timApp.user package
Contents
timApp.user package#
Subpackages#
Submodules#
timApp.user.consentchange module#
timApp.user.contacts module#
- timApp.user.contacts.add_contact(contact_info: str, contact_info_type: timApp.messaging.messagelist.listinfo.Channel = Field(name='contact_info_type', type=<enum 'Channel'>, default=<dataclasses._MISSING_TYPE object>, default_factory=<dataclasses._MISSING_TYPE object>, init=True, repr=True, hash=None, compare=True, metadata=mappingproxy({'by_value': True}), kw_only=False, _field_type=_FIELD), resend_if_exists: bool = False) flask.wrappers.Response[source]#
Add a new contact information for current user.
- Parameters
contact_info_type – The channel user wishes to add a new contact information.
contact_info – The contact information.
resend_if_exists – If True and verification already exists, resend the verification message.
- Returns
OK response.
- timApp.user.contacts.remove_contact(contact_info: str, contact_info_type: timApp.messaging.messagelist.listinfo.Channel = Field(name='contact_info_type', type=<enum 'Channel'>, default=<dataclasses._MISSING_TYPE object>, default_factory=<dataclasses._MISSING_TYPE object>, init=True, repr=True, hash=None, compare=True, metadata=mappingproxy({'by_value': True}), kw_only=False, _field_type=_FIELD)) flask.wrappers.Response[source]#
Remove a contact information from current user.
- Parameters
contact_info_type – The channel user wishes to add a new contact information.
contact_info – The contact information.
- Returns
OK response.
- timApp.user.contacts.set_primary(contact: str, channel: timApp.messaging.messagelist.listinfo.Channel = Field(name='channel', type=<enum 'Channel'>, default=<dataclasses._MISSING_TYPE object>, default_factory=<dataclasses._MISSING_TYPE object>, init=True, repr=True, hash=None, compare=True, metadata=mappingproxy({'by_value': True}), kw_only=False, _field_type=_FIELD)) flask.wrappers.Response[source]#
Set the primary contact.
- Parameters
contact – Primary contact value.
channel – Primary contact channel.
- Returns
OK response.
timApp.user.groups module#
- timApp.user.groups.add_group_infofield_template(doc: timApp.document.docinfo.DocInfo)[source]#
- timApp.user.groups.create_group(group_path: str) flask.wrappers.Response[source]#
Route for creating a user group.
The name of user group has the following restrictions:
The name must have at least one digit.
The name must have at least one alphabetic character.
The name must NOT have any non-alphanumeric characters, with the exception that spaces are allowed.
These restrictions are needed in order to distinguish manually-created groups from personal user groups. Personal user group names are either
email addresses (containing ‘@’ character), or
lowercase ASCII strings (Korppi users) with length being in range [2,8].
- timApp.user.groups.do_create_group(group_path: str) tuple[timApp.user.usergroup.UserGroup, timApp.document.docinfo.DocInfo][source]#
- timApp.user.groups.get_uid_gid(group_name, usernames) tuple[timApp.user.usergroup.UserGroup, list[timApp.user.user.User]][source]#
- timApp.user.groups.raise_group_not_found_if_none(group_name: str, ug: timApp.user.usergroup.UserGroup | None)[source]#
- timApp.user.groups.update_group_doc_settings(doc: timApp.document.docinfo.DocInfo, group_name: str, extra_macros: Optional[dict[str, Any]] = None)[source]#
- timApp.user.groups.verify_group_access(ug: timApp.user.usergroup.UserGroup, access_set, u=None, require=True)[source]#
- timApp.user.groups.verify_group_edit_access(ug: timApp.user.usergroup.UserGroup, user: Optional[timApp.user.user.User] = None, require=True)[source]#
- timApp.user.groups.verify_group_view_access(ug: timApp.user.usergroup.UserGroup, user=None, require=True)[source]#
- timApp.user.groups.verify_groupadmin(require: bool = True, user: Optional[timApp.user.user.User] = None, action: Optional[str] = None, msg: Optional[str] = None)[source]#
timApp.user.hakaorganization module#
timApp.user.newuser module#
- class timApp.user.newuser.NewUser(**kwargs)[source]#
Bases:
sqlalchemy.ext.declarative.api.ModelA user that is going to register to TIM via email and has not yet completed the registration process.
