cm_api.endpoints.users

1 # Licensed to Cloudera, Inc. under one 2 # or more contributor license agreements. See the NOTICE file 3 # distributed with this work for additional information 4 # regarding copyright ownership. Cloudera, Inc. licenses this file 5 # to you under the Apache License, Version 2.0 (the 6 # "License"); you may not use this file except in compliance 7 # with the License. You may obtain a copy of the License at 8 # 9 # http://www.apache.org/licenses/LICENSE-2.0 10 # 11 # Unless required by applicable law or agreed to in writing, software 12 # distributed under the License is distributed on an "AS IS" BASIS, 13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 # See the License for the specific language governing permissions and 15 # limitations under the License. 16 17 from cm_api.endpoints.types import * 18 19 USERS_PATH = "/users" 20

21 -def get_all_users(resource_root, view=None):

22 """ 23 Get all users. 24 25 @param resource_root: The root Resource object 26 @param view: View to materialize ('full' or 'summary'). 27 @return: A list of ApiUser objects. 28 """ 29 return call(resource_root.get, USERS_PATH, ApiUser, True, 30 params=view and dict(view=view) or None)

31

32 -def get_user(resource_root, username):

33 """ 34 Look up a user by username. 35 36 @param resource_root: The root Resource object 37 @param username: Username to look up 38 @return: An ApiUser object 39 """ 40 return call(resource_root.get, 41 '%s/%s' % (USERS_PATH, username), ApiUser)

42

43 -def create_user(resource_root, username, password, roles):

44 """ 45 Create a user. 46 47 @param resource_root: The root Resource object 48 @param username: Username 49 @param password: Password 50 @param roles: List of roles for the user. This should be [] or ['ROLE_USER'] 51 for a regular user, ['ROLE_ADMIN'] for an admin, or 52 ['ROLE_LIMITED'] for a limited admin. 53 @return: An ApiUser object 54 """ 55 apiuser = ApiUser(resource_root, username, password=password, roles=roles) 56 return call(resource_root.post, USERS_PATH, ApiUser, True, 57 data=[apiuser])[0]

58

59 -def delete_user(resource_root, username):

60 """ 61 Delete user by username. 62 63 @param resource_root: The root Resource object 64 @param username: Username 65 @return: An ApiUser object 66 """ 67 return call(resource_root.delete, 68 '%s/%s' % (USERS_PATH, username), ApiUser)

69

70 -def update_user(resource_root, user):

71 """ 72 Update a user. 73 74 Replaces the user's details with those provided. 75 76 @param resource_root: The root Resource object 77 @param user: An ApiUser object 78 @return: An ApiUser object 79 """ 80 return call(resource_root.put, 81 '%s/%s' % (USERS_PATH, user.name), ApiUser, data=user)

82

83 -class ApiUser(BaseApiResource):

84 _ATTRIBUTES = { 85 'name' : None, 86 'password' : None, 87 'roles' : None, 88 } 89

90 - def __init__(self, resource_root, name=None, password=None, roles=None):

91 BaseApiObject.init(self, resource_root, locals())

92

93 - def _path(self):

94 return '%s/%s' % (USERS_PATH, self.name)

95

96 - def grant_admin_role(self):

97 """ 98 Grant admin access to a user. If the user already has admin access, this 99 does nothing. If the user currently has a non-admin role, it will be replaced 100 with the admin role. 101 102 @return: An ApiUser object 103 """ 104 apiuser = ApiUser(self._get_resource_root(), self.name, roles=['ROLE_ADMIN']) 105 return self._put('', ApiUser, data=apiuser)

106

107 - def revoke_admin_role(self):

108 """ 109 Revoke admin access from a user. If the user does not have admin access, 110 this does nothing. After revocation, the user will have the un-privileged 111 regular user role. 112 113 @return: An ApiUser object 114 """ 115 apiuser = ApiUser(self._get_resource_root(), self.name, roles=[]) 116 return self._put('', ApiUser, data=apiuser)

117

Source Code for Module cm_api.endpoints.users