19.1.52. camcops_server.cc_modules.cc_user¶
Copyright (C) 2012-2018 Rudolf Cardinal (rudolf@pobox.com).
This file is part of CamCOPS.
CamCOPS is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
CamCOPS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with CamCOPS. If not, see <http://www.gnu.org/licenses/>.
-
class
camcops_server.cc_modules.cc_user.
SecurityAccountLockout
(**kwargs)[source]¶ -
classmethod
delete_old_account_lockouts
(req: CamcopsRequest) → None[source]¶ Delete all expired account lockouts.
-
classmethod
-
class
camcops_server.cc_modules.cc_user.
SecurityLoginFailure
(**kwargs)[source]¶ -
classmethod
act_on_login_failure
(req: CamcopsRequest, username: str) → None[source]¶ Record login failure and lock out user if necessary.
-
classmethod
clear_dummy_login_failures_if_necessary
(req: CamcopsRequest) → None[source]¶ Clear dummy login failures if we haven’t done so for a while.
Not too often! See CLEAR_DUMMY_LOGIN_FREQUENCY_DAYS.
-
classmethod
clear_login_failures
(req: CamcopsRequest, username: str) → None[source]¶ Clear login failures for a user.
-
classmethod
clear_login_failures_for_nonexistent_users
(req: CamcopsRequest) → None[source]¶ Clear login failures for nonexistent users.
Login failues are recorded for nonexistent users to mimic the lockout seen for real users, i.e. to reduce the potential for username discovery.
-
classmethod
enable_user
(req: CamcopsRequest, username: str) → None[source]¶ Unlock user and clear login failures.
-
classmethod
-
class
camcops_server.cc_modules.cc_user.
User
(**kwargs)[source]¶ Class representing a user.
-
agree_terms
(req: CamcopsRequest) → None[source]¶ Mark the user as having agreed to the terms/conditions of use now.
Is the user authorized to run reports?
Is the user authorized to dump data?
-
enable
(req: CamcopsRequest) → None[source]¶ Re-enables a user, unlocking them and clearing login failures.
-
classmethod
get_system_user
(dbsession: sqlalchemy.orm.session.Session) → camcops_server.cc_modules.cc_user.User[source]¶ Returns a user representing “command-line access”.
-
classmethod
get_user_from_username_password
(req: CamcopsRequest, username: str, password: str, take_time_for_nonexistent_user: bool = True) → Union[User, NoneType][source]¶ Retrieve a User object from the supplied username, if the password is correct; otherwise, return None.
-
is_locked_out
(req: CamcopsRequest) → bool[source]¶ Is the user locked out because of multiple login failures?
-
locked_out_until
(req: CamcopsRequest) → Union[pendulum.datetime.DateTime, NoneType][source]¶ When is the user locked out until (or None)?
Returns datetime in local timezone (or None).
-
login
(req: CamcopsRequest) → None[source]¶ Called when the framework has determined a successful login.
Clears any login failures. Requires the user to change their password if policies say they should.
-
may_register_devices
¶ You can register a device if your chosen upload groups allow you to do so. (You have to have a chosen group – even for superusers – because the tablet wants group ID policies at the moment of registration, so we have to know which group.)
-
may_view_all_patients_when_unfiltered
¶ May the user view all patients when no filters are applied?
-
may_view_no_patients_when_unfiltered
¶ May the user view no patients when no filters are applied?
-
must_agree_terms
¶ Does the user still need to agree the terms/conditions of use?
-