- created#
The time when user clicked “Sign up”.
- email#
Email address.
- pass_#
Password hash for the temporary password.
timApp.user.personaluniquecode module#
- class timApp.user.personaluniquecode.PersonalUniqueCode(**kwargs)[source]#
Bases:
sqlalchemy.ext.declarative.api.ModelThe database model for the ‘schacPersonalUniqueCode’ Haka attribute.
- code#
The actual code. This could be e.g. student id or employee id.
- static find_by_code(code: str, org: str, codetype: str) Optional[timApp.user.personaluniquecode.PersonalUniqueCode][source]#
- static find_by_student_id(sid: str, org: str) Optional[timApp.user.personaluniquecode.PersonalUniqueCode][source]#
- static find_by_urn(urn: str) Optional[timApp.user.personaluniquecode.PersonalUniqueCode][source]#
- org_id#
Organization id.
- organization#
- type#
The type of the code, e.g. student or employee.
- user#
- property user_collection_key#
- user_id#
User id.
timApp.user.preferences module#
- class timApp.user.preferences.Preferences(custom_css: str = '', use_document_word_list: bool = False, disable_menu_hover: bool = False, remember_last_sidebar_menu_tab: bool = False, remember_last_sidebar_menu_state: bool = False, word_list: str = '', email_exclude: str = '', language: Optional[str] = None, style_doc_ids: list[int] = NOTHING, last_answer_fetch: dict[str, str] = NOTHING, auto_mark_all_read: bool = False, bookmarks: Optional[list[dict[str, list[dict[str, str]]]]] = None, max_uncollapsed_toc_items: Optional[int] = None)[source]#
Bases:
object- auto_mark_all_read: bool#
- bookmarks: list[dict[str, list[dict[str, str]]]] | None#
- custom_css: str#
- email_exclude: str#
- property excluded_email_paths: list[re.Pattern[str]]#
- static from_json(j: dict) timApp.user.preferences.Preferences[source]#
- is_item_excluded_from_emails(d: timApp.item.item.Item) bool[source]#
- language: str | None#
- last_answer_fetch: dict[str, str]#
- max_uncollapsed_toc_items: int | None#
- style_doc_ids: list[int]#
- property style_path: str#
- theme_docs() list[timApp.document.docentry.DocEntry][source]#
- use_document_word_list: bool#
- word_list: str#
timApp.user.scimentity module#
- class timApp.user.scimentity.SCIMEntity[source]#
Bases:
object- property scim_created#
- property scim_display_name#
- property scim_extra_data#
- property scim_id#
- property scim_location#
- property scim_modified#
- property scim_resource_type#
- timApp.user.scimentity.get_meta(g: timApp.user.scimentity.SCIMEntity)[source]#
timApp.user.special_group_names module#
timApp.user.user module#
- class timApp.user.user.Consent(value)[source]#
Bases:
enum.EnumAn enumeration.
- CookieAndData = 2#
- CookieOnly = 1#
- class timApp.user.user.User(**kwargs)[source]#
Bases:
sqlalchemy.ext.declarative.api.Model,timApp.timdb.sqa.TimeStampMixin,timApp.user.scimentity.SCIMEntityA user account. Used to identify users.
Note
Some user IDs are reserved for internal use:
ID 0 is used to denote all “Anonymous users”
- active_memberships#
Active group memberships mapped by user group ID.
- active_sessions: MutableMapping[str, timApp.auth.session.model.UserSession]#
Active sessions mapped by the session ID.
