameters | |
| ob | Start object for traversal |
| valid | Cache of known valid user ids |
| invalid | Cache of known invalid user ids |
| Returns | |
| str | HTML status report |
Search the underlying user folder for matching users.
| Parameters | |
| search | Search string |
| Returns | |
| list | Matching user ids or logins |
Assign a local user definition to a node and set local roles.
| Parameters | |
| id:str | User id |
| node:str | Node reference path |
| roles:list | Role ids |
| langs:list | Language ids |
Persist a user attribute in the central security configuration.
| Parameters | |
| user | User reference |
| name:str | Attribute name |
| value | Attribute value |