User and user group management
You can administer users and user groups using the command-line interface.
You can manage the system by working with the following
objects on the command-line interface:
- Users
- See Users object for more information.
- User
- See User object for more information.
- Groups
- See Groups object for more information.
- Group
- See Group object for more information.
- Roles
- See Roles object for more information.
Users object
A Users object represents the collection of users defined to the PureApplication® Software. Objects of this type are used to create, delete, iterate over, list and search for users on the PureApplication Software.
Help
is available on the command-line interface for
the users object. To get help, pass the Users object
as an argument to the help() function, as shown in
the following example:
>>> help(admin.users)For more information about working with resource objects on the command-line interface, see Related concepts section.
Users methods
The Users object has the following
methods:
- admin
- Returns a User object representing
the administrative user on the system. For additional help on the User object returned, enter the following
command:
>>> help(admin.users.admin()) - self
- Returns a User object representing
the current user of the command-line interface on
the system. For additional help on the User object
returned, enter the following command:
>>> help(admin.users.self())
User object
A User object represents a particular user defined to the PureApplication Software system. Use this object to query and manipulate the user definition on the system. Attributes of the User object and relationships between the User object and other resources in PureApplication Software are represented as Jython attributes on the User object. Manipulate these Jython attributes using standard Jython mechanisms to change the corresponding PureApplication Software data.The User object can contain many of each type of the following objects:
- Clouds
- The cloud groups owned by this user.
- EnvironmentProfiles
- The environment profiles that are owned by this user are available. For more information, see the Related reference section.
- Groups
- The groups to which this user belongs. The Groups object
has the following attribute:
- groupsowned
- The groups owned by this user.
- Parts
- The parts owned by this user.
- Patterns
- The patterns owned by this user.
- Scripts
- The script packages owned by this user.
- VirtualImages
- The virtual images owned by this user.
- VirtualSystems
- The classic virtual system instances owned by this user.
Help is available on the command-line interface for
the User object. To get help, pass
the User object as an argument to
the help() function, as shown in the following example:
>>> help(admin.user)User Attributes
When
creating a user, the username, fullname and email attributes
are required. The password attribute is optional.
The User object has the following
attributes:
- clouds
- The cloud groups owned by this user.
- currentmessage
- The message associated with the status of the user. This field is an eight character string value that is automatically generated by the system. This field is read-only.
- currentmessage_text
- Specifies the textual representation of currentmessage. This field is a string representation of currentmessage in the preferred language of the requester and is automatically generated by the system.
- currentstatus
- The status of the user. This field is an eight character string value that is automatically generated by the system. This field is read-only.
- currentstatus_text
- Specifies the textual representation of currentstatus. This field is a string representation of currentstatus in the preferred language of the requester and is automatically generated by the system.
- deploymentoptions
- Indicates what deployment options are available to this user: cloud, environment profile, or all of these options. Valid values are: 0, 1, 2, 3, 4, 5, 6, 7.
- The email address of the user. This field is a string value and has a maximum length of 128 characters.
- environmentprofiles
- The environment profiles owned by this user.
- fullname
- The full name of the user. This field is a string value and has a maximum length of 64 characters.
- groups
- The groups to which this user belongs. This attribute specifies the list of unfirm resource identifiers (URIs) of the groups to which this user belongs. The URIs are relative and must be resolved against the URI of the user that contains them.
- id
- The ID of the user. This field is read-only. This value is numeric and is automatically generated by the system.
- parts
- The parts owned by this user.
- password
- The password of the user. This field is a write-only string value and has a maximum length of 128 characters.
- patterns
- The patterns owned by this user.
- roles
- The roles currently assigned to this user. See the description of the roles object for more information.
- scripts
- The script packages owned by this user.
- username
- The login name for the user. This field is a string value and has a maximum length of 64 characters.
- virtualimages
- The virtual images owned by this user.
- virtualsystems
- The classic virtual system instances owned by this user.
Roles object
Use
the Roles object to view and manipulate
the roles assigned to a particular PureApplication Software user.
Roles are specified using the following string values:
- admin.PATTERN_CREATOR_ROLE
- admin.PROFILE_CREATOR_ROLE
- admin.CATALOG_CREATOR_ROLE
- admin.ILMT_USER_ROLE
- admin.ROLE_ADMIN_ROLE
- admin.WORKLOAD_ADMIN_READONLY_ROLE
- admin.WORKLOAD_ADMIN_ROLE
- admin.CLOUD_ADMIN_READONLY_ROLE
- admin.CLOUD_ADMIN_ROLE
- admin.HARDWARE_READONLY_ROLE
- admin.HARDWARE_ADMIN_ROLE
- admin.AUDIT_READONLY_ROLE
- admin.AUDIT_ROLE
- admin.SECURITY_ADMIN_ROLE
- admin.SECURITY_READONLY_ROLE
- admin.USER_ADMIN_READONLY_ROLE
Help is available on the command-line interface for
the Roles object. To get help, pass the name of the
object as an argument to the help() function, as
shown in the following example:
>>> help(admin.user.roles)Roles methods
You can use the following methods on a Roles object:
- __iadd__(other)
- This method is started implicitly by Jython when you use the +=
operator on a roles object. It accepts a single parameter that can
be either a role or a list of roles. The roles or list of roles are
added to the set of roles for the user, as shown in the following
example:
>>> user1.roles += admin.CLOUD_ADMIN_ROLE - __isub__(other)
- This method is started implicitly by Jython when you use the -=
operator on a roles object. It accepts a single parameter that can
be either a role or a list of roles. The roles or list of roles are
removed from the set of roles for the user, as shown in the following
example:
>>> user1.roles -= admin.CLOUD_ADMIN_ROLE - __iter__()
- This method is started implicitly by Jython when a roles object is used in a context that requires iterating over its elements. It returns an iterator that lists the roles assigned to the user.