- add_to_group(ug: timApp.user.usergroup.UserGroup, added_by: Optional[timApp.user.user.User], sync_mailing_lists=True) bool[source]#
Adds the user to a group.
- Parameters
ug – The user group to add the user to.
added_by – Optionally, the user that added this user to the group.
sync_mailing_lists – If True, automatically notifies message lists about the added user.
- Returns
True, if the added user is a “new” member (i.e. never was a member of the group before).
- annotations#
User’s task annotations as a dynamic query.
- annotations_alt#
- answers#
User’s answers to tasks as a dynamic query.
- answers_alt#
- property basic_info_dict#
- belongs_to_any_of(*groups: timApp.user.usergroup.UserGroup)[source]#
- bookmarks#
- can_write_to_folder(f: timApp.folder.folder.Folder)[source]#
- consent#
Current consent for cookie/data collection.
- consents#
User’s consent changes.
- contacts: list[timApp.user.usercontact.UserContact]#
User’s contacts.
- static create_with_group(info: timApp.user.user.UserInfo, is_admin: bool = False, uid: Optional[int] = None) tuple['User', timApp.user.usergroup.UserGroup][source]#
- created#
- email#
User’s primary email address.
This is the address the user can log in with and receive notifications from TIM.
- static get_anon() timApp.user.user.User[source]#
- static get_by_email(email: str) Optional[timApp.user.user.User][source]#
- static get_by_id(uid: int) Optional[timApp.user.user.User][source]#
- static get_by_name(name: str) Optional[timApp.user.user.User][source]#
- get_contact(channel: timApp.messaging.messagelist.listinfo.Channel, contact: str, options: Optional[list[sqlalchemy.orm.strategy_options.loader_option]] = None) timApp.user.usercontact.UserContact | None[source]#
Find user’s contact by channel and contact contents.
- Parameters
channel – Contact channel.
contact – Contact contents.
options – Additional DB load options.
- Returns
UserContact if found, otherwise None.
- get_groups(include_special: bool = True, include_expired: bool = True) sqlalchemy.orm.query.Query[source]#
- static get_model_answer_user() Optional[timApp.user.user.User][source]#
- get_notify_settings(item: timApp.document.docinfo.DocInfo | timApp.folder.folder.Folder) dict[source]#
- get_personal_folder() timApp.folder.folder.Folder[source]#
- get_personal_group() timApp.user.usergroup.UserGroup[source]#
- get_prefs() timApp.user.preferences.Preferences[source]#
- static get_scimuser() timApp.user.user.User[source]#
- given_name#
User’s given name.
- grant_access(block: Union[timApp.item.item.ItemBase, timApp.item.block.Block], access_type: timApp.auth.accesstype.AccessType, accessible_from: Optional[datetime.datetime] = None, accessible_to: Optional[datetime.datetime] = None, duration_from: Optional[datetime.datetime] = None, duration_to: Optional[datetime.datetime] = None, duration: Optional[datetime.timedelta] = None, require_confirm: Optional[bool] = None)[source]#
- property group_ids#
- groups: list[timApp.user.usergroup.UserGroup]#
Current groups of the user is a member of.
- groups_dyn#
All groups of the user as a dynamic query.
- groups_inactive#
All groups the user is no longer a member of as a dynamic query.
- has_access(i: Union[timApp.item.item.ItemBase, timApp.item.block.Block], access: timApp.auth.accesstype.AccessType, grace_period: datetime.timedelta = datetime.timedelta(0), duration: bool = False) timApp.auth.auth_models.BlockAccess | None[source]#
Check if the user has access to the given item or block.
- Parameters
i – Item or block to check
access – Access type to check. See AccessType for available values.
grace_period – Grace period for the access check. If the user has access to the item, extends the end date of the access by this amount.
duration – If True checks for duration access instead of active accesses.
- Returns
The best access object that user currently has for the given item or block and access type. Otherwise, if user has no access, None.
