Table Of Contents

Previous topic

9.4. LDAPServer

Next topic

9.6. HostResolver

9.5. UserList

The UserList implements checking whether a user name matches the given User List policy. Note that the match is case sensitive.

9.5.1. Configuration example

[user_list]
# Name of the User List policy configured in SPS (Policies -> User Lists)
; name = <user-list-policy-name>

9.5.1.1. Checking whether a user name matches a User List

In this example we’ll use the following configuration to check User List membership of user ‘administrator’

[user_list]
# Name of the User List policy configured in SPS (Policies -> User Lists)
name = my_user_list_policy

from safeguard.sessions.plugin import PluginConfiguration
from safeguard.sessions.plugin import UserList

class Plugin:
   def __init__(self, configuration):
       self.__config = PluginConfiguration(configuration)
       self.__user_list = UserList.from_config(self.__config)
       is_matched = self.__user_list.check_user('administrator')
class safeguard.sessions.plugin.user_list.UserList(users, default)

The UserList represents access to the User List policy in SPS.

Do not instantiate UserList service with its constructor, rather use the from_config() method.

Parameters

  • users (list) – a list of user names, corresponding to the except list in the policy

  • default – ‘all_users’ or ‘no_user’, corresponding to the allow setting in the policy

classmethod from_config(plugin_configuration, section='user_list', name=None)

The from_config() method creates a UserList instance from the given plugin configuration.

Parameters

  • plugin_configuration (PluginConfiguration) – plugin configuration object

  • section (str) – name of the configuration section where the User List policy name is found

  • name (str) – name of the User List policy

Returns

UserList

Raises

RequiredConfigurationSettingNotFound if there is no such section or “name” option in the section defined in the configuration.

Raises

LocalUserListNotFound if the given User List policy is not found.

check_user(username)

The check_user() will match the user name against a User List policy that contains an “allow” and “except” configuration option. The returned value is True in two cases:

  1. the “allow” option equals no_user and the user name is in the “except” list (whitelist case)

  2. the “allow” option equals all_users and the user name is not in the “except” list (blacklist case)

otherwise the return value is False.

Note: the check in the “except” list is case sensitive.

Parameters

username (str) – the user name to check

Returns

bool

9.5.2. Exceptions

exception safeguard.sessions.plugin.user_list_exceptions.LocalUserListNotFound(user_list_name)

The LocalUserListNotFound exception is raised when the configured local user list cannot be found.