`rasenmaeher_api.db.people`

Abstractions for people

Module Contents

Classes

`Person`	People, pk is UUID and comes from basemodel
`Role`	Give a person a role

Functions

`post_user_crud`(userinfo, endpoint_suffix)	Wrapper to be more DRY in the basic CRUD things
`user_created`(person)	New user was created
`user_revoked`(person)	Old user was revoked
`user_promoted`(person)	Old user was promoted to admin (granted role 'admin')
`user_demoted`(person)	Old user was demoted from admin (removed role 'admin')

Attributes

LOGGER

LOGGER[source]

class Person[source]

Bases: rasenmaeher_api.db.base.ORMBaseModel

People, pk is UUID and comes from basemodel

NOTE: at some point we want to stop keeping track of people in our own db and only use keycloack as the store for actual users. In any case we need a nice pythonic abstraction layer so implement any queries you need to add as helpers here.

property productapidata: libpvarki.schemas.product.UserCRUDRequest[source]

Return a model that is usable with the product integration APIs

Return type:: libpvarki.schemas.product.UserCRUDRequest

property certsubject: Dict[str, str][source]

Return the dict that gets set to cert DN

Return type:: Dict[str, str]

property privkeyfile: pathlib.Path[source]

Path to the private key

Return type:: pathlib.Path

property pfxfile: pathlib.Path[source]

Return a PKCS12 PFX file

Return type:: pathlib.Path

property certfile: pathlib.Path[source]

Path to the public cert

Return type:: pathlib.Path

property csrfile: pathlib.Path[source]

Path to the CSR file

Return type:: pathlib.Path

property pubkeyfile: pathlib.Path[source]

Path to the public key

Return type:: pathlib.Path

__tablename__ = 'users'[source]

callsign[source]

certspath[source]

extra[source]

revoke_reason[source]

async classmethod by_pk_or_callsign(inval, allow_deleted=False)[source]

Get person by pk or by callsign

Parameters:

inval (Union[str, uuid.UUID])
allow_deleted (bool)

Return type:

Person

async classmethod create_with_cert(callsign, extra=None)[source]

Create the cert etc and save the person

Parameters:

callsign (str)
extra (Optional[Dict[str, Any]])

Return type:

Person

async create_pfx()[source]

Put cert and key to PKCS12 container

Return type:: pathlib.Path

async revoke(reason)[source]

Revokes the cert with given reason and makes user deleted see validate_reason for info on reasons

Parameters:: reason (rasenmaeher_api.cfssl.private.ReasonTypes)
Return type:: bool

async delete()[source]

Revoke the cert on delete

Return type:: bool

async classmethod list(include_deleted=False)[source]

List people

Parameters:: include_deleted (bool)
Return type:: AsyncGenerator[Person, None]

async classmethod by_role(role)[source]

List people that have given role, if role is None list all people

Parameters:: role (str)
Return type:: AsyncGenerator[Person, None]

async classmethod by_callsign(callsign, allow_deleted=False)[source]

Get by callsign

Parameters:

callsign (str)
allow_deleted (bool)

Return type:

Self

async classmethod is_callsign_available(callsign)[source]

Is callsign available

Parameters:: callsign (str)
Return type:: bool

async classmethod by_mtlsjwt_payload(payload, allow_deleted=False)[source]

Get by MTLSorJWTMiddleWare payload

Parameters:

payload (rasenmaeher_api.web.api.middleware.datatypes.MTLSorJWTPayload)
allow_deleted (bool)

Return type:

Self

get_cert_pem()[source]

Read the cert from under certspath and return the PEM

Return type:: bytes

get_cert_pfx()[source]

Read the cert and private key from under certspath and return the PFX container

Return type:: bytes

async _get_role(role)[source]

Internal helper for DRY

Parameters:: role (str)
Return type:: Optional[Role]

async has_role(role)[source]

Check if this user has given role

Parameters:: role (str)
Return type:: bool

async assign_role(role)[source]

Assign a role, return true if role was created, false if it already existed

Parameters:: role (str)
Return type:: bool

async remove_role(role)[source]

Remove a role, return true if role was removed, false if it wasn’t assigned

Parameters:: role (str)
Return type:: bool

async roles_set()[source]

Shorthand

Return type:: Set[str]

async roles()[source]

Roles of this person

Return type:: AsyncGenerator[str, None]

class Role[source]

Bases: rasenmaeher_api.db.base.DBModel

Give a person a role

__tablename__ = 'roles'[source]

__table_args__[source]

pk[source]

created[source]

updated[source]

user[source]

role[source]

_idx[source]

async post_user_crud(userinfo, endpoint_suffix)[source]

Wrapper to be more DRY in the basic CRUD things

Parameters:

userinfo (libpvarki.schemas.product.UserCRUDRequest)
endpoint_suffix (str)

Return type:

None

async user_created(person)[source]

New user was created

Parameters:: person (Person)
Return type:: None

async user_revoked(person)[source]

Old user was revoked

Parameters:: person (Person)
Return type:: None

async user_promoted(person)[source]

Old user was promoted to admin (granted role ‘admin’)

Parameters:: person (Person)
Return type:: None

async user_demoted(person)[source]

Old user was demoted from admin (removed role ‘admin’)

Parameters:: person (Person)
Return type:: None

rasenmaeher_api.db.people

Module Contents

Classes

Functions

Attributes

`rasenmaeher_api.db.people`