- has_copy_access(i: Union[timApp.item.item.ItemBase, timApp.item.block.Block], duration: bool = False) timApp.auth.auth_models.BlockAccess | None[source]#
- has_edit_access(i: Union[timApp.item.item.ItemBase, timApp.item.block.Block], duration: bool = False) timApp.auth.auth_models.BlockAccess | None[source]#
- has_manage_access(i: Union[timApp.item.item.ItemBase, timApp.item.block.Block], duration: bool = False) timApp.auth.auth_models.BlockAccess | None[source]#
- has_ownership(i: Union[timApp.item.item.ItemBase, timApp.item.block.Block], allow_admin: bool = True) timApp.auth.auth_models.BlockAccess | None[source]#
- has_seeanswers_access(i: Union[timApp.item.item.ItemBase, timApp.item.block.Block], duration: bool = False) timApp.auth.auth_models.BlockAccess | None[source]#
- has_some_access(i: Union[timApp.item.item.ItemBase, timApp.item.block.Block], vals: set[int], allow_admin: bool = True, grace_period: datetime.timedelta = datetime.timedelta(0), duration: bool = False) timApp.auth.auth_models.BlockAccess | None[source]#
Check if the user has any possible access to the given item or block.
- Parameters
i – The item or block to check
vals – Access types to check. See AccessType for available values.
allow_admin – If True, allow admins to bypass the access check
grace_period – Grace period for the access check. If the user has access to the item, extends the end date of the access by this amount.
duration – If True checks for duration access instead of active accesses.
- Returns
The best access object that user currently has for the given item or block and access types.
- has_teacher_access(i: Union[timApp.item.item.ItemBase, timApp.item.block.Block], duration: bool = False) timApp.auth.auth_models.BlockAccess | None[source]#
- has_view_access(i: Union[timApp.item.item.ItemBase, timApp.item.block.Block], duration: bool = False) timApp.auth.auth_models.BlockAccess | None[source]#
- id#
User identifier.
- internalmessage_readreceipt: timApp.messaging.timMessage.internalmessage_models.InternalMessageReadReceipt | None#
User’s read receipts for internal messages.
- is_admin#
- property is_anonymized#
Hides names, email and ID of the user
- property is_current_user#
Returns whether the user is the one currently in session.
- property is_deleted: bool#
- property is_email_user#
Returns whether the user signed up via email and has not been “upgraded” to Korppi or Sisu user.
Hides names and email of the user, but not user ID
- property is_sisu_teacher: bool#
Whether the user belongs to at least one Sisu teacher group
- property is_special#
- last_name#
User’s last name.
- lectureanswers#
Lecture answers that the user sent to lectures as a dynamic query.
- lectureanswers_alt#
- lectures#
Lectures that the user is attending at the moment.
- property logged_in#
Whether the user is an authenticated user (i.e. not anonymous).
- memberships: list[timApp.user.usergroupmember.UserGroupMember]#
All user’s group memberships.
- memberships_dyn#
User’s group memberships as a dynamic query.
- messages#
Lecture messages that the user sent to lectures as a dynamic query.
- messages_alt#
- modified#
- name#
User name (not full name). Used to identify the user and during log-in.
- notifications#
Notification settings for the user. Represents what notifications the user wants to receive.
- notifications_alt#
- origin#
How the user registered to TIM.
- owned_lectures#
Lectures that the user has created.
- owned_lectures_alt#
- pass_#
Password hashed with bcrypt.
- personal_folder_prop#
- personal_group_prop#
- prefs#
Preferences as a JSON string.
- property pretty_full_name#
Returns the user’s full name.
- primary_email_contact#
The primary email contact for the user.
The primary contact is the preferred email address that the user wants to receive notifications from TIM.
- questionactivity#
User’s activity on lecture questions.
- real_name#
Real (full) name. This may be in the form “Lastname Firstname” or “Firstname Lastname”.
