GitHub-only

WARNING: If you are reading this on GitHub, DON'T! Read the documentation at docs.plone.org so you have working references and proper formatting.

plone.api.user

Module that provides functionality for user manipulation.

plone.api.user.create(email=None, username=None, password=None, roles=('Member', ), properties=None)

Create a user.

Parameters:
  • email (string) -- [required] Email for the new user.
  • username (string) -- Username for the new user. This is required if email is not used as a username.
  • password (string) -- Password for the new user. If it's not set we generate a random 8-char alpha-numeric one.
  • properties (dict) -- User properties to assign to the new user. The list of available properties is available in portal_memberdata through ZMI.
Returns:

Newly created user

Return type:

MemberData object

Raises:

MissingParameterError InvalidParameterError

Example:

Create user

plone.api.user.delete(username=None, user=None)

Delete a user.

Arguments username and user are mutually exclusive. You can either set one or the other, but not both.

Parameters:
  • username (string) -- Username of the user to be deleted.
  • user (MemberData object) -- User object to be deleted.
Raises:

MissingParameterError InvalidParameterError

Example:

Delete user

plone.api.user.get(userid=None, username=None)

Get a user.

Plone provides both a unique, unchanging identifier for a user (the userid) and a username, which is the value a user types into the login form. In many cases, the values for each will be the same, but under some circumstances they will differ. Known instances of this behavior include:

  • using content-based members via membrane
  • users changing their email address when using email as login is enabled

We provide the ability to look up users by either.

Parameters:
  • userid (string) -- Userid of the user we want to get.
  • username (string) -- Username of the user we want to get.
Returns:

User

Return type:

MemberData object

Raises:

MissingParameterError

Example:

Get user

plone.api.user.get_current()

Get the currently logged-in user.

Returns:Currently logged-in user
Return type:MemberData object
Example:Get currently logged-in user
plone.api.user.get_permissions(username=None, user=None, obj=None)

Get user's site-wide or local permissions.

Arguments username and user are mutually exclusive. You can either set one or the other, but not both. if username and user are not given, the authenticated member will be used.

Parameters:
  • username (string) -- Username of the user for which you want to check the permissions.
  • user (MemberData object) -- User object for which you want to check the permissions.
  • obj (content object) -- If obj is set then check the permissions on this context. If obj is not given, the site root will be used.
Raises:

InvalidParameterError

Example:

Get user permissions

plone.api.user.get_roles(username=None, user=None, obj=None, inherit=True)

Get user's site-wide or local roles.

Arguments username and user are mutually exclusive. You can either set one or the other, but not both. if username and user are not given, the currently authenticated member will be used.

Parameters:
  • username (string) -- Username of the user for which to get roles.
  • user (MemberData object) -- User object for which to get roles.
  • obj (content object) -- If obj is set then return local roles on this context. If obj is not given, the site root local roles will be returned.
  • inherit (bool) -- if obj is set and inherit is False, only return local roles
Raises:

MissingParameterError

Example:

Get user roles

plone.api.user.get_users(groupname=None, group=None)

Get all users or all users filtered by group.

Arguments group and groupname are mutually exclusive. You can either set one or the other, but not both.

Parameters:
  • groupname -- Groupname of the group of which to return users. If set, only return users that are member of this group.
  • group (GroupData object) -- Group of which to return users. If set, only return users that are member of this group.
Returns:

All users (optionlly filtered by group)

Return type:

List of MemberData objects

Example:

Get all users, Get group's users

plone.api.user.grant_roles(username=None, user=None, obj=None, roles=None)

Grant roles to a user.

Arguments username and user are mutually exclusive. You can either set one or the other, but not both. if username and user are not given, the authenticated member will be used.

Parameters:
  • username (string) -- Username of the user that will receive the granted roles.
  • user (MemberData object) -- User object that will receive the granted roles.
  • obj (content object) -- If obj is set then grant roles on this context. If obj is not given, the site root will be used.
  • roles (list of strings) -- List of roles to grant
Raises:

InvalidParameterError MissingParameterError

Example:

Grant roles to user

plone.api.user.has_permission(permission, username=None, user=None, obj=None)

Check whether this user has the given permssion.

Arguments username and user are mutually exclusive. You can either set one or the other, but not both. if username and user are not given, the authenticated member will be used.

Parameters:
  • permission (string) -- The permission you wish to check
  • username (string) -- Username of the user for which you want to check the permission.
  • user (MemberData object) -- User object for which you want to check the permission.
  • obj (content object) -- If obj is set then check the permission on this context. If obj is not given, the site root will be used.
Raises:

InvalidParameterError

Returns:

True if the user has the permission, False otherwise.

Return type:

bool

plone.api.user.is_anonymous()

Check if the currently logged-in user is anonymous.

Returns:True if the current user is anonymous, False otherwise.
Return type:bool
Example:Check if current user is anonymous
plone.api.user.revoke_roles(username=None, user=None, obj=None, roles=None)

Revoke roles from a user.

Arguments username and user are mutually exclusive. You can either set one or the other, but not both. if username and user are not given, the authenticated member will be used.

Parameters:
  • username (string) -- Username of the user that will receive the revoked roles.
  • user (MemberData object) -- User object that will receive the revoked roles.
  • obj (content object) -- If obj is set then revoke roles on this context. If obj is not given, the site root will be used.
  • roles (list of strings) -- List of roles to revoke
Raises:

InvalidParameterError

Example:

Revoke roles from user