Documentation for PythonAPI
22.40.00py2

packetlogic2.pldb.user

This module contains functionality for managing users on the PacketLogic system.

Do NOT import this module directly. The PLConnection object should be used, e.g:

>>> import packetlogic2
>>> pl = packetlogic2.connect("192.168.1.25", "admin", "password")
>>> u = pl.Users()

Classes defined here:

  • User - Represents a user on the PacketLogic system
  • Users - This is the resource for manipulating users

User

Represents a user on the PacketLogic system.

Returned from Users.list and Users.add.

Methods:
Ungrouped add_pubkey(self, pubkey)
Add specified public ssh keys as valid authentication method for this user
remove(self)
Remove this user from the system
remove_pubkey(self, pubkey)
Remove specified public ssh keys as valid authentication method for this
update(self, name=None, password=None, readbm=None, writebm=None, survbm=None, flags=None, hosts=None, timeout=None)
Update an attribute of this user
Properties:
flags Bitmask of flags
hosts hosts user is allowed to connect from
id ID Number of the user
name Name of the user
pubkeys List of public ssh keys that can be used to authenticate user
readbm Bitmask of read permissions
survbm Bitmask of liveview permissions
timeout Inactivity timeout in seconds
writebm Bitmask of write permissions

add_pubkey(self, pubkey)

Add specified public ssh keys as valid authentication method for this user.

The key should be base64 encoded.

remove(self)

Remove this user from the system.

remove_pubkey(self, pubkey)

Remove specified public ssh keys as valid authentication method for this user.

update(self, name=None, password=None, readbm=None, writebm=None, survbm=None, flags=None, hosts=None, timeout=None)

Update an attribute of this user.

Omitting an argument or setting it to None will leave that attribute unchanged.

Parameters:
  • name (str) - Modify user's name (rename user).
  • password (str) - Modify user's password.
  • readbm (int) - Modify user's readbm.
  • writebm (int) - Modify user's writebm.
  • survbm (int) - Modify user's survbm.
  • flags (int) - Modify user's flags
  • hosts (list of str) - Modify user's host access list
  • timeout (int) - Modify user's timeout
Exceptions raised:
  • PLDUnsupportedInFirmware - If timeout is specified without firmware support.
  • timeout argument requires v14.1 firmware or newer.

flags

Bitmask of flags.

hosts

hosts user is allowed to connect from.

id

ID Number of the user.

name

Name of the user.

pubkeys

List of public ssh keys that can be used to authenticate user.

readbm

Bitmask of read permissions.

survbm

Bitmask of liveview permissions.

timeout

Inactivity timeout in seconds. 0 = no timeout.

writebm

Bitmask of write permissions.

Users

This is the resource for manipulating users.

Inherits from: Resource
Methods:
Users User add(self, name, password, readbm=0, writebm=0, survbm=0, flags=0, hosts=[], timeout=0)
Adds a new user to the system
list of User list(self)
Lists all users on the system
Ungrouped tuple auth(self, username, password, ipaddress)
Try to authenticate a user
Inherited from Resource close(self)
Immediately disconnects the resource
commit(self, message='PythonAPI commit')
Store the current transaction to the database
ping(self, string='')
Send a command to server to test if it is up
tuple of (str, int) protocol(self, protocol, strict=False)
Translate protocol name OR number to tuple with name AND number
dict of str:int and int:str protocols_dict(self)
Returns a dictionary with name:nr and nr:name items for IP protocols
rollback(self)
Abort the current transaction and discard the data
services_cmd(self, services=[], props=[])
Send services to pldbd
list of str services_list(self)
List all services
list of str services_prop_list(self)
List all properties
wait_for_commit(self, pinginterval=60)
Wait for new data to be committed on resource
list of str xfb_flags_list(self)
List all XFB (Transfer Behaviour) flags, that can be used in FlagObjects
Properties:
commitid The CommitID associated with this session

add(self, name, password, readbm=0, writebm=0, survbm=0, flags=0, hosts=[], timeout=0)

Adds a new user to the system.