- property scim_created#
User’s creation date in format used by SCIM API.
- property scim_display_name#
User’s display name in format used by SCIM API.
- property scim_extra_data#
Any extra data that should be returned in the SCIM API response.
- property scim_id#
User’s identifier in format used by SCIM API.
- property scim_modified#
User’s last modification date in format used by SCIM API.
- property scim_resource_type#
The resource type of the user in format used by SCIM API.
- sessions: list[timApp.auth.session.model.UserSession]#
All user’s sessions as a dynamic query.
- set_emails(emails: list[str], origin: timApp.user.usercontact.ContactOrigin, force_verify: bool = False, force_primary: bool = False, can_update_primary: bool = False, add: bool = True, remove: bool = True, notify_message_lists: bool = True) None[source]#
Sets emails for the given origin.
Existing emails for the given origin are overwritten. If the user’s primary email is removed, it is changed to the next verified email of the same origin.
- Parameters
emails – List of emails to set to the given origin.
origin – Emails’ origin
force_verify – If True, all emails are marked as verified. Otherwise, origins in NO_AUTO_VERIFY_ORIGINS are not verified.
force_primary – If True, forces to update the primary address
can_update_primary – If True, allows to “update” the primary email address. If the user’s primary email is custom and a new email is added from the integration, set that email as primary. Also, if user’s primary email is custom and a new email is added is also custom, set the first email address in the list as primary.
add – If True, adds new emails in the list to the user.
remove – If True, removes emails not present in emails list.
notify_message_lists – If True, notifies the message lists about the change.
- set_notify_settings(item: timApp.document.docinfo.DocInfo | timApp.folder.folder.Folder, doc_modify: bool, comment_add: bool, comment_modify: bool, answer_add: bool)[source]#
- set_prefs(prefs: timApp.user.preferences.Preferences)[source]#
- set_unique_codes(codes: list[timApp.user.personaluniquecode.SchacPersonalUniqueCode])[source]#
- uniquecodes#
Personal unique codes used to identify the user via Haka Identity Provider.
- update_email(new_email: str, create_contact: bool = True, notify_message_lists: bool = True)[source]#
Updates the user’s primary email address.
Note
Prefer setting
emailinstead of using this method. For example:>>> user = User.get_by_name("testuser1") >>> user.email = "newemail@example.com" >>> db.session.commit() None
- Parameters
new_email – New email address.
create_contact – Whether to create a new contact for the new email address. Defaults to True. If False, updates only the user’s email address info without updating the primary contact.
notify_message_lists – If True, send a notification to all message lists that the user is subscribed to. Defaults to True.
- update_info(info: timApp.user.user.UserInfo, sync_mailing_lists: bool = True) None[source]#
- useractivity#
User’s activity during lectures.
- velps#
Velps created by the user as a dynamic query.
- velps_alt#
- property verified_email_name_parts: list[str]#
- class timApp.user.user.UserInfo(username: str | None = None, email: str | None = None, full_name: str | None = None, given_name: str | None = None, last_name: str | None = None, origin: timApp.user.user.UserOrigin | None = None, password: str | None = None, password_hash: str | None = None, unique_codes: list[timApp.user.personaluniquecode.SchacPersonalUniqueCode] = <factory>)[source]#
Bases:
object- email: str | None = None#
- full_name: str | None = None#
- given_name: str | None = None#
- last_name: str | None = None#
- origin: timApp.user.user.UserOrigin | None = None#
- password: str | None = None#
- password_hash: str | None = None#
- unique_codes: list[timApp.user.personaluniquecode.SchacPersonalUniqueCode]#
- username: str | None = None#
- class timApp.user.user.UserOrigin(value)[source]#
Bases:
enum.EnumIndicates how the user originally registered to TIM.
Only Email, Korppi and Sisu are used so far; the others are speculative.
