def remove_privilege(self, name, kind=None):
"""
Remove a privilege from the list of role privileges.
If the name is a structured value consisting of the kind and the
name separated by a "|", as returned by the list() method, then
the kind is optional.
:param name: The name of the privilege
:param kind: The kind of privilege
:return: The role object
"""
parts = name.split("|")
if len(parts) == 1:
pass
elif len(parts) == 2:
if kind is not None and kind != parts[0]:
raise validate_custom("Kinds must match")
kind = parts[0]
name = parts[1]
else:
raise validate_custom("Unparseable privilege name")
key = "{0}|{1}".format(kind, name)
return self.remove_from_property_list('privilege', key)
def exists(cls, connection, name, kind=None):
"""
Returns true if (and only if) the specified privilege exists.
If the name is a structured value consisting of the kind and the
name separated by a "|", as returned by the list() method, then
the kind is optional.
:param connection: The connection to the MarkLogic database
:param name: The name of the privilege
:param kind: The kind of privilege
:return: The privilege
"""
parts = name.split("|")
if len(parts) == 1:
pass
elif len(parts) == 2 or len(parts) == 3:
if kind is not None and kind != parts[0]:
raise validate_custom("Kinds must match")
kind = parts[0]
name = parts[1]
else:
raise validate_custom("Unparseable privilege name")
uri = connection.uri("privileges", name,
parameters=["kind="+kind])
response = connection.head(uri)
if response.status_code == 200:
return True
elif response.status_code == 404:
return False
else:
raise exceptions.UnexpectedManagementAPIResponse(response.text)
def lookup(cls, connection, name=None, kind=None, action=None):
"""
Look up an individual privilege.
At least one of name or action must be specified. Privileges can
be looked up directly with a name. If only an action is provided,
the method will get the current list of privileges and search for
the matching action. The list of privileges is stored in
`Privilege.PRIVLIST` and can be reset by calling
`Privilege.flush_cache()`.
The `kind` must be provided either directly or as part of a
structured name.
If the name is a structured value consisting of the kind and the
name separated by a "|", as returned by the list() method, then
the kind is optional.
:param connection: The connection to the MarkLogic database
:param name: The name of the privilege
:param action: The action URI of the privilege
:param kind: The kind of privilege
:return: The privilege
"""
if name is not None:
parts = name.split("|")
if len(parts) == 1:
pass
elif len(parts) == 2 or len(parts) == 3:
if kind is not None and kind != parts[0]:
raise validate_custom("Kinds must match")
kind = parts[0]
name = parts[1]
if action is not None and len(parts) == 3:
if parts[2] != action:
raise validate_custom("Actions must match")
else:
raise validate_custom("Unparseable privilege name")
if name is None and action is None:
raise validate_custom("Name or action must be specified")
if kind is None:
raise validate_custom("Kind must be specified")
if name is None:
return cls._lookup_action(connection, action, kind)
else:
uri = connection.uri("privileges",
name,
parameters=["kind=" + kind])
response = connection.get(uri)
if response.status_code == 200:
result = Privilege.unmarshal(json.loads(response.text))
if 'etag' in response.headers:
result.etag = response.headers['etag']
return result
else:
return None
def lookup(cls, connection, name=None, kind=None, action=None):
"""
Look up an individual privilege.
At least one of name or action must be specified. Privileges can
be looked up directly with a name. If only an action is provided,
the method will get the current list of privileges and search for
the matching action. The list of privileges is stored in
`Privilege.PRIVLIST` and can be reset by calling
`Privilege.flush_cache()`.
The `kind` must be provided either directly or as part of a
structured name.
If the name is a structured value consisting of the kind and the
name separated by a "|", as returned by the list() method, then
the kind is optional.
