8.5. UserList¶
The UserList implements checking whether a user name matches the given User List policy. Note that the match is case sensitive.
8.5.1. Configuration example¶
[user_list]
# Name of the User List policy configured in SPS (Policies -> User Lists)
; name = <user-list-policy-name>
8.5.1.1. Checking whether a user name matches a User List¶
In this example we’ll use the following configuration to check User List membership of user ‘administrator’
[user_list]
# Name of the User List policy configured in SPS (Policies -> User Lists)
name = my_user_list_policy
from safeguard.sessions.plugin import PluginConfiguration
from safeguard.sessions.plugin import UserList
class Plugin:
def __init__(self, configuration):
self.__config = PluginConfiguration(configuration)
self.__user_list = UserList.from_config(self.__config)
is_matched = self.__user_list.check_user('administrator')
-
class
safeguard.sessions.plugin.user_list.
UserList
(users, default)¶ The
UserList
represents access to the User List policy in SPS.Do not instantiate UserList service with its constructor, rather use the
from_config()
method.- Parameters
users (list) – a list of user names, corresponding to the except list in the policy
default – ‘all_users’ or ‘no_user’, corresponding to the allow setting in the policy
-
classmethod
from_config
(plugin_configuration, section='user_list', name=None)¶ The
from_config()
method creates aUserList
instance from the given plugin configuration.- Parameters
plugin_configuration (
PluginConfiguration
) – plugin configuration objectsection (str) – name of the configuration section where the User List policy name is found
name (str) – name of the User List policy
- Returns
- Raises
RequiredConfigurationSettingNotFound
if there is no such section or “name” option in the section defined in the configuration.- Raises
LocalUserListNotFound
if the given User List policy is not found.
-
check_user
(username)¶ The
check_user()
will match the user name against a User List policy that contains an “allow” and “except” configuration option. The returned value is True in two cases:the “allow” option equals
no_user
and the user name is in the “except” list (whitelist case)the “allow” option equals
all_users
and the user name is not in the “except” list (blacklist case)
otherwise the return value is False.
Note: the check in the “except” list is case sensitive.
- Parameters
username (str) – the user name to check
- Returns
bool
8.5.2. Exceptions¶
-
exception
safeguard.sessions.plugin.user_list_exceptions.
LocalUserListNotFound
(user_list_name)¶ The
LocalUserListNotFound
exception is raised when the configured local user list cannot be found.