- Email = 1#
- Facebook = 7#
- Google = 8#
- Haka = 4#
- Korppi = 2#
- OpenID = 5#
- OpenIDConnect = 6#
- Sisu = 3#
- Twitter = 9#
- timApp.user.user.get_membership_added(u: timApp.user.user.User, group_ids: set[int]) datetime.datetime | None[source]#
Get the earliest time the user was added to the given groups.
- Parameters
u – The user
group_ids – The IDs of the groups
- Returns
The earliest time the user was added to the given groups or None if the user is not a member of the groups
- timApp.user.user.get_membership_end(u: timApp.user.user.User, group_ids: set[int]) datetime.datetime | None[source]#
Get the end of the membership of the user in the given groups.
Note
If the user’s membership ended in multiple groups, the latest end date is returned.
- Parameters
u – The user
group_ids – The IDs of the groups
- Returns
The end of the membership or None if the user is not a member of the groups or if the user’s membership hasn’t ended yet
- timApp.user.user.get_owned_objects_query(u: timApp.user.user.User)[source]#
- timApp.user.user.has_no_higher_right(access_type: str | None, rights: timApp.auth.get_user_rights_for_item.UserItemRights) bool[source]#
Checks whether the given access type (view, edit, …) has no higher match in the given UserItemRights. For example, if rights has {‘edit’: True}, then has_no_higher_right(‘view’, rights) is False. For now, only works for view, edit, see_answers and teacher access types.
:param access_type The access type to check. :param rights The UserItemRights to consider. :return True if access_type is one of view, edit, see_answers or teacher and there is no higher right in the
UserItemRights, False otherwise.
- timApp.user.user.last_name_to_first(full_name: str | None)[source]#
Converts a name of the form “Firstname Middlenames Lastname” to “Lastname Firstname Middlenames”.
timApp.user.usercontact module#
- class timApp.user.usercontact.ContactOrigin(value)[source]#
Bases:
enum.EnumIndicates what system added the contact to the user.
The system is also responsible for managing the contact.
- Custom = 1#
- Haka = 3#
- Sisu = 2#
- timApp.user.usercontact.NO_AUTO_VERIFY_ORIGINS = {ContactOrigin.Custom}#
Origins that must not be automatically verified when added to user
- class timApp.user.usercontact.PrimaryContact(value)[source]#
Bases:
enum.EnumWhether the contact is primary.
Enum should have only one value which is used to enforce the unique constraint.
- true = True#
- class timApp.user.usercontact.UserContact(**kwargs)[source]#
Bases:
sqlalchemy.ext.declarative.api.ModelTIM users’ additional contact information.
- channel#
Channel the contact information points to.
- contact#
Contact identifier for a channel.
- contact_origin: timApp.user.usercontact.ContactOrigin#
How the contact was added.
- id#
- primary#
Whether the contact is primary for the user
- user#
User that the contact is associated with.
- user_id#
Which user owns this contact information.
- verified#
Whether this contact info is verified by the user.
If False, the user has made a claim for a contact info, but has not yet verified it’s ownership.
timApp.user.usergroup module#
- class timApp.user.usergroup.UserGroup(**kwargs)[source]#
Bases:
sqlalchemy.ext.declarative.api.Model,timApp.timdb.sqa.TimeStampMixin,timApp.user.scimentity.SCIMEntityA usergroup. Each User should belong to a personal UserGroup that has the same name as the User name. No one else should belong to a personal UserGroup.
A User can additionally belong to any number of other UserGroups.
Two special groups named ‘Logged-in users’ and ‘Anonymous users’ denote the set of all logged-in users and all users including anonymous (not logged-in) ones, respectively.
In database, the User ‘Anonymous user’ belongs to ‘Anonymous users’ group. Other than that, the two groups are empty from the database’s point of view.
- accesses#
- accesses_alt: dict[tuple[int, int], BlockAccess]#
- static create(name: str) timApp.user.usergroup.UserGroup[source]#
Creates a new user group.