- __lshift__(other)
- This method is started implicitly by Jython when you use the left
shift operator ('<<') on a roles object. Its single parameter
can be either a role or a list of roles. The roles or list of roles
are added to the set of roles for the user, as shown in the following
example:
>>> user2.roles << admin.CLOUD_ADMIN_ROLE - __repr__()
- Returns a string representation of the roles for the user.
- __rshift__(other)
- This method is started implicitly by Jython when you use the right
shift operator ('>>') on a roles object. Its single parameter can
be either a role or a list of roles. The roles or list of roles are
removed from the set of roles for the user, as shown in the following
example:
>>> user2.roles >> admin.CLOUD_ADMIN_ROLE - __str__()
- Returns a string representation of the roles for the user.
- __unicode__()
- Returns a string representation of the roles for the user.
Groups object
A Groups object represents the collection of user groups defined to the PureApplication Software. Objects of this type are used to create, delete, iterate over, list and search for user groups on the PureApplication Software.
Help
is available on the command-line interface for
the Groups object. To get help,
pass the Groups object as an argument
to the help() function, as shown in the following
example:
>>> help(admin.groups)Group object
A Group object represents a particular user group defined on the PureApplication Software. Use the Group object to query and manipulate the user group definition on the system. Attributes of the user group and relationships between the user group and other resources are represented, by PureApplication Software, as Jython attributes on the Group object. Manipulate these Jython attributes using standard Jython mechanisms to change the corresponding PureApplication Software data.
The Group object belongs to the User object and can have many links to the User object.
Help is available on the command-line interface for
the Group object. To get help, pass
the Group object as an argument
to the help() function, as shown in the following
example:
>>> help(admin.group)Group Attributes
When
creating a group, the name and description attributes are required. The Group object has the following attributes:
- created
- Creation time of the user group, as number of seconds since midnight, January 1, 1970 UTC. When the user group is displayed, this value is shown as the date and time in the local timezone. This value is numeric and is automatically generated by the system. This attribute is read-only.
- description
- The description of the user group. This attribute is a string value with a maximum of 128 characters.
- id
- The ID of the user group. This value is numeric and is automatically generated by the system. This attribute is read-only.
- name
- The name associated with this user group. Each user group must have a unique name. This field is a string value with a maximum of 64 characters.
- owner
- A user object that references the owner of this group. For more
information about the properties and methods supported by user objects,
enter the following command:
>>> help(admin.user) - roles
- The roles currently assigned to this group. See the description of the roles object for more information.
- updated
- The time the user group was last updated, as number of seconds since midnight, January 1, 1970 UTC. When the user group is displayed, this value is shown as the date and time in the local timezone. This value is numeric and is automatically generated by the system. This attribute is read-only.
- users
- The users that belong to this group.
Group.Roles object
Use
the Group.Roles object to view and
manipulate the roles assigned to a particular group on the PureApplication Software system.
Roles are specified using the following constants:
- admin.PATTERN_CREATOR_ROLE
- admin.PROFILE_CREATOR_ROLE
- admin.CATALOG_CREATOR_ROLE
- admin.ILMT_USER_ROLE
- admin.ROLE_ADMIN_ROLE
- admin.WORKLOAD_ADMIN_READONLY_ROLE
- admin.WORKLOAD_ADMIN_ROLE
- admin.CLOUD_ADMIN_READONLY_ROLE
- admin.CLOUD_ADMIN_ROLE
- admin.HARDWARE_READONLY_ROLE
- admin.HARDWARE_ADMIN_ROLE
- admin.AUDIT_READONLY_ROLE
- admin.AUDIT_ROLE
- admin.SECURITY_ADMIN_ROLE
- admin.SECURITY_READONLY_ROLE
- admin.USER_ADMIN_READONLY_ROLE
Help is available on the command-line interface for
the Roles object. To get help, pass
the name of the object as an argument to the help() function,
as shown in the following example:
>>> help(admin.self().roles)Group.Roles methods
You can use the following methods on a Group.Roles object:
- __iadd__(other)
- This method is started implicitly by Jython when you use the += operator
on a Group.Roles object. It accepts a single parameter
that can be either a role or a list of roles. Roles or lists of roles
are added to the set of roles for the group. For example:
>>> group1.roles += admin.CLOUD_ADMIN_ROLE - __isub__(other)
- This method is started implicitly by Jython when you use the -= operator
on a Group.Roles object. This method accepts a single
parameter that can be either a role or a list of roles. The role or
roles are removed from the set of roles for the group, as shown in
the following example:
>>> group1.roles -= admin.CLOUD_ADMIN_ROLE - __iter__()
- This method is started implicitly by Jython when a Group.Roles object is used in a context that requires iterating over its elements. It returns an iterator that lists the roles assigned to the group.
- __lshift__(other)
- This method is started implicitly by Jython when you use the left
shift operator ('<<') on a Group.Roles object.
Its single parameter can be either a role or a list of roles, all
of which are added to the set of roles for the group. For example:
>>> group2.roles << admin.CLOUD_ADMIN_ROLE - __repr__()
- Returns a string representation of the roles for the group.
- __rshift__(other)
- This method is started implicitly by Jython when you use the right
shift operator ('>>') on a Roles object. This method has a
single parameter that can be either a role or a list of roles. The
roles, or list of roles, are removed from the set of roles for the
group, as shown in the following example:
>>> group2.roles >> admin.CLOUD_ADMIN_ROLE - __str__()
- Returns a string representation of the roles for the group.
- __unicode__()
- Returns a string representation of the roles for the user.