rattail.db.model.users

Data Models for Users & Permissions

class rattail.db.model.users.Permission(**kwargs)[source]

Represents permission a role has to do a particular thing.

class rattail.db.model.users.Role(**kwargs)[source]

Represents a role within the system; used to manage permissions.

adminish

Flag indicating that the role is “admin-ish” - i.e. only users who belong to the true Administrator role, should be allowed to (un)assign users to this role.

name

Name for the role. Each role must have a name, which must be unique.

node_type

Type of node for which this role is applicable. This is probably only useful if the sync_me flag is set.

If set, this value must match a node’s configured type, or else it will be ignored by that node. See also node_type() for how a node’s type is determined. If there is no value set for this field then the role will be honored by all nodes in which it exists (which is just one unless sync_me is set, in which case all nodes would have it).

It is useful in combination with sync_me in that it allows a certain role to be “global” (synced) and yet only be “effective” for certain nodes. Probably the most common scenario is where you have a host node and several store nodes, and you want to manage the store roles “globally” but avoid granting unwanted access to the host node. So you’d set the sync_me flag but also set node_type to e.g. 'store'.

notes

Any arbitrary notes for the role.

session_timeout

Optional session timeout value for the role, in seconds. If this is set to zero, the role’s users will have no session timeout. A value of None means the role has no say in the timeout.

sync_me

Flag indicating that the Role - its primary attributes, and list of permissions - should be synced across all nodes.

So if set, when the role changes at one node then that change should propagate to all other nodes.

Note that this does not include the user list by default; see sync_users to add that.

Note that if this flag is set, the role will be synced to all nodes regardless of node type. See also node_type.

sync_users

Flag indicating that the user list for the role should be synced across all nodes. This has no effect unless sync_me is also set.

Note that if this flag is set, the role’s user list will be synced to all nodes regardless of node type. See also node_type.

class rattail.db.model.users.User(**kwargs)[source]

Represents a user of the system.

This may or may not correspond to a real person, i.e. some users may exist solely for automated tasks.

active

Whether the user is active, e.g. allowed to log in via the UI.

active_sticky

Optional flag, motivation behind which is as follows: If you import user accounts from another system, esp. on a regular basis, you might be keeping the active flag in sync along with that. But in some cases you might want to not keep the active flag in sync, for certain accounts. Hence this “active sticky” flag, which may be used to mark certain accounts as off-limits from the general active flag sync.

api_tokens

List of API tokens for the user.

property email_address

DEPRECATED

Convenience attribute which invokes get_email_address().

Note

The implementation of this may change some day, e.g. if the User is given an association to EmailAddress in the data model.

property employee

DEPRECATED

Reference to the Employee associated with the user, if any.

events

Sequence of events for the user.

get_email_address()[source]

DEPRECATED

Returns the primary email address for the user (as unicode string), or None. Note that currently there is no direct association between a User and an EmailAddress, so the Person and Customer relationships are navigated in an attempt to locate an address.

get_short_name()[source]

Returns “short name” for the user. This is for convenience of mobile view, at least…

is_admin()[source]

Convenience method to determine if current user is a member of the Administrator role.

last_login

Timestamp when user last logged into the system.

local_only

Flag indicating the user account is somehow specific to the “local” app node etc. and should not be synced elsewhere.

person

Reference to the person whose user account this is.

prevent_password_change

If set, this user cannot change their own password, and the password is not editable when e.g. a manager edits this user record. So if set, only root can change this user’s password.

sent_messages

List of all messages which have ever been sent by the user.

class rattail.db.model.users.UserAPIToken(**kwargs)[source]

User authentication token for use with Tailbone API

created

Date/time when the token was created.

description

Description of the token.

token_string

Token string, to be used by API clients.

user

Reference to the User associated with the token.

user_uuid

Reference to the User associated with the token.

class rattail.db.model.users.UserEvent(**kwargs)[source]

Represents an event associated with a user.

occurred

Timestamp at which the event occurred.

type_code

Type code for the event.

user

Reference to the user whose event this is.

class rattail.db.model.users.UserRole(**kwargs)[source]

Represents the association between a User and a Role.