- Parameters
name – The name of the user group.
- Returns
The id of the created user group.
- created#
- current_memberships: dict[int, UserGroupMember]#
- display_name#
Usergroup display name. Currently only used for storing certain Sisu course properties: - course code - period (P1…P5) - date range - group description in Sisu
- external_id: ScimUserGroup#
- static get_admin_group() timApp.user.usergroup.UserGroup[source]#
- static get_anonymous_group() timApp.user.usergroup.UserGroup[source]#
- static get_by_external_id(name: str) timApp.user.usergroup.UserGroup[source]#
- static get_by_name(name) timApp.user.usergroup.UserGroup[source]#
- static get_function_scheduler_group() timApp.user.usergroup.UserGroup[source]#
- static get_groupadmin_group() timApp.user.usergroup.UserGroup[source]#
- static get_haka_group() timApp.user.usergroup.UserGroup[source]#
- static get_logged_in_group() timApp.user.usergroup.UserGroup[source]#
- static get_or_create_group(group_name: str) timApp.user.usergroup.UserGroup[source]#
- static get_organization_group(org: str) timApp.user.usergroup.UserGroup[source]#
- static get_organizations() list[timApp.user.usergroup.UserGroup][source]#
- static get_teachers_group() timApp.user.usergroup.UserGroup[source]#
- static get_user_creator_group() timApp.user.usergroup.UserGroup[source]#
- id#
Usergroup identifier.
- internalmessage_display: InternalMessageDisplay | None#
- property is_personal_group#
- property is_sisu#
- property is_sisu_student_group#
- load_personal_user()[source]#
If this is a personal usergroup, loads the user object to personal_user attribute.
- memberships#
- memberships_sel#
- messagelist_membership: list[MessageListTimMember]#
- modified#
- name#
Usergroup name (textual identifier).
- notes#
- notes_alt#
- property pretty_full_name#
- readparagraphs#
- readparagraphs_alt#
- property scim_created#
- property scim_display_name#
- property scim_id#
- property scim_modified#
- property scim_resource_type#
- users#
- class timApp.user.usergroup.UserGroupWithSisuInfo(ug: timApp.user.usergroup.UserGroup)[source]#
Bases:
objectWrapper for UserGroup that reports the sisugroup path in to_json.
- timApp.user.usergroup.get_sisu_groups_by_filter(f) list[timApp.user.usergroup.UserGroup][source]#
timApp.user.usergroupdoc module#
timApp.user.usergroupmember module#
Database model for UserGroupMember and helper functions to work with it.
In TIM, users can belong to one or multiple user groups (UserGroup).
Group membership contains useful information about the user such as:
When the user was added to the group
Who added the user to the group
When the user’s membership was expired
All this information is contained in UserGroupMember which links a user to the group they belong to.
- class timApp.user.usergroupmember.UserGroupMember(**kwargs)[source]#
Bases:
sqlalchemy.ext.declarative.api.ModelAssociates a user with a user group.
- added_by#
User ID of the user who added the membership.
- group#
Group that this membership belongs to. Relationship of the
usergroup_idcolumn.
- membership_added#
Timestamp for when the user was last time added as the active member.
Note
The timestamp is used for logging purposes only. In other words, it is not used to determine soft deletion or other membership state.
- membership_end#
Timestamp for when the membership ended.
Note
The timestamp is used to determine soft deletion. If the end timestamp is present, the user is considered deleted from the group.
- set_expired(time_offset: Optional[datetime.timedelta] = None, sync_mailing_lists: bool = True) None[source]#
Expires this membership.
Note
Expired membership is not permanently deleted. Instead,
membership_endis set to the current time.- Parameters
time_offset – The offset to the expiration date.
sync_mailing_lists – If True, informs the mailing lists of the change immediately.
- user_id#
ID of the user that belongs to the usergroup.
- usergroup_id#
ID of the usergroup the member belongs to.
