22.40.00py2
packetlogic2.pldb.user
This module contains functionality for managing users on the PacketLogic system.
Do NOT import this module directly. The PLConnection object should be used, e.g:
>>> import packetlogic2 >>> pl = packetlogic2.connect("192.168.1.25", "admin", "password") >>> u = pl.Users()
Classes defined here:
- User - Represents a user on the PacketLogic system
- Users - This is the resource for manipulating users
User
Represents a user on the PacketLogic system.
Returned from Users.list and Users.add.
| Methods: | ||
|---|---|---|
| Ungrouped | add_pubkey(self, pubkey) Add specified public ssh keys as valid authentication method for this user |
|
| remove(self) Remove this user from the system |
||
| remove_pubkey(self, pubkey) Remove specified public ssh keys as valid authentication method for this |
||
| update(self, name=None, password=None, readbm=None, writebm=None, survbm=None, flags=None, hosts=None, timeout=None) Update an attribute of this user |
||
| Properties: | |
|---|---|
| flags | Bitmask of flags |
| hosts | hosts user is allowed to connect from |
| id | ID Number of the user |
| name | Name of the user |
| pubkeys | List of public ssh keys that can be used to authenticate user |
| readbm | Bitmask of read permissions |
| survbm | Bitmask of liveview permissions |
| timeout | Inactivity timeout in seconds |
| writebm | Bitmask of write permissions |
add_pubkey(self, pubkey)
Add specified public ssh keys as valid authentication method for this user.
The key should be base64 encoded.
remove(self)
Remove this user from the system.
remove_pubkey(self, pubkey)
Remove specified public ssh keys as valid authentication method for this user.
update(self, name=None, password=None, readbm=None, writebm=None, survbm=None, flags=None, hosts=None, timeout=None)
Update an attribute of this user.
Omitting an argument or setting it to None will leave that
attribute unchanged.
- name (
str) - Modify user's name (rename user).
- password (
str) - Modify user's password.
- readbm (
int) - Modify user's readbm.
- writebm (
int) - Modify user's writebm.
- survbm (
int) - Modify user's survbm.
- flags (
int) - Modify user's flags
- hosts (
listofstr) - Modify user's host access list
- timeout (
int) - Modify user's timeout
- PLDUnsupportedInFirmware - If timeout is specified without firmware support.
- timeout argument requires v14.1 firmware or newer.
flags
Bitmask of flags.
hosts
hosts user is allowed to connect from.
id
ID Number of the user.
name
Name of the user.
pubkeys
List of public ssh keys that can be used to authenticate user.
readbm
Bitmask of read permissions.
survbm
Bitmask of liveview permissions.
timeout
Inactivity timeout in seconds. 0 = no timeout.
writebm
Bitmask of write permissions.
Users
This is the resource for manipulating users.
| Methods: | ||
|---|---|---|
| Users | User | add(self, name, password, readbm=0, writebm=0, survbm=0, flags=0, hosts=[], timeout=0) Adds a new user to the system |
list of User
|
list(self) Lists all users on the system |
|
| Ungrouped | tuple
|
auth(self, username, password, ipaddress) Try to authenticate a user |
| Inherited from Resource | close(self) Immediately disconnects the resource |
|
| commit(self, message='PythonAPI commit') Store the current transaction to the database |
||
| ping(self, string='') Send a command to server to test if it is up |
||
tuple of (str, int)
|
protocol(self, protocol, strict=False) Translate protocol name OR number to tuple with name AND number |
|
dict of str:int and
int:str
|
protocols_dict(self) Returns a dictionary with name:nr and nr:name items for IP protocols |
|
| rollback(self) Abort the current transaction and discard the data |
||
| services_cmd(self, services=[], props=[]) Send services to pldbd |
||
list of str
|
services_list(self) List all services |
|
list of str
|
services_prop_list(self) List all properties |
|
| wait_for_commit(self, pinginterval=60) Wait for new data to be committed on resource |
||
list of str
|
xfb_flags_list(self) List all XFB (Transfer Behaviour) flags, that can be used in FlagObjects |
|
| Properties: | |
|---|---|
| commitid | The CommitID associated with this session |
add(self, name, password, readbm=0, writebm=0, survbm=0, flags=0, hosts=[], timeout=0)
Adds a new user to the system.
- name (
str) - The new user's name (rename user).
- password (
str) - The new user's password.
- readbm (
int) - The new user's resource bitmap for read access.
- writebm (
int) - The new user's resource bitmap for write access.
- survbm (
int) - The new user's resource bitmap for surveillance access.
- flags (
int) - The new user's flags
- hosts (
listofstr) - The new user's host access list.
- timeout (
int) - The new user's inactivity timeout.
- PLDUnsupportedInFirmware - If timeout is specified without firmware support.
- timeout argument requires v14.1 firmware or newer.
auth(self, username, password, ipaddress)
Try to authenticate a user.
The PacketLogic system will check if the the specified credentials matches a valid user. Note that this does NOT change current user or anything like that.
- A tuple of (status, survbm, readbm, writebm) of that user.
tuple
- PLDBError - If authentication fails.
close(self)
Immediately disconnects the resource.
After this method has been called this object becomes useless.
It may be used to force a disconnect when the garbage collector can't be trusted to do a timely disconnect.
commit(self, message='PythonAPI commit')
Store the current transaction to the database.
When you do this PacketLogic will reload the ruleset. This will take a lot of CPU resources from the system, try to do this in batches.
Observe that if you don't commit the changes you've made, no other resource (including the client) will see your changes.
- message (
str) - Message recorded in the commit log. Ignored in v12.1 and earlier.
- message parameter is ignored in v12.1 firmware and earlier.
list(self)
Lists all users on the system
>>> u.list() [<User 'admin' (#1)>, <User 'packetlogicd' (#2)>]
ping(self, string='')
Send a command to server to test if it is up.
protocol(self, protocol, strict=False)
Translate protocol name OR number to tuple with name AND number. Can be used to e.g translate numerical protocol in connlog.search() result to protocol name.
An unknown protocol will be translated to e.g '#7' or -1, unless strict is set to True, in which case ValueError is raised for unknown protocols.
- Tuple with name and nr of specified protocol.
tupleof (str,int)
- protocol (
int,stror a ProtocolObject Item) - Name or number of an IP protocol
- strict (
bool) - IfTrue, ValueError is raised for an unknown protocol, ifFalse(default), an unknown protocol translates to number -1 or name '#7' (where 7 is the supplied unknown protocol number).
protocols_dict(self)
Returns a dictionary with name:nr and nr:name items for IP protocols. Can be used to e.g translate numerical protocol in connlog.search() result to protocol name.
- Dict with name:nr and nr:name items for IP protocols.
dictofstr:intandint:str
rollback(self)
Abort the current transaction and discard the data.
This will also automatically happen if your connection drops or that you exit the program without commit.
- resource.PLDBError - If the rollback command failed.
services_cmd(self, services=[], props=[])
Send services to pldbd
Sets stringtable for services and properties. Do NOT use this unless you know exactly what you are doing.
- services (
listofstr) - List of services
- props (
listofstr) - List of service properties
wait_for_commit(self, pinginterval=60)
Wait for new data to be committed on resource.
This method returns as soon as the server signals that another client has committed new data to the resource. It also periodically tests the connection to the server. If connection is broken (or any other error happens) an exception is raised.
- pinginterval (int) - Interval used to check if connection still is alive.
xfb_flags_list(self)
List all XFB (Transfer Behaviour) flags, that can be used in FlagObjects.
- List of XFB flags
listofstr
commitid
The CommitID associated with this session. (14.0 or newer only)