atoti_plus.user_service_client.user_service_client module#
- class atoti_plus.UserServiceClient#
Manage the parts of the security config that can be changed without restarting the
Session.The roles and restrictions are stored in the
user content storage. Multiple sessions configured with the same user content storage will thus share this part of the security config.- property basic: BasicSecurity#
- create_role(name, *, restrictions={})#
Create a role with the given restrictions.
There are special roles which cannot be redefined:
ROLE_USER: required to access the application
ROLE_ADMIN: gives full access (read, write, delete, etc) to the application
- Return type
- classmethod from_session(session, /)#
Create a service able to authenticate against session.
- Return type
- classmethod from_url(url, /, *, auth=None, certificate_authority=None, client_certificate=None)#
Create a service from a URL.
- Parameters
auth (Optional[Auth]) – To authenticate against the session. It must grant the ROLE_ADMIN role. If
None, a client_certificate must be passed instead.certificate_authority (Optional[Path]) – Custom certificate authority to use to verify the HTTPS connection.
client_certificate (Optional[ClientCertificate]) – Required to authenticate against the session if auth was
None.
- Return type
- property individual_roles: IndividualRoles#
- property kerberos: KerberosSecurity#
- property ldap: LdapSecurity#
- property oidc: OidcSecurity#