def remove_privilege(self, name, kind=None): """ Remove a privilege from the list of role privileges. If the name is a structured value consisting of the kind and the name separated by a "|", as returned by the list() method, then the kind is optional. :param name: The name of the privilege :param kind: The kind of privilege :return: The role object """ parts = name.split("|") if len(parts) == 1: pass elif len(parts) == 2: if kind is not None and kind != parts[0]: raise validate_custom("Kinds must match") kind = parts[0] name = parts[1] else: raise validate_custom("Unparseable privilege name") key = "{0}|{1}".format(kind, name) return self.remove_from_property_list('privilege', key)
def exists(cls, connection, name, kind=None): """ Returns true if (and only if) the specified privilege exists. If the name is a structured value consisting of the kind and the name separated by a "|", as returned by the list() method, then the kind is optional. :param connection: The connection to the MarkLogic database :param name: The name of the privilege :param kind: The kind of privilege :return: The privilege """ parts = name.split("|") if len(parts) == 1: pass elif len(parts) == 2 or len(parts) == 3: if kind is not None and kind != parts[0]: raise validate_custom("Kinds must match") kind = parts[0] name = parts[1] else: raise validate_custom("Unparseable privilege name") uri = connection.uri("privileges", name, parameters=["kind="+kind]) response = connection.head(uri) if response.status_code == 200: return True elif response.status_code == 404: return False else: raise exceptions.UnexpectedManagementAPIResponse(response.text)
def lookup(cls, connection, name=None, kind=None, action=None): """ Look up an individual privilege. At least one of name or action must be specified. Privileges can be looked up directly with a name. If only an action is provided, the method will get the current list of privileges and search for the matching action. The list of privileges is stored in `Privilege.PRIVLIST` and can be reset by calling `Privilege.flush_cache()`. The `kind` must be provided either directly or as part of a structured name. If the name is a structured value consisting of the kind and the name separated by a "|", as returned by the list() method, then the kind is optional. :param connection: The connection to the MarkLogic database :param name: The name of the privilege :param action: The action URI of the privilege :param kind: The kind of privilege :return: The privilege """ if name is not None: parts = name.split("|") if len(parts) == 1: pass elif len(parts) == 2 or len(parts) == 3: if kind is not None and kind != parts[0]: raise validate_custom("Kinds must match") kind = parts[0] name = parts[1] if action is not None and len(parts) == 3: if parts[2] != action: raise validate_custom("Actions must match") else: raise validate_custom("Unparseable privilege name") if name is None and action is None: raise validate_custom("Name or action must be specified") if kind is None: raise validate_custom("Kind must be specified") if name is None: return cls._lookup_action(connection, action, kind) else: uri = connection.uri("privileges", name, parameters=["kind=" + kind]) response = connection.get(uri) if response.status_code == 200: result = Privilege.unmarshal(json.loads(response.text)) if 'etag' in response.headers: result.etag = response.headers['etag'] return result else: return None
def lookup(cls, connection, name=None, kind=None, action=None): """ Look up an individual privilege. At least one of name or action must be specified. Privileges can be looked up directly with a name. If only an action is provided, the method will get the current list of privileges and search for the matching action. The list of privileges is stored in `Privilege.PRIVLIST` and can be reset by calling `Privilege.flush_cache()`. The `kind` must be provided either directly or as part of a structured name. If the name is a structured value consisting of the kind and the name separated by a "|", as returned by the list() method, then the kind is optional. :param connection: The connection to the MarkLogic database :param name: The name of the privilege :param action: The action URI of the privilege :param kind: The kind of privilege :return: The privilege """ if name is not None: parts = name.split("|") if len(parts) == 1: pass elif len(parts) == 2 or len(parts) == 3: if kind is not None and kind != parts[0]: raise validate_custom("Kinds must match") kind = parts[0] name = parts[1] if action is not None and len(parts) == 3: if parts[2] != action: raise validate_custom("Actions must match") else: raise validate_custom("Unparseable privilege name") if name is None and action is None: raise validate_custom("Name or action must be specified") if kind is None: raise validate_custom("Kind must be specified") if name is None: return cls._lookup_action(connection, action, kind) else: uri = connection.uri("privileges", name, parameters=["kind="+kind]) response = connection.get(uri) if response.status_code == 200: result = Privilege.unmarshal(json.loads(response.text)) if 'etag' in response.headers: result.etag = response.headers['etag'] return result else: return None
def set_key_type(self, value): """ Set the key type. The key type must be `rsa`. """ if value is not 'rsa': validate_custom("The key-type must be 'rsa'") self._config['key-type'] = value return self
def __init__(self, version=0, countryName=None, stateOrProvinceName=None, localityName=None, organizationName=None, organizationalUnitName=None, emailAddress=None, v3ext=None): """ Create a new certificate request. The names of the arguments are taken directly from the X509 form. If specified, v3ext must be a dictionary. The `organizationName` is required. You should fill in as many of these fields as possible because individual certificate authorities have specific requirements for which fields must have values. If a required field is missing, a certificate authority will typically reject your certificate request with a cryptic error message that your request is bad. """ if organizationName is None: validate_custom("organizationName is required") self._config = { 'version': version, } subject = {'organizationName': organizationName} if countryName is not None: subject['countryName'] = countryName if stateOrProvinceName is not None: subject['stateOrProvinceName'] = stateOrProvinceName if localityName is not None: subject['localityName'] = localityName if organizationName is not None: subject['organizationName'] = organizationName if organizationalUnitName is not None: subject['organizationalUnitName'] = organizationalUnitName if emailAddress is not None: subject['emailAddress'] = emailAddress self._config['subject'] = subject if v3ext is not None: self._config['v3ext'] = v3ext
def __init__(self, version=0, countryName=None, stateOrProvinceName=None, localityName=None, organizationName=None, organizationalUnitName=None, emailAddress=None, v3ext=None): """ Create a new certificate request. The names of the arguments are taken directly from the X509 form. If specified, v3ext must be a dictionary. The `organizationName` is required. You should fill in as many of these fields as possible because individual certificate authorities have specific requirements for which fields must have values. If a required field is missing, a certificate authority will typically reject your certificate request with a cryptic error message that your request is bad. """ if organizationName is None: validate_custom("organizationName is required") self._config = { 'version': version, } subject = { 'organizationName': organizationName } if countryName is not None: subject['countryName'] = countryName if stateOrProvinceName is not None: subject['stateOrProvinceName'] = stateOrProvinceName if localityName is not None: subject['localityName'] = localityName if organizationName is not None: subject['organizationName'] = organizationName if organizationalUnitName is not None: subject['organizationalUnitName'] = organizationalUnitName if emailAddress is not None: subject['emailAddress'] = emailAddress self._config['subject'] = subject if v3ext is not None: self._config['v3ext'] = v3ext
def read(self, connection): """ Loads the Template from the MarkLogic server. This will refresh the properties of the object. :param connection: The connection to a MarkLogic server :return: The Template object """ if self.template_id() is None: validate_custom("Cannot read an unsaved template") temp = Template.lookup(connection, self.template_id()) if auth is None: return None else: self._config = auth._config return self