magpie.api.management.user

Submodules

Attributes

LOGGER

Classes

UserFactory

Used to build base Access Control List (ACL) of the request user.

Functions

get_logger(→ logging.Logger)

Immediately sets the logger level to avoid duplicate log outputs from the root logger and this logger when

includeme(config)

Package Contents

class magpie.api.management.user.UserFactory(request: pyramid.request.Request)[source]

Bases: RootFactory

Used to build base Access Control List (ACL) of the request user.

All API and UI routes will employ this set of effective principals to determine if the user is authorized to access the pyramid view according to the permission value it was configured with.

Note

Keep in mind that Magpie is configured with default permission magpie.constants.MAGPIE_ADMIN_PERMISSION. Views that require more permissive authorization must be overridden with permission argument.

See also

path_user = None
__getitem__(user_name: magpie.typedefs.Str) UserFactory[source]
property __acl__: magpie.typedefs.AccessControlListType

Grant access to Request User according to its relationship to Context User.

If it is the same user (either from explicit name or by magpie.constants.MAGPIE_LOGGED_USER reserved keyword), allow magpie.constants.MAGPIE_LOGGED_PERMISSION for itself to access corresponding views.

If request user is unauthenticated (None), magpie.constants.MAGPIE_LOGGED_USER or itself, also grant magpie.constants.MAGPIE_CONTEXT_PERMISSION to allow access to contextually-available details (e.g.: user can view his own information and public ones).

All ACL permissions from RootFactory are applied on top of user-specific permissions added here.

magpie.api.management.user.get_logger(name: magpie.typedefs.Str, level: int | None = None, force_stdout: bool = None, message_format: magpie.typedefs.Str | None = None, datetime_format: magpie.typedefs.Str | None = None) logging.Logger[source]

Immediately sets the logger level to avoid duplicate log outputs from the root logger and this logger when level is logging.NOTSET.

magpie.api.management.user.LOGGER[source]
magpie.api.management.user.includeme(config)[source]