- timApp.user.usergroupmember.membership_current = <sqlalchemy.sql.elements.BooleanClauseList object>#
SQLAlchemy query selector which selects active memberships.
- timApp.user.usergroupmember.membership_deleted = <sqlalchemy.sql.elements.BinaryExpression object>#
SQLAlchemy query selector which selects expired memberships.
timApp.user.users module#
- timApp.user.users.create_anonymous_user(name: str, real_name: str) timApp.user.user.User[source]#
Creates a new anonymous user.
- Parameters
name – The name of the user to be created.
real_name – The real name of the user.
- Returns
The id of the newly created user.
- timApp.user.users.get_default_rights_holders(folder: timApp.folder.folder.Folder, object_type: timApp.item.block.BlockType) list[timApp.auth.auth_models.BlockAccess][source]#
- timApp.user.users.get_rights_holders(block_id: int) list[timApp.auth.auth_models.BlockAccess][source]#
- timApp.user.users.remove_access(group, i: Union[timApp.item.item.ItemBase, timApp.item.block.Block], access_type: timApp.auth.accesstype.AccessType)[source]#
- timApp.user.users.remove_default_access(group, folder: timApp.folder.folder.Folder, access_type: timApp.auth.accesstype.AccessType, object_type: timApp.item.block.BlockType)[source]#
timApp.user.userutils module#
- timApp.user.userutils.get_default_right_document(folder: timApp.folder.folder.Folder, object_type: timApp.item.block.BlockType, create_if_not_exist: bool = False) timApp.document.docinfo.DocInfo | None[source]#
- timApp.user.userutils.get_or_create_default_right_document(folder: timApp.folder.folder.Folder, object_type: timApp.item.block.BlockType) timApp.document.docinfo.DocInfo[source]#
- timApp.user.userutils.get_user_id_by_name(name: str) int | None[source]#
Gets the id of the specified username.
- Parameters
name – The name of the user.
- Returns
The id of the user or None if the user does not exist.
- timApp.user.userutils.grant_access(group: timApp.user.usergroup.UserGroup, block: timApp.item.item.ItemBase | timApp.item.block.Block, access_type: timApp.auth.accesstype.AccessType, accessible_from: Optional[datetime.datetime] = None, accessible_to: Optional[datetime.datetime] = None, duration_from: Optional[datetime.datetime] = None, duration_to: Optional[datetime.datetime] = None, duration: Optional[datetime.timedelta] = None, require_confirm: Optional[bool] = None, replace_active_duration: bool = True) timApp.auth.auth_models.BlockAccess[source]#
Grants access to a group for a block.
- Parameters
require_confirm – Whether this access needs to be later confirmed by someone with manage access.
duration_from – The optional start time for duration unlock.
duration_to – The optional end time for duration unlock.
accessible_from – The optional start time for the permission.
accessible_to – The optional end time for the permission.
duration – The optional duration for the permission.
group – The group to which to grant view access.
block – The block for which to grant view access.
access_type – The kind of access. Possible values are listed in accesstype table.
replace_active_duration – If true, replaces any existing access with the new one. If false and the access being granted is duration, modifies the end time of the permission to account for new duration.
- Returns
The BlockAccess object.
- timApp.user.userutils.grant_default_access(groups: list[timApp.user.usergroup.UserGroup], folder: timApp.folder.folder.Folder, access_type: timApp.auth.accesstype.AccessType, object_type: timApp.item.block.BlockType, accessible_from: Optional[datetime.datetime] = None, accessible_to: Optional[datetime.datetime] = None, duration_from: Optional[datetime.datetime] = None, duration_to: Optional[datetime.datetime] = None, duration: Optional[datetime.timedelta] = None) list[timApp.auth.auth_models.BlockAccess][source]#
- timApp.user.userutils.is_some_default_right_document(doc: timApp.document.docinfo.DocInfo) bool[source]#