:param connection: The connection to the MarkLogic database
:param name: The name of the privilege
:param action: The action URI of the privilege
:param kind: The kind of privilege
:return: The privilege
"""
if name is not None:
parts = name.split("|")
if len(parts) == 1:
pass
elif len(parts) == 2 or len(parts) == 3:
if kind is not None and kind != parts[0]:
raise validate_custom("Kinds must match")
kind = parts[0]
name = parts[1]
if action is not None and len(parts) == 3:
if parts[2] != action:
raise validate_custom("Actions must match")
else:
raise validate_custom("Unparseable privilege name")
if name is None and action is None:
raise validate_custom("Name or action must be specified")
if kind is None:
raise validate_custom("Kind must be specified")
if name is None:
return cls._lookup_action(connection, action, kind)
else:
uri = connection.uri("privileges", name, parameters=["kind="+kind])
response = connection.get(uri)
if response.status_code == 200:
result = Privilege.unmarshal(json.loads(response.text))
if 'etag' in response.headers:
result.etag = response.headers['etag']
return result
else:
return None
def set_key_type(self, value):
"""
Set the key type.
The key type must be `rsa`.
"""
if value is not 'rsa':
validate_custom("The key-type must be 'rsa'")
self._config['key-type'] = value
return self
def set_key_type(self, value):
"""
Set the key type.
The key type must be `rsa`.
"""
if value is not 'rsa':
validate_custom("The key-type must be 'rsa'")
self._config['key-type'] = value
return self
def __init__(self,
version=0,
countryName=None,
stateOrProvinceName=None,
localityName=None,
organizationName=None,
organizationalUnitName=None,
emailAddress=None,
v3ext=None):
"""
Create a new certificate request.
The names of the arguments are taken directly from the X509
form. If specified, v3ext must be a dictionary.
The `organizationName` is required. You should fill in as many of
these fields as possible because individual certificate authorities
have specific requirements for which fields must have values.
If a required field is missing, a certificate authority will
typically reject your certificate request with a cryptic error
message that your request is bad.
"""
if organizationName is None:
validate_custom("organizationName is required")
self._config = {
'version': version,
}
subject = {'organizationName': organizationName}
if countryName is not None:
subject['countryName'] = countryName
if stateOrProvinceName is not None:
subject['stateOrProvinceName'] = stateOrProvinceName
if localityName is not None:
subject['localityName'] = localityName
if organizationName is not None:
subject['organizationName'] = organizationName
if organizationalUnitName is not None:
subject['organizationalUnitName'] = organizationalUnitName
if emailAddress is not None:
subject['emailAddress'] = emailAddress
self._config['subject'] = subject
if v3ext is not None:
self._config['v3ext'] = v3ext
def __init__(self, version=0, countryName=None, stateOrProvinceName=None,
localityName=None, organizationName=None,
organizationalUnitName=None, emailAddress=None,
v3ext=None):
"""
Create a new certificate request.
The names of the arguments are taken directly from the X509
form. If specified, v3ext must be a dictionary.
The `organizationName` is required. You should fill in as many of
these fields as possible because individual certificate authorities
have specific requirements for which fields must have values.
If a required field is missing, a certificate authority will
typically reject your certificate request with a cryptic error
message that your request is bad.
"""
if organizationName is None:
validate_custom("organizationName is required")
self._config = {
'version': version,
}
subject = { 'organizationName': organizationName }
if countryName is not None:
subject['countryName'] = countryName
if stateOrProvinceName is not None:
subject['stateOrProvinceName'] = stateOrProvinceName
if localityName is not None:
subject['localityName'] = localityName
if organizationName is not None:
subject['organizationName'] = organizationName
if organizationalUnitName is not None:
subject['organizationalUnitName'] = organizationalUnitName
if emailAddress is not None:
subject['emailAddress'] = emailAddress
self._config['subject'] = subject
if v3ext is not None:
self._config['v3ext'] = v3ext
def read(self, connection):
"""
Loads the Template from the MarkLogic server. This will refresh
the properties of the object.
:param connection: The connection to a MarkLogic server
:return: The Template object
"""
if self.template_id() is None:
validate_custom("Cannot read an unsaved template")
temp = Template.lookup(connection, self.template_id())
if auth is None:
return None
else:
self._config = auth._config
return self
def read(self, connection):
"""
Loads the Template from the MarkLogic server. This will refresh
the properties of the object.
:param connection: The connection to a MarkLogic server
:return: The Template object
"""
if self.template_id() is None:
validate_custom("Cannot read an unsaved template")
temp = Template.lookup(connection, self.template_id())
if auth is None:
return None
else:
self._config = auth._config
return self