Returns:
  • An User object representing the newly created user.
  • User
Parameters:
  • name (str) - The new user's name (rename user).
  • password (str) - The new user's password.
  • readbm (int) - The new user's resource bitmap for read access.
  • writebm (int) - The new user's resource bitmap for write access.
  • survbm (int) - The new user's resource bitmap for surveillance access.
  • flags (int) - The new user's flags
  • hosts (list of str) - The new user's host access list.
  • timeout (int) - The new user's inactivity timeout.
Exceptions raised:
  • PLDUnsupportedInFirmware - If timeout is specified without firmware support.
  • timeout argument requires v14.1 firmware or newer.

auth(self, username, password, ipaddress)

Try to authenticate a user.

The PacketLogic system will check if the the specified credentials matches a valid user. Note that this does NOT change current user or anything like that.

Returns:
  • A tuple of (status, survbm, readbm, writebm) of that user.
  • tuple
Exceptions raised:
  • PLDBError - If authentication fails.

close(self)

Immediately disconnects the resource.

After this method has been called this object becomes useless.

It may be used to force a disconnect when the garbage collector can't be trusted to do a timely disconnect.

commit(self, message='PythonAPI commit')

Store the current transaction to the database.

When you do this PacketLogic will reload the ruleset. This will take a lot of CPU resources from the system, try to do this in batches.

Observe that if you don't commit the changes you've made, no other resource (including the client) will see your changes.

Parameters:
  • message (str) - Message recorded in the commit log. Ignored in v12.1 and earlier.
  • message parameter is ignored in v12.1 firmware and earlier.

list(self)

Lists all users on the system

>>> u.list()
[<User 'admin' (#1)>, <User 'packetlogicd' (#2)>]
Returns:
  • A list of all users on the system, each user is represented by an User object.
  • list of User

ping(self, string='')

Send a command to server to test if it is up.

protocol(self, protocol, strict=False)

Translate protocol name OR number to tuple with name AND number. Can be used to e.g translate numerical protocol in connlog.search() result to protocol name.

An unknown protocol will be translated to e.g '#7' or -1, unless strict is set to True, in which case ValueError is raised for unknown protocols.

Returns:
  • Tuple with name and nr of specified protocol.
  • tuple of (str, int)
Parameters:
  • protocol (int, str or a ProtocolObject Item) - Name or number of an IP protocol
  • strict (bool) - If True, ValueError is raised for an unknown protocol, if False (default), an unknown protocol translates to number -1 or name '#7' (where 7 is the supplied unknown protocol number).

protocols_dict(self)

Returns a dictionary with name:nr and nr:name items for IP protocols. Can be used to e.g translate numerical protocol in connlog.search() result to protocol name.

Returns:
  • Dict with name:nr and nr:name items for IP protocols.
  • dict of str:int and int:str

rollback(self)

Abort the current transaction and discard the data.

This will also automatically happen if your connection drops or that you exit the program without commit.

Exceptions raised:
  • resource.PLDBError - If the rollback command failed.

services_cmd(self, services=[], props=[])

Send services to pldbd

Sets stringtable for services and properties. Do NOT use this unless you know exactly what you are doing.

Parameters:
  • services (list of str) - List of services
  • props (list of str) - List of service properties

services_list(self)

List all services

Returns:
  • List of services
  • list of str

services_prop_list(self)

List all properties.

Returns:
  • List of service properties
  • list of str

wait_for_commit(self, pinginterval=60)

Wait for new data to be committed on resource.

This method returns as soon as the server signals that another client has committed new data to the resource. It also periodically tests the connection to the server. If connection is broken (or any other error happens) an exception is raised.

Parameters:
  • pinginterval (int) - Interval used to check if connection still is alive.

xfb_flags_list(self)

List all XFB (Transfer Behaviour) flags, that can be used in FlagObjects.

Returns:
  • List of XFB flags
  • list of str

commitid

The CommitID associated with this session. (14.0